Ethical Management

Interity Management and Anti-corruption

In order to foster a corporate culture of integrity, ensure sound development, and establish a robust business operation model, our company adopted the “Code of Conduct on Integrity” in 2016, as approved by the Board of Directors. This Code requires that all directors, managers, and employees, in the course of conducting business, shall not directly or indirectly offer, promise, solicit, or accept any improper benefits, nor engage in any other acts that violate integrity, laws, or fiduciary duties, in pursuit of or to maintain business advantages. The Code also emphasizes anti-corruption awareness and compliance. The company governance unit serves as the dedicated office for promoting corporate integrity. The head of this unit reports annually to the Board of Directors on the outcomes of integrity initiatives as well as the implementation of preventive measures. To prevent insider trading and the risk of improper information disclosure, the company has established the “Major Information Handling and Insider Trading Prevention Procedures”, applicable to directors, managers, and all employees. These procedures clearly stipulate that anyone with knowledge of non-public material information must not disclose it externally or conduct improper inquiries, ensuring consistency and legality in information disclosure while mitigating the risk of violations. In 2025, the company conducted education, training, and testing on corporate integrity, anti-corruption, and insider trading prevention for directors, managers, and employees, reaching a total of 1,533 participants and 948 hours, to strengthen all personnel’s awareness of and compliance with integrity and legal requirements.

Personal Data Protection Policy

Our company places great importance on the protection of privacy. In compliance with the Personal Data Protection Act, we have established a Personal Data Protection Policy along with rigorous privacy and security management measures. We have also built a data governance system, formulated data standards and classification, implemented controls over data access permissions, and established review mechanisms for data owners, ensuring that data access and sharing are properly governed and protected, and that data availability, integrity, and confidentiality are maintained.

The scope of application covers all operational sites, subsidiaries, customers, and suppliers. Regarding the collection, processing, use, and protection of personal data involved in our operations, we comply with relevant government laws and regulations and use personal data only within the scope permitted by law. We will not provide, rent, or otherwise disclose personal data to third parties in any disguised form, and we implement these measures strictly according to our company’s Personal Data Protection Policy, aiming to safeguard our customers’ data security and privacy rights.

The company’s Legal and Audit departments are responsible for executing and supervising compliance with the Personal Data Protection Policy. In 2025, our company conducted education, training, and testing on the personal data protection policy for directors, managers, and employees, reaching a total of 1,531 participants and 886 hours, in order to strengthen all personnel’s awareness of and compliance with the personal data protection policy.

Customer Rights Protection

Our company has established standard operating procedures (SOPs) for customer rights protection and complaint handling, addressing issues such as product and service safety and labelling. These SOPs include customer complaint handling procedures, processes, and operational guidelines. They also include specific processing points, transfer schedules to responsible departments, processing times for each stage, determination of liability, corrective and preventative action timelines, and customer notification frequency to ensure comprehensive customer rights protection and complaint handling.

Whistleblowing and Complaint Channels

Our company has established and announced independent channels for reporting, available for use by both internal and external parties:

1. Postal Reporting: Addressed to the Head of the Audit Office
   No. 88, Lane 1125, Heping Road, Bade District, Taoyuan City, Taiwan

2. Email Reporting: thdiscipline@theil.com

Information Security

Establishing an Information Security and Risk Management Framework

In response to the transformation of the company and the enhancement of information security management, the Company has gradually developed its Risk Management framework for information security. The Company currently has a management process in place for information security control. The Company establishs an information security office in the fourth quarter of 2021 to coordinate the planning and implementation of information security for the Company's confidential information and to review and decide on information security management issues.

Information Security Policy

To ensure the integrity of the Company's information security policy, the Company's information security policy covers all of the Company's associates, suppliers and contractors, and third party personnel who may have access to the Company's information. The Company's information security policy is reviewed annually in light of regulatory changes, updates in information security technology and the Company's business development.

Information Security Objectives

Through proper classification and control of confidential information, staff education and training, and advanced information security control equipment, the Company ensures that confidential information is properly protected from unauthorized access, alteration, destruction, improper disclosure or cyber attacks.

Specific information security management solutions

• Through firewalls and information zoning, internal, external, office and production areas are divided into security zones and firewalls are installed for information security defense.Through firewalls and information zoning, internal, external, office and production areas are divided into security zones and firewalls are installed for information security defense.
• Regular information vulnerability scans are carried out to prevent problems before they occur and to remedy risks in a timely manner.
• Advanced information security solutions are continuously introduced to effectively protect and manage systems, hosts and network behavior.
• ERP, MES and other corporate database systems are fully backed up on a daily basis, and the recovery function is verified from time to time according to the company's needs as a last line of defense against encryption ransom attacks to ensure that the database and data can be safely restored.
• Company mail is filtered through a spam control system to prevent phishing and virus intrusion.
• Regular staff training sessions are held to promote information security awareness.
• The Company conducts an annual self-assessment of information security and the self-assessment result is good.

Intelligent Property Rights Management

Patent Application and reward System

• The Company has established the Patent Application and Incentive Regulations as a management policy to align operation plan also to encourage our employees to be creative and to engage in research and development of various technologies to strengthen the Company's technological capabilities. The rules regulate the process of filing intellectual property proposals, the evaluation system of the jury, and the system of relative rewards for the acquisition of rights to encourage internal employees to invest in the research and development of products and technology innovation.

Management of Trade Secrets

• The employees of the Company are obliged to keep confidential information of the Company in accordance with their employment contracts, both on and off duty, to ensure that confidential information of the Company is not leaked or lost.
• The Company has established a classification system for the protection and management of confidential information, which is based on the level of the Company's confidential information, and ensures that the Company's employees are effectively aware of and fulfill their confidentiality awareness through education, training and reward and punishment systems.

Execution Status

The Company reports to the Board of Directors on matters relating to intellectual property on October 29, 2025. 
The Company's current list of intellectual property results are as follows: