1. Home
  2. Coporate Governance
  3. Sustainable Corporate Governanc

Sustainable Corporate Governance

Information Security and Privacy Management

PLANET remains committed to meeting the expectations of all stakeholders, including customers, shareholders, suppliers, and employees, by continuously enhancing the effectiveness of information security and privacy management in line with international standards and regulations.

Since 2022, PLANET has obtained the ISO 27001 Information Security Management Systems certification. In 2024, we further strengthened our information and communication security management system by deepening the implementation of ISO 27001 standards.

We also expanded our efforts in digital privacy and data protection in response to emerging InfoSec threats both globally and within Taiwan. As a result, no major incidents impacting operations or violating customer privacy occurred in 2024. The number of information leakage, theft loss, and customer data loss events was 0.

Control of Risks Associated with Information Security

PLANET’s information security management system is evaluated at least once a year or is re-evaluated in case of major changes in the company. The evaluation results are presented at the management review meeting and are revised as appropriate to control and mitigate information security risks.

To ensure comprehensive protection of information and communication security, PLANET has been insured under a "Cyber Liability Insurance" policy since 2023. The renewal for the subsequent year was completed by the end of December 2024, with the coverage period from 1 January 2025 to 1 January 2026. To effectively prevent Infocomm risks, PLANET has established various InfoSec performance indicators and conducts annual reviews of their implementation.

◾ Organizational Structure for Information Security

To continuously strengthen Information and Communication Security governance, PLANET upgraded the original "Information and Communication Security Management Office" to the "Information and Communication Security Management Department" in 2025. Furthermore, the "Information and Communication Security Task Force" has been established to serve as the core unit for promoting information security related tasks.

Information and Communication Security Management Department: As a dedicated department, it is responsible for daily InfoSec management, incident response, and implementation of related strategies. The department includes one InfoSec supervisor and one InfoSec officer.

Information and Communication Security Task Force: Responsible for formulating overall InfoSec policies, risk monitoring, and driving InfoSec projects. The task force comprises an Internal Audit Team, InfoSec Response Team, and Incident Reporting Team, all coordinated by the Information and Communication Security Management Department. Regular meetings are held to ensure consistency and efficiency in decision-making and execution.

Since 2022, the status of information and communication security implementation has been reported to the Board of Directors. The information and communication security implementation results for 2024 were reported to the Board of Directors on December 19, 2024.

◾ Information Security Policy 『Information Security, Everyone's Responsibility』

By strictly following ISO 27001 international standards to establish its information security objectives, PLANET is able to avoid the improper use, leakage, modification and destruction of information caused by human negligence and natural disasters, thus to minimize the potential risks and hazards to the company.