Getac Holdings Corporation

An enterprise culture of integrity and honesty forms the foundation for sustainable business operations. Getac adheres to relevant laws and regulations, establishing robust corporate governance and risk control mechanisms while promoting a culture of integrity. Employees are required to implement these principles in internal management and business activities, eliminating unethical behaviors and creating an environment conducive to sustainable development. 

In addition to creating a sincere and honest corporate culture, Getac complies with external laws and regulations and establishes internal systems to ensure that Getac employees operate by the highest level of ethical standards. The company strictly prohibits employees from making illegal political donations in exchange for commercial gains or business advantages. As for laws and regulations, Getac complies with the Corporate Governance Best Practice Principles to be a law-abiding corporate citizen. The company formulated the Ethical Management Best Practice Principles and the Code of Ethical Conduct for Directors and Supervisors to act as the business ethics and ethical management standards, and require all directors, supervisors, and employees to abide by these standards. 

Getac’s Ethical Management Best Practice Principles is applicable to directors, managers, employees, appointees, and individuals with substantial control. To uphold the principles of integrity, Getac includes clauses on integrity, professional conduct, and conflict of interest in employment contracts. The employee code of conduct explicitly prohibits corruption, theft, abuse of power, bribery, and other unethical behaviors that harm the company's interests. Employees involved in specific projects are required to sign confidentiality agreements. Any violations, once verified, are addressed in accordance with the "Employee Reward and Disciplinary Measures." For severe violations, the company may terminate the employment contract without prior notice and pursue legal action for any criminal liabilities, as well as compensation for related losses.

Our company periodically provides directors and managers with information on courses related to the prevention of insider trading regulations. Additionally, newly appointed directors receive materials such as the “Regulatory Advocacy Handbook”, “Securities Market Regulations for Listed Companies and Their Directors, Supervisors, and Major Shareholders”, ”Q&A Guide on Insider Share Trading for Listed Companies”, and “Regulations and Precautions on Insider Shareholding Changes”.

Before convening audit committee and board meetings, our company also sends email notifications to directors and managers, reminding them to strictly comply with insider trading prohibitions. Furthermore, they are informed that they are not permitted to trade company stocks during the closed periods—30 days before the annual financial report announcement and 15 days before each quarterly financial report announcement. To reinforce compliance, the company also sets electronic calendar reminders indicating the start and end dates of these closed periods.

In 2024, all members of the Board of Directors complied with the “Guidelines for the Continuing Education of Directors and Supervisors of TWSE/TPEx-Listed Companies.” Training courses included a session on insider trading prevention, aimed at helping company insiders understand the regulatory framework under the Securities and Exchange Act, particularly in relation to equity management, and to promote proper practices in equity trading to prevent unintentional violations due to lack of legal knowledge. Additional training topics covered corporate governance, sustainable finance and climate change, corporate sustainability, and cybersecurity governance and oversight strategies. In total, 12 directors and insiders participated in training sessions in 2024, completing a cumulative 102 hours of continuing education.

Integrity Policy Implementation and Performance
The Human Resources Development Center is responsible for formulating the company's integrity policy and preventive measures, promoting and coordinating integrity training, and designing the whistleblower system to ensure effective execution. Through internal control and audit mechanisms, corruption-related incidents are monitored and investigated. Based on risk assessments of unethical conduct, the internal audit team develops audit plans to verify compliance with anti-corruption measures. External auditors may be engaged for reviews, and external experts may be consulted if necessary. Audit findings are reported to senior management and the designated integrity oversight unit and are formally submitted to the Board of Directors.

In 2024, the status of integrity policy implementation was presented to the Board of Directors on November 13. The Board fulfilled its duty of care by overseeing the prevention of unethical conduct, reviewing the effectiveness of measures taken, and ensuring continuous improvement and enforcement of the integrity policy. Key outcomes are as follows:

• In 2024, Getac and its eight subsidiaries (within the reporting scope) completed corruption risk assessments.
• No significant violations of ethical conduct occurred in 2024. No employees were dismissed or disciplined due to corruption-related issues.
• In 2024, a mandatory digital training course on “Anti-Corruption, Anti-Money Laundering, and Insider Trading Prevention” was conducted for all employees.

---

In terms of external governance, in order to fulfill social responsibilities and achieve success in the market, the "Getac Supplier ESG Code of Conduct"  specifies that suppliers and their agents must adhere to the highest ethical standards. Supplier must avoid all activities that cause conflicts of interest with the Getac Holding Corp., and any agreement or negotiation involving offering behavior must be prohibited.

Suppliers who exchange transactions more than NT$80,000 with Getac must sign the Most Favorable Treatment and No-Corruption Guarantee Agreement. If a supplier does not sign such an agreement, the system will automatically suspend any payment activities, in order to prevent vulnerabilities. Contracts signed with suppliers also provide information on reporting hotlines. The Audit Department of the company is responsible for handling reports concerning unethical conducts.

---

In 2024, the Company and its eight subsidiaries conducted risk assessments on 11 anti-corruption topics in accordance with the OECD Due Diligence Guidance for Responsible Business Conduct. The topics covered include dishonest conduct, conflicts of interest, payment and collection processes, sales and receivables, procurement and disbursement, and engineering tendering and acceptance. Risk evaluation is based on the Company’s risk management policies and procedures, taking into account both the likelihood of occurrence and the potential impact on finance, operations, or reputation. . In 2024, all 11 identified anti-corruption topics were assessed as low risk. Details of the risk assessment results are shown in the table on the lower right. For the two topics that were previously rated as medium risk, the corresponding mitigation measures are explained below.

2024 Anti-Corruption Risk Assessment Results

Role	Anti-corruption Issues	Stakeholders	Risk Level
Employee	Dishonest behavior	Company Employees, Supplier, Customer	Low
Director of the Board	Dishonest behavior	Company	Low
Finance	Financial matters - Receipt operations	Company, Customer	Low
Finance	Financial matters - Payment operations	Company, Supplier	Low
Sales	Sales and receipts	Company, Customer	Low
Finance	Procurement and payments	Company	Low
Research & Development	Purchase and payment for research and development materials/machinery	Company	Low
Warehouse Management	Warehouse management	Company	Low
Quality Assurance	Incoming materials quality inspection	Company, Customer	Low
Personnel with conflicts of interest	Conflict of interest	Company & Employees	Low
Construction	Engineering bidding and acceptance	Company & Employees	Low

 

---

To reinforce our company's commitment to human rights and due diligence, we revised the "Guidelines Governing the Reporting of Corruption and Malpractices" in 2022, as depicted in the process diagram on the right. This revision expands the scope of whistleblower acceptance to include clients, suppliers, partners, and other stakeholders engaged in business dealings. The regulations specifically outline confidentiality measures during the investigation process and mechanisms for protecting whistleblowers. The company treats whistleblower reports with sensitivity and caution. For each case, we enter into a Unilateral Confidentiality Agreement with the whistleblower to protect their information. Upon conclusion of the case, we provide a questionnaire for whistleblowers to ensure their rights and confidential information are safeguarded. All reports, transcripts, or related materials are handled confidentially and securely stored. Unauthorized disclosure is subject to disciplinary action under company policies. Additionally, the company ensures the safety of whistleblowers and takes legal action against anyone threatening, intimidating, or engaging in unlawful acts against them.

Getac Holdings has established a whistleblower system for internal and external stakeholders to provide feedback or report violations anonymously regarding breaches of professional ethics. Details of the whistleblower system are available on Getac Holdings official website, procurement contracts, and the "Guidelines Governing the Reporting of Corruption and Malpractices". Promotion of the whistleblower system is also included in anti-corruption and anti-money laundering training courses. According to regulations, each reported case is categorized as significant or general based on the anticipated loss amount, with internal personnel receiving a bonus of NT$200,000 for significant cases and 5% of the loss amount for general cases upon successful investigation.

Irregular Business Conduct Reporting Contact
Head of Auditing Office
gthaudit@getac.com.tw

 

---

In 2022, the company established the "Anti-Corruption and Anti-Money Laundering Policy" and the "Anti-Corruption and Anti-Money Laundering Policy Statement" to enhance the governance procedures and integrity management of the company. The company is committed to abiding by the guiding principles of the United Nations Convention Against Corruption (UNCAC), and agrees to comply with anti-corruption laws, regulations, and other commercial practices in the jurisdictions where it operates. The company maintains a zero-tolerance approach towards corruption and provides guidance to stakeholders to assist them in preventing corrupt practices. Furthermore, to prevent money laundering, tax evasion, and violations of sanctions, the company also commits to complying with relevant anti-money laundering laws and regulations and demonstrates its determination to combat money laundering crimes.
 

---

To implement integrity education, all directors, management, and employees of Getac Holdings must undergo anti-corruption related training. Since 2022, anti-corruption and anti-money laundering education training has been designated as a mandatory course. It is stipulated that all management and employees of the company and its subsidiaries must complete the training once and take a post-training test to ensure their understanding of the anti-corruption policies. 

In 2023, the training completion rate target was raised to 85%. Completion is defined as each employee taking the post-training test and correctly answering all ten questions to achieve a perfect score of 100. If an employee scores below 100, they must retake the training and post-training test until they pass to be considered as having completed the training.

In 2024, a total of 7,670 employees from Getac Holdings and its subsidiaries received anti-corruption and anti-money laundering education and training, with a completion rate of 85.6%. Please refer to the training details of each subsidiary. 

 

---

Customer Privacy
Protecting customer privacy is a legal and ethical obligation that every company must strictly observe. In the digital age, customer privacy faces greater threats, as private information can be easily stolen, misused, or leaked. To safeguard customer confidentiality and privacy, the Company and its subsidiaries have set the annual goal of “zero confirmed cases of legal actions or complaints due to breaches of customer privacy or data loss.” Measures include employee codes of conduct, confidentiality agreements, access control, personal data protection during repair services, and the privacy policy on the company’s website. In 2024, all new employees signed confidentiality agreements, and no customer data breaches or losses were reported.
The Company’s key measures to protect customer confidentiality and privacy include:

• Employee codes of conduct and employment contracts that mandate strict adherence to protecting customer confidentiality and privacy
• Confidential customer information obtained through business interactions is disclosed only on a need-to-know basis and with signed confidentiality agreements, depending on individual cases.
• Rigorous maintenance of network and digital platform security to prevent information leaks and protect customer rights. 
• Regular training programs to enhance employees’ awareness of regulations on trade secrets and customer privacy protection.
• Internal promotion via email and communication software, social engineering drills, and GDPR education campaigns on personal data protection and information security to reinforce employee awareness and security vigilance.
• Implementation of the “Confidentiality Regulations for Production Areas,” which prohibit photography, video, or audio recording by external visitors in production lines.
• The employee agrees to strictly comply with company regulations and serve with honesty during the period of employment. In the event of negligence of duty, violation of company rules, embezzlement of company funds or property, disclosure of company secrets, or any unlawful or improper conduct that damages the company's reputation, the employee shall not only be subject to legal prosecution and penalties in accordance with applicable laws, but also agrees to be dealt with in accordance with the company’s employee rewards and disciplinary procedures.
• Employee is willing to abide by the company policies and respect the intellectual property rights of others, and shall not use unauthorized software or trade secrets in the course of their duties. If the unauthorized use causes infringement on the rights of others or results in damage to the company, the employee agrees to take full legal responsibility and compensate the company for any losses incurred as a result.

      The GDPR Data Protection Officer: dpm.LAC@getac.com.tw