In compliance with its legal obligations in some jurisdictions, Acer and its affiliated companies have implemented an internal Stakeholder Grievance mechanism (hereinafter referred to as the “Mechanism”).

This Mechanism allows all staff members, shareholders, partners, members of an administrative, management or supervisory body, and external and occasional collaborators, as well as contractors and subcontractors, to submit complaints or concerns (hereinafter referred to as, “Complaint(s)”) on the following matters:

• a crime or misdemeanor;
• a threat or harm to the general interest;
• a violation of applicable laws (such as national law or European Union law), regulations, treaties or other international commitments of any country;
• a violation of Acer’s corporate governance policies; or
• a violation of “Acer Group’s Standards of Business Conduct”.

The Complaint may be submitted:

• By email, to the following dedicated reporting email address: Whistleblower.acer@acer.com;
• In writing by post, to the Corp. Internal Audit Unit at the following address: 8/F, No. 88, Sec. 1, Xin Tai 5th Road, Xizhi, New Taipei City 221, Taiwan. To ensure confidentiality, the envelope should be labeled "CONFIDENTIAL".

A dedicated officer will be responsible to receive and process the Complaints.

The Complaint should describe the facts/events as accurately as possible. The communicated information should be factual, objective and directly related to the subject of the Complaint. Only strictly necessary information should be transmitted, particularly when the Complaint may involve sensitive information (personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, data concerning health or data concerning a natural person's sex life or sexual orientation, etc.) or special data (Processing of personal data relating to criminal convictions and offences). The Complaint must be submitted in good faith and without any direct financial compensation.

If the Complaint is submitted in good faith, the Informant cannot be sanctioned, dismissed, or subjected to any direct or indirect discriminatory measure or any other form of retaliation or attempted retaliation, even if the facts are subsequently proven to be inaccurate or do not lead to any follow-up.

The use of this Mechanism is optional and is not intended to replace any other existing reporting channels (e.g., appropriate senior leaders or management). No action will be taken against a person who elects to use other channels, rather than the Mechanism.

Acer does not discourage anonymous Complaints. However, to ensure the effective processing of the Complaint, Acer strongly encourages the users of the Mechanism to provide their true name and contact information to facilitate the Internal Audit Unit’s review of evidence and investigation of the Compliant.

Acer ensures the confidentiality of the identity of the person submitting the Complaint, of the facts/events subject of the Complaint, of the attached documents as well as the identity of the persons mentioned in the Complaint.

Before submitting your Complaint, please refer to the following document for more information on the steps to follow and the processing of the Complaints by Acer: The Stakeholder Grievance Mechanism

If you are looking for product support services, please visit Acer’s website (https://www.acer.com/worldwide/) for the country/region in which you are located. If you are looking for shareholder services, please visit www.acer-group.com/ag/en/TW/content/shareholders-service

By submitting a Complaint, Informant may be communicating personal data for consideration in the Mechanism.

This personal data is processed by Acer Inc., of 8/F, No. 88, Sec. 1, Xin Tai 5th Road, Xizhi, New Taipei City 221, Taiwan and its group of companies around the world (“Acer”) - a list of which can be found at https://www.acer.com/worldwide/ , acting as joint data controllers, for Complaints concerning:

• a crime or misdemeanor;
• a threat or harm to the general interest;
• a violation of applicable laws (such as national law or European Union law), regulations, treaties or other international commitments of any country;
• a violation of the Acer’s corporate governance policies; or
• a violation of “Acer Group’s Standards of Business Conduct.”

The processing of Informant’s personal data is based on different legal grounds, depending on the purposes pursued, as detailed below:

• the processing is necessary for compliance with legal obligations:
  • To manage the system for collecting and processing of Complaints, including the establishment of a procedure for collecting the Complaints and any analysis, verification and processing of the Complaints;
  • To protect Informants, facilitators and persons in contact with Informants;
  • To manage data subject requests to exercise data protection rights; and
  • To cooperate with supervisory authorities, if applicable.
• the processing is necessary to protect the Company’s legitimate interests:
  • To manage the system for collecting and processing the Complaints, including the establishment of a procedure for collecting the Complaints and any analysis, verification and processing of the Complaints; and
  • To handle complaints, disputes and (legal) proceedings in relation to the Complaints and to ensure the Company’s legal position herein.

The data collected is communicated to the following recipients, according to the purposes and responsibilities: any person, employee of Acer or service provider contractually linked to Acer whose expertise would appear to be useful for the processing of reports, the protection of the whistleblower, facilitators and persons linked to the author of the report.

Security Measures.

The Company protect the personal information that Informants share with the Company against destruction, loss, alteration, and unauthorized disclosure or access to personal data transmitted, stored or otherwise processed. At Acer, access to Informant’s personal information is limited to people who need it to do their work. It is Acer policy to maintain the integrity of any personal information in Acer’s possession.

Informant’s data will be kept for no longer than is necessary for the purposes for which they are processed, and in compliance with applicable law or regulation.

In general, documents, evidence, records, and/or recordings of investigation regarding complaints are kept by Responsible Unit for five (5) years.

Data may be kept for a longer period of time, in archive, if the controller is legally obliged to do so or, for the purpose of ensuring the protection of the whistleblower or to allow the establishment of continuing offences (within the applicable limitation/foreclosure period).

If Informants are located in the EEA, the United Kingdom, Brazil or the states of California, Virginia and Colorado in the United States, or other jurisdictions with applicable laws, Informants have the right to access, rectify and delete their personal data, the right to limit processing, the right to portability of their data, as well as the right to object to processing of their data. These rights can be exercised by sending an e-mail to Whistleblower.acer@acer.com.

Finally, Informants have the right to lodge a complaint with the appropriate supervisory authority in their particular place of residence, place of work or place where the alleged infringement occurred regarding the processing of their personal data by the Company.