• Font Size:
  • S
  • M
  • L

Amended Article

Title:

Personal Data Protection Act  CH

Amended Date: 2023.05.31 
Article 1-1 The competent authority of the PDPA is the Personal Data Protection Commission (the "PDPC").
The responsibilities of the central government authorities in charge of the industries concerned, the special municipality, county (city) government concerned, and the authorities specified in Articles 53 and 55 of the PDPA, shall be under the jurisdiction of the PDPC from the date of its establishment.
Info
Article 48 If a non-government agency violates any of the following provisions, the central government authority in charge of the industry concerned or the special municipality, county (city) government concerned shall order the non-government agency to rectify the violation within a specified period of time; if the non-government agency fails to rectify the violation in time, a fine of not less than NT$20,000 but not more than NT$200,000 shall be imposed on the non-government agency for each occurrence of the violation:
1. Article 8 or Article 9;
2. Article 10, Article 11, Article 12, or Article 13;
3. paragraph 2 or paragraph 3 of Article 20.
If a non-government agency violates paragraph 1 of Article 27 or fails to establish a security and maintenance plan for the protection of personal data files or rules on disposing of personal data following a business termination under paragraph 2 of Article 27, the central government authority in charge of the industry concerned or the special municipality, county (city) government concerned shall impose a fine of not less than NT$20,000 but not more than NT$2,000,000 on the non-government agency, and shall order the non-government agency to rectify the violation within a specified period of time. If the non-government agency fails to rectify the violation in time, a fine of not less than NT$150,000 but not more than NT$15,000,000 shall be imposed for each occurrence of the violation.
If a non-government agency violates paragraph 1 of Article 27, or fails to establish a security and maintenance plan for the protection of personal data files or rules on disposing of personal data following a business termination under paragraph 2 of Article 27, which is of a serious violation, the central government authority in charge of the industry concerned or the special municipality, county (city) government concerned shall impose a fine not less than NT$150,000 but not more than NT$15,000,000 on the non-government agency to rectify the violation within a specified period of time; if the non-government agency fails to rectify the violation in time, a fine shall be imposed for each occurrence of the violation.
Info
Article 56 The enforcement date of the PDPA shall be set by the Executive Yuan.
The deletion of Articles 19 through 22 and Article 43 on May 26, 2010, and the revision of Article 48 under the amendment to the PDPA made on May 16, 2023, shall become effective on the date of promulgation.
Info