Data Protection Statement of Yunneng Wind Power Co., Ltd. 

 
Yunneng Wind Power Co., Ltd. (hereinafter referred to as "Company", “Controller“, “Non-Government Agency“ or “YWPC”) is pleased that you are visiting our website. We take the protection of your personal data during processing in accordance with the statutory data protection regulations very seriously. 
 
The following Data Protection Statement provides you (hereinafter also referred to as "customer", "data subject" or "user") with an overview of how we ensure this protection and what type of data is collected for what purpose. 
 
 

I. Name and address of the Company / Controller / Non-Government Agency 

The responsible party within the meaning of the EU General Data Protection Regulation (hereinafter referred to as "GDPR"), the Personal Data Protection Act (hereinafter referred to as "PDPA") and other applicable national data protection laws is: 
 
Yunneng Wind Power Co., Ltd. 
8F., No. 1, Section 5, Nanjing East Road, 
Songshan District, Taipei City,105410,  
Taiwan (R.O.C.) 
Tel.: +886 (0)2 8978 5869 
Fax: +886 (0)2 8978 5863 
Email: contact@owf-yunlin.tw  
 
 

II. Contact details for data protection 

Xian-Shuen (XS) Koo 
Email: contact@owf-yunlin.tw  
 
 

III. Terms and definitions 

The definitions and terms are based on GDPR, PDPA and other data protection regulations. Particularly the definitions of Art. 4, 9 GDPR and Art. 2 PDPA shall apply. 
 
 

IV. General principles and data subject rights 

1. Scope of the processing of personal data 
We process your personal data only to the following extent, as far as this is necessary for the provision of our web and online services, including a functioning website: 
 

• Users of our website and interested parties 

• Contact requests via email or telephone 

 
We will not require you to provide sensitive personal data (e.g. medical records, political inclination, religions belief, criminal records, genetics, and sexual orientation), and further request that you do not provide such data.  Any such data provided to us voluntarily, however, will be processed in accordance with this Policy. 
 
2. Legal framework 
Where personal data is processed on the basis of the data subject's consent, the legal basis for the processing is Art. 6 (1)(a) GDPR and/or Art. 19.1 (5) PDPA. 
 
Where personal data is processed for the performance of a contract to which the data subject is a party, the legal basis is Art. 6 (1)(b) GDPR and/or Art. 19.1 (2) PDPA; this also applies to processing necessary for the performance of pre-contractual measures. 
 
If personal data is processed for compliance with a legal obligation to which we are subject, the legal basis is Art. 6(1)(c) GDPR and/or Art. 19.1 (1) PDPA. 
 
In the event that the vital interests of the data subject or another natural person require the processing of personal data, the legal basis is Art. 6 (1)(d) GDPR. 
 
If processing is carried out to protect our legitimate interests or those of a third party and the interests, fundamental rights and freedoms of the data subjects are not overridden; Art. 6(1)(f) GDPR and/or Art. 19.1 (8) PDPA are the legal basis for the processing. 
 
The legal basis for the processing of personal data can be found in Art. 6 GDPR and/or Art. 6 and 19 PDPA. 
 
3. Possible recipients of personal data 
In order to provide our web and online services as well as for the general provision of our services, we sometimes use IT service providers, IT developers, external consultants, cloud or archiving service providers who may act on our behalf and according to instructions in the context of the provision of services (so-called “processors” and/or “service providers“ acting on behalf of the commissioning agency). These service providers may receive personal data or come into contact with personal data in the course of providing the service and constitute third parties or recipients within the meaning of the GDPR and PDPA. 
 
In such a case, we ensure that our service providers take sufficient security measures, that appropriate technical and organisational measures are in place and that processing operations are carried out in such a way that they comply with the relevant data protection provisions and ensure the protection of the rights of data subjects (cf. Art. 28 GDPR and/or Art. 4 PDPA). 
 
Furthermore, your personal data will be used by us and potentially our shareholders and their affiliates, and might be shared with our service partners, legal and regulatory authorities. 
 
4. Data subjects' rights 
The GDPR and PDPA grant certain rights to persons affected by the processing of personal data (so-called data subject rights, in particular Art. 12 to 22 GDPR and Art. 3, 11 PDPA). If you would like to make use of one or more of these rights listed below, you can contact us at any time. As a data subject, you have the following rights in particular: 
 
a) For data subjects under the territorial scope of GDPR: Right to information pursuant to Art. 15 GDPR, Right to rectification pursuant to Art. 16 GDPR, Right of deletion according to Art. 17 GDPR, Right to restriction of processing pursuant to Art. 18 GDPR, Right to data portability pursuant to Art. 20 GDPR, Right of objection pursuant to Art. 21 GDPR, Right to revoke consent pursuant to Art. 7 (3) GDPR, Right of complaint pursuant to Art. 77 GDPR. 

b) For data subjects under the territorial scope of PDPA: Right to make an inquiry of and to review his/her personal data pursuant to Art. 3 (1) PDPA, Right to request a copy of his/her personal data pursuant to Art. 3 (2) PDPA, Right to supplement or correct his/her personal data pursuant to Art. 3 (3) PDPA, Right to demand the cessation of the collection, processing or use of his/her personal data pursuant to Art. 3 (4) PDPA, Right to erase his/her personal data pursuant to Art. 3 (5) PDPA. 
 
5. No obligation to provide personal data 
We do not make the conclusion of contracts or the fulfilment of our online services with us dependent on you providing us with personal data beforehand. As a customer, interested party, website user or data subject, you are under no legal or contractual obligation to provide us with your personal data; however, we may only be able to provide certain services to a limited extent or not at all if you do not provide the necessary data. 
 
 

V. Data collection through the informative use of our website 

1. Description and scope of data processing 
Each time our website is accessed, our systems automatically record data and information from the computer system of the accessing computer. In particular, the following log files are processed: 
 

• Browser type and browser version 

• Operating system used 

• Referrer URL 

• Host name of the accessing computer 

• Date and time of the server request 

• IP Address 

 
This data is not merged with other data sources. 
 
2. Purpose and legal basis of data processing 
We collect, processes and uses personal data you provide for the following purposes: to provide our web / online services to you; to operate and improve our website to provide more effective services; to conduct customer service quality surveys and analysis and to enhance the communication with you. 
 
The temporary storage of the IP address and possibly other log files by the systems each time our website is called up is necessary to enable the website to be made available to your computer. This is required for addressing the communication traffic between the user and our web and online services or is necessary for the use of our website. The legal basis for this data processing - i.e. for the duration of your website visit - is Art. 6 (1)(b), (1)(f) GDPR and/or Art. 19.1 (2), (8) PDPA.  
 
The processing and storage of the IP address and log files beyond the communication process is carried out for the purpose of ensuring the functionality of our web / online services, for the purpose of optimising these offers and for ensuring the security of our information technology systems. The legal basis for storing the IP address for these purposes beyond the communication process is Art. 6 (1)(f) GDPR and/or Art. 19.1 (8) PDPA. 
 
3. Length of storage 
The data is stored for as long as it is necessary to achieve the aforementioned processing purposes. In the case of the collection of data for the provision of the website, this is the case when the respective session - i.e. the website visit - has ended. Any additional storage of log files including the IP address for the purpose of system security and optimisation of our web and online offers is carried out for an appropriate period of time; thereafter, the log and meta data are automatically deleted. 
 
4. Option to object 
The collection of log files for the provision of our website, including their storage within the aforementioned limits, is absolutely necessary for the operation of the website and the individual functions stored there. There is therefore no possibility for the user of the website to object.  
 
 

VI. Contact us 

1. Description and scope of data processing 
To contact us, you can use our email address or telephone number provided on our website. If you make use of these options, personal data will be processed and stored by us for the purpose of answering the enquiry. By providing the services mentioned above, we will collect your personal data which includes but is not limited to name, phone number, email address, internet protocol IP address, any other information that can identify you, records of your consents, information about our Sites (e.g., the type of device you are using), and any views or opinions you provide to us. 
 
2. Purpose and legal basis of data processing 
The processing of this data is based on Art. 6 (1)(a) and (1)(b) GDPR and/or on Art. 19.1 (5) and (2) PDPA. 
 
3. Length of storage 
The data is generally deleted as soon as it is no longer required to achieve the purpose for which it was collected. Insofar as data is no longer required for the fulfilment of contractual or statutory obligations, including commercial and tax retention obligations, as well as for the pursuit of legitimate interests, i.e. for the preservation of evidence within the framework of the statutory limitation provisions, it is regularly deleted. 
 
 

VII. Data processing for the purpose of advertising and marketing 

In addition to the purely informational use of our website, personal data may be processed for the purpose of advertising and/or marketing measures and to conduct customer satisfaction surveys. 
 
Use of personal data for marketing purposes / customer surveys 
Your personal data will only be used for the purpose of advertising and/or marketing approaches as well as for carrying out customer satisfaction surveys if you have given your consent or if there is another legal basis that permits an advertising and/or marketing approach even without consent. As far as legally permissible, we reserve the right to address customers for advertising purposes on the basis of publicly accessible data and/or address data of third parties, which they extract from publicly accessible sources. 
 
In the context of data transmission for advertising and marketing approaches / customer surveys, the following data in particular are processed: 
 
Salutation, surname and first name 
Company, address or post office box 
Email and telephone number 
 
a) The legal basis for advertising and/or marketing measures based on explicit consent is Art. 6 (1)(a) GDPR and/or Art. 19.1 (5) PDPA. 

b) The legal basis for the use of personal data for the purpose of direct advertising is Art. 6 (1)(f) GDPR and/or Art. 19.1 (8) PDPA; the legitimate interest here is to contact potential customers for the purpose of direct advertising for our services. 
 
Personal data is stored and used for advertising purposes for an indefinite period of time, depending on the respective legal basis for the advertising measure (Art. 6 (1)(a) or (1)(f) GDPR and/or Art. 19.1 (5) or (8) PDPA - for data subjects under the territorial scope of GDPR only - until you have objected to the use of your data for advertising purposes or you have revoked your corresponding consent. 
 
For data subjects under the territorial scope of GDPR only: You can revoke your consent to the processing of personal data at any time with effect for the future without giving reasons. For revoke your consent please contact contact@owf-yunlin.tw.  
 
 

VIII. External links 

This website contains links to outside websites. These links when clicked will take visitors to third-party websites. Please be advised that these outside websites are not covered by this Policy. You should consult the respective privacy and security policies of these outside websites. 
 
 

IX. Cookies 

We use so-called "cookies" on our website. Cookies are small text files that your internet browser places and stores on your computer and through which certain information flows to the body that sets the cookie. We only use technically necessary cookies to provide our website to you. We do not process analysis cookies. 
 
The data processing of technically necessary cookies is based on Art. 6 (1)(b) and (1)(f) GDPR and/or Art. 19.1 (2) and (5) PDPA. 
 
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of our website. 
 
 

X. Further information 

Your trust is important to us. Therefore, we would like to answer any questions you may have regarding the processing of your personal data. If you have queries that have not been answered by this Data Protection Statement or if you would like more detailed information on a particular matter, please contact us at any time using the following email address: contact@owf-yunlin.tw 
 
We will regularly review this Policy and reserves the right to amend this Policy at any time in line with business and regulatory changes. Any new revised version of this Policy will be presented on this page. This Data Protection Statement is up-to-date as of February 2025. 
 
Any dispute, claim, matter of construction or interpretation arising out of and from or in any way relating to this website shall be governed by the law of Taiwan and be subject to the exclusive jurisdiction of the District Court of Taipei, Taiwan.