Personal Data Protection and Information Security Declaration – National Yang-Ming Chiao Tung University, Department & Institute of Physiology

This website is located at https://phy.nycu.edu.tw and is the unit website of the Institute of Physiology at National Yang-Ming Chiao Tung University. The address is 4th floor, Shouren Building, No. 155, Section 2, Linong Street, Beitou District, Taipei City—contact number for personal data protection: (02) 28267000 ext. 66467.

This website complies with the Personal Data Protection Act and other relevant laws and regulations. It only provides services for specific purposes and does not provide services outside the university.

This website complies with the university’s information security operations, undergoes regular annual cybersecurity checks, conducts regular vulnerability scanning and patching, establishes system redundancy facilities, performs regular data and software backups, and establishes encrypted communication for web browsing and system management interfaces. The host and network receive protection from the university’s Information Security System, allowing only web page and management interface communications on the host, and only allowing specific hosts to connect to the management interface.

Privacy Policy Message:

When users post comments on this website, we collect the data shown in the comment form, the user’s IP address, and the browser user agent string to help detect spam.

This website creates an anonymized string (also known as a hash) from the user’s email address and provides it to the Gravatar service to see if the user is using the service. For information on the privacy policy of the Gravatar service, please visit https://automattic.com/privacy/. Once the website administrator approves the user’s comment, the user’s profile picture will be publicly displayed in the comment content.

Media:

When uploading images to this website, please avoid uploading images with embedded location data (EXIF GPS). Other users can download and extract location data from images on the website.

Cookie:

When users post comments on this website, they have the option to store their name, email address, and website URL in cookies. This is for the convenience of users so that they do not have to fill in their details again when posting another comment. These cookies will last for one year unless users clear their device cookies themselves.

If users visit the login page of this website, a temporary cookie will be set to determine if their browser accepts cookies. This cookie contains no personal data and will be discarded when users close their browser.

After logging into the website, several cookies will be set to store users’ login information and display settings. The login information cookie will last for two days, and the display settings cookie will last for one year. If users check the “Remember Me” option when logging in, their login status will be maintained for two weeks. Once users log out, the login information cookies will be removed from their devices.

When users edit or publish an article, additional cookies will be stored in their browsers. These cookies do not contain any personal data and only indicate the ID of the article that users wrote. They expire after one day.

Embedded content from third-party websites:

Articles on this website may include embedded content (e.g., videos, images, articles) from third-party websites. Embedded content from third-party websites behaves in the exact same way as if users visited those websites.

These third-party websites may collect data about users, use cookies, embed additional third-party tracking, and monitor users’ interaction with embedded content.

Personal data sharing:

If users request a password reset, their IP address will be included in the password reset email.

Retention of personal data:

Once users leave a comment on this website, the comment and its metadata will be retained indefinitely. This is so that the system can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

User rights over personal data:

If users have an account on this website or have left comments, they can request an exported file of their personal data held by the website, including any data they have provided. Users can also request that the website erase any personal data it holds about them. This does not include any data that the website is obliged to keep for administrative, legal, or security purposes.

Where user data is sent:

Comment data may be checked through an automated spam detection service.