Evaluation Mechanism
While enhancing customer service quality, TNP prioritizes protecting customer
privacy rights and intellectual property. TNP signs confidentiality agreements with
customers to safeguard their confidential information and ensures that employees
adhere to confidentiality protocols during business interactions. The company
conducts comprehensive assessments of the positive and negative economic and
human rights impacts of customer privacy. TNP has established an Information
Security Committee and achieved ISO 27001 Information Security Management
System and BS 10012 Personal Information Protection Management System
certifications. TNP adheres to confidentiality agreements and personal data
protection laws for customer privacy.
本公司根據ISO 27001資訊安全管理系統設定評量機制,並訂定短、中長期目標,2024年未有任何侵犯客戶隱私或遺失客戶資料的投訴事件。
本公司根據ISO 27001資訊安全管理系統設定評量機制,並訂定短、中長期目標,2024年未有任何侵犯客戶隱私或遺失客戶資料的投訴事件。
Reason for the Issue's Importance
Protecting customer privacy and ensuring the proper storage
of customer data has become one of the most critical issues in
global business operations. Violations can significantly damage
a company’s image and may also result in both criminal and civil
liabilities.
Impact and Influence
- Economic Actual Positive Impact:
- Properly handling customer privacy and establishing robust privacy protection mechanisms can enhance customer trust in the business, promoting long-term customer loyalty.
- Complying with privacy regulations and standards may reduce legal risks, maintain the company's reputation, and help stabilize operations.
- Economic Potential Negative Impact:
- Non-compliant privacy handling and leaks will result in legal fines, increasing the company's economic costs.
- Privacy violations may cause customer concerns, leading to customer loss and affecting company revenue.
- Potential Negative Impacts on Corporate Image:
- Privacy breaches may lead to data misuse, affecting environmental sustainability.
- Privacy incidents may cause social distrust in the company, leading to long-term damage to the company's image.
- Potential Positive Impacts on Corporate Image:
- 有效的隱私保護措施有助於減少資訊洩露風險,降低數據洩露對企業環境的負面影響。
- Adhering to privacy protection principles allows the company to adapt better to sustainable development operations.
- Actual Positive Human Rights Impacts:
- Actively protecting customer privacy is a manifestation of respecting individual privacy rights, which helps uphold human rights.
- Providing transparency in privacy information helps customers understand the company's data handling practices, contributing to the protection of human rights.
- Potential Negative Human Rights Impacts:
- Improper data collection and use may exacerbate information asymmetry in society, harming individuals' information autonomy.
- Data misuse may lead to discrimination against specific groups, affecting the principle of human rights equality.
Policy/Strategy
- Regular information security and confidentiality advocacy. Customer-related information, including physical, data, or electronic, must not be disclosed in any form or manner.
- Upload sensitive data to NAS with appropriate permission control and maintain a complete backup system to ensure data integrity.
- Regular audits to establish strict confidentiality measures, preventing improper use of customer privacy and protecting customer and company interests.
Goals and Targets
- Short-term Goals:
Enhance employee training on "Privacy Protection" and "Information Security," conducting at least one session per year.
Each unit must complete an information security selfassessment quarterly. - Mid-term Goals:Continuously update firewalls, antivirus software, document encryption software, and computers. Implement hardware and software controls for sensitive email review and sensitive document notification from printers.
- Long-term Goals:Develop "Information Security Policy" and "Information Security Management Measures." Strictly record and control through internal systems to protect customer information and documents. Approve and manage internal personnel operation permissions according to relevant system regulations.
Management Evaluation Mechanism
The company conducts PDCA (Plan-Do-Check-Act) effectiveness
evaluation mechanism according to ISO/IEC 27001.
Performance and Adjustments
2024年未有任何侵犯客戶隱私或遺失客戶資料的投訴事件。
2024年「隱私權保護」及「資訊安全」方面以傳閱紙本與抽測方式進行宣導與教育訓練。
2024年「隱私權保護」及「資訊安全」方面以傳閱紙本與抽測方式進行宣導與教育訓練。
Preventive or Remedial Measures
All computer equipment is installed with enterprise antivirus
software, which is uniformly and regularly updated to prevent the
spread of computer viruses. A firewall is in place to prevent hacker
intrusions. Document data is encrypted using encryption software
and stored in NAS with regular backups to ensure data storage
security. An access control system is installed in the information
room. All mainframe or ERP system queries and operations must be
logged in with an account and password to prevent business data
leakage.
Sustainable Procurement
台灣銘板自2021年著手規劃提高在地採購比率以降低運輸碳排,2022年本公司整體國內採購家數占比為94%,2023年整體國內採購家數占比為93%。考量勞務與工程請購有保固及契約期間之考量,故先規劃提高原物料在地請購占比由2022年33.7%,提高至2023年57.8%,並於2024年增加國內勞務、工程之合作家數。本公司2024年於勞務、財務、工程之在地採購金額佔總採購金額達89.63%。後續也會透由供應商政策宣導及遴選更多國內的優良合作廠商。
TNP Company Procurement Proportions Over the Past Three Years | |||||||
Contract Type | Procure ment Area | 2022 | 2023 | 2024年 | |||
Number of Suppliers | Proportion of Total Procurement Amount (%) | Number of Suppliers | Proportion of Total Procurement Amount (%) | Number of Suppliers | Proportion of Total Procurement Amount (%) | ||
Labor(Contractin g and Services) | Domesti c | 267 | 48.19 | 241 | 32.43 | 259 | 51.31 |
Foreig | 7 | 0.87 | 7 | 0.43 | 7 | 1 | |
Materials(Raw Materials) | Domesti c | 109 | 33.68 | 101 | 57.75 | 92 | 33.27 |
Foreig | 16 | 6.33 | 16 | 4.94 | 19 | 9.37 | |
Engineering(Constructi on and Equipment) | Domesti c | 11 | 10.84 | 9 | 1.96 | 17 | 5.05 |
Foreig | 1 | 0.09 | 4 | 2.49 | 0 | 0 | |
Total | 411 | 100 | 378 | 100 | 394 | 100 |
Supplier Environmental and Social Evaluation
台灣銘板推動供應商簽署「環保/職安問卷調查」、「不使用限用物質保證書」及「不使用衝突礦產聲明書」。
此外,本公司制定「供應商評分表」,每一年由資材課採購人員進行供應商評核分,針對「當年度交易之原物料供應商」和「前期評核為D級之原物料供應商」進行評分,評分項目包含材料品質、交期達成率、價格優勢、開發能力、服務配合度,針對總得分給予A、B、C、D等級。
於本次報導期間原物料供應商為111家,全部落實檢核作業,檢核率達100%。如評分等級為D,須於規定期限內提交書面改善方案;經三個月限期改善後仍未符合標準者,將被取消合格供應商資格。本公司2024年度供應商全數通過評鑑,無評鑑不合格的廠商。
此外,本公司制定「供應商評分表」,每一年由資材課採購人員進行供應商評核分,針對「當年度交易之原物料供應商」和「前期評核為D級之原物料供應商」進行評分,評分項目包含材料品質、交期達成率、價格優勢、開發能力、服務配合度,針對總得分給予A、B、C、D等級。
於本次報導期間原物料供應商為111家,全部落實檢核作業,檢核率達100%。如評分等級為D,須於規定期限內提交書面改善方案;經三個月限期改善後仍未符合標準者,將被取消合格供應商資格。本公司2024年度供應商全數通過評鑑,無評鑑不合格的廠商。