Over 14 million in Taiwan are our customers, meaning that one out of every two people is a customer of Cathay. For years we have held the business philosophy of being "customer-centric," and aim to provide friendlier products and services that better meet customers' needs in everyday life. Cathay values customers' opinions. We have a number of customer complaint channels and a dedicated unit that handles customer complaints. We also established regulations and the highest principle of "actively handling issues and actively showing concern" that requires our staff to immediately contact customers and propose solutions.

Cathay takes the issue of treating customers fairly very seriously, and has incorporated the spirit of treating customers fairly into core businesses. As a result, Cathay Life, CUB, Cathay Century, and Cathay Futures received the highest recognition of "Excellent" in the 2020 Treating Customers Fairly Evaluation. Cathay Life and CUB both placed first in the first Treating Customers Fairly Evaluation in 2019, and both placed first again in 2020. Cathay Century and Cathay Futures did very well in the 2020 evaluation and received the highest recognition of "Excellent." Cathay Futures is the only non-government-owned futures company among the 3 futures companies to win the award.

Cathay FHC has made active efforts to become a part of customers' social circle through a variety of channels and comprehensive services based on the core values of integrity, accountability, and creativity. We provide solid training to embed the idea of serving in the minds of our employees, so that they can build stronger customer relations, better protect customers' rights and interests, and continually improve their service quality.

Cathay has a Service Quality Committee that sets the Group's service policy based on the principles of protecting customer rights and treating customers fairly. The committee periodically reviews service strategies and projects together with each subsidiary. Meanwhile, the Service Quality Team assembled by each subsidiary plans, implements, and follows up on service quality improvement plans, and listens to the voices of customers so that the Group can continue to provide higher quality services.

Cathay FHC's subsidiaries commission large, reputable market survey companies to conduct satisfaction surveys based on their business attributes. Aspects of the survey include sales personnel, customer services, claims services, counter services, and online services, while outcomes provide us with a basis for further improving our service quality.

We began implementing the net promoter score (NPS) since our 2016 satisfaction survey for examining customer service records and feedback from important points of contact with customers. We hope to continue improving the customer service experience through quantified and qualified analyses, as well as cross-departmental communication and collaboration.

Further upgrading chatbot – Alpha to create stable services through human-machine collaboration

Cathay DDT and subsidiaries have jointly developed a next generation chatbot with "dual AI brain", Alpha, that can streamline customer service processes and was designed with real-life chat dialogues. The dual AI brain consists of two components, FAQ and NLU. The "FAQ brain" can answer questions which are frequently asked by users, while the "NLU brain" can handle questions that are considered to be complex and unclear. In 2020, "Alpha" were brought from CUB and Cathay Life to Cathay Century, Cathay Securities, and Cathay SITE, which made Cathay FHC the only financial institution in Taiwan to provide a chatbot for various tasks in the fields of Customer Service. After Alpha was launched in Cathay Century, Cathay Securities, and Cathay SITE, it has been used nearly 900,000 times with user satisfaction reaching 4.6 stars (5 stars in total). Furthermore, Alpha is used an average of 900,000 times each month on the digital channels of CUB and Cathay Life, and accounts for at least 60% of customer service calls. In the future, Cathay will look into more applications for group-wide users to enjoy exceptional customer services, and also allow Alpha to develop from a “chatbot” into a comprehensive “AI-powered assistant”.

Sound Personal Information Management System

Cathay FHC established a Personal Information Management Committee and a sound personal information management system to properly manage personal information. Facing rapidly changing new technologies and new types of cyber attacks, Cathay Life, CUB, and Cathay Century successively obtained the BSI 10012:2017 Personal Information Management System certification to actively protect customer rights. We are transitioning to new international standards in coordination with international privacy protection trends via international certification institutions, which allow us to comply with the EU's General Data Protection Regulation (GDPR). We are also incorporating the provisions of the new version into the personal information protection process, and continue to upgrade personal information protection mechanisms to provide customers with secured services and system environments.

Cathay FHC and its subsidiaries declare that they respect customers’ personal information in accordance with the law in the Privacy Policy on their official website and explain how they collect, use, and protect the information. We only provide specific personal information to third parties providing products and services after obtaining customers' consent. We may update the privacy policy in coordination with law amendments and the latest technologies at any time to protect users' personal information and customers' rights. If you have any questions regarding this privacy policy or the use of your personal data, you can contact service personnel via the contact information provided on each official website.

Complete Personal Information Protection Education and Training

Cathay FHC organizes annual campaigns, education, and training for raising all employees’ awareness towards personal information protection, so that they understand the regulatory requirements, the scope of their responsibilities, and the various mechanisms, procedures, and measures related to the protection of personal information. The completion rate of personal information training of Cathay FHC and its subsidiaries was 100% in 2020.

Note: The completion rate above excludes employees due to characteristics of their duties and leave plans (temporary dispatch, parental leave, maternity leave, etc.).

Infringement Incident Management

Cathay FHC and its subsidiaries collect, process, and use personal information in accordance with the Personal Data Protection Act and related laws and regulations. Customers are informed of the purpose for collecting personal information and who the information will be shared with, and will not exceed the scope necessary for specific purposes. Customers' rights to access, request to view, make a copy, correct, supplement, cease the collection, processing, and use, or request the deletion of personal information are explicitly stated. All third parties are required to comply with company policies relating to personal information protection. Cathay FHC has aligned its personal information management mechanism with international standards in response to the EU's GDPR, and monitors the optimization and implementation of protection measures, as well as emergency response procedures and drills. Cathay FHC is able to provide more considerate and complete services through these layers of protection for customer data and rights, so that customers and partners can rest assured when they provide their personal information. Cathay FHC and its subsidiaries were not fined for any infringements on personal information in 2020.

In addition to the Personal Information Protection and Administration System (PIPAS) established by CUB, Cathay Life established a private cloud "Personal File Administration Classified Section" in 2020, which improves personal information protection by limiting the personnel with access rights and the time that files can be accessed, thus lowering the risk of important personal information stored on personal computers being leaked. Furthermore, major subsidiaries maintain the effectiveness of their personal information certifications each year to keep our personal information management mechanisms up to date. Cathay Life (subsidiary) implemented PCI DSS in 2020 to enhance encryption and access mechanisms, and expects to obtain the certification of international credit card organizations in 2Q 2021 to ensure transaction security for policy holders.

Continually strengthen response measures to personal data incidents

Cathay FHC and its subsidiaries have all established emergency response procedures and periodic drill mechanism for infringement incidents, and established the cross-departmental emergency response team and regulations for reporting and handling. We enhance the response abilities of employees through periodic drills, preventing the impact of personal information breach incidents on the Company. Besides minimizing the harm caused to parties involved, we also verify the effectiveness of internal operating procedures to identify any deficiencies and continue to improve our personal information protection measures.

Cathay FHC and its subsidiaries attach great importance to the protection of customers' personal information, and were not involved in any customer personal information violations in 2020, which can be verified by the penalties announced by the FSC and material information announced on the MOPS. Still, we handled a total of 17 personal information cases (see the table below for details), either received from customers through complaint channels or found through investigations conducted by sales managers. After looking into the cases, we found that most cases were the result of sales agents neglecting to inform customers of third parties. We have obtained the customers' understanding and will continue to step up education, training, and promotion for service personnel. Cathay FHC will continue to strengthen and monitor the use of customers' personal information, and improve related protection measures to reduce personal information breach incidents.