TOP
ESG

Customer Relationship Management

Continuously innovating service content and types to create thoughtful services that exceed customer expectations is the driving force for THSRC's continuous improvement. We have prepared a dedicated management department to open up multiple communication channels to respond to passengers' needs in real time, deepen customer relationships, provide online consultation by Artificial Intelligent Customer Service, corporate website e-mail message and other functions, and configure the customer service line service with Mandarin / Taiwanese / English responses.

Feedback Collection Channels and Customer Service Operations System

THSRC has set up a Current Customer Complaint Resolution Mechanism to not only provide immediate consolation and attention but also submit customer feedback to the quality management authority and responsible unit of each department and the cross-departmental customer opinion review meeting, so as to truly incorporate customer feedback into management and implement improvements. In 2022, the inbound passenger service center and the use of Artificial Intelligent Customer Service inquiries were about 670,000 cases, and the main consultation items were about ticketing, lost items and high-speed rail promotions. Part of that, Artificial Intelligent Customer Services received 210,000 (31%) inquiries or applies for timetables, ticketing problems, guide for travel, properties lost and found services.

Current Customer Complaint Resolution Mechanism

Privacy and Information Security Management

Affected by geopolitical turmoil and volatile digital crimes in recent years, THSRC has actively implemented information security, established the “Information Security Management Committee” in 2017, and appointed information security officers from the company's interdepartmental office to hold information security management review meetings every six months and convene information security officer meetings every quarter. Review the development direction, strategy and related implementation results of information security, so that the information security management system continues to operate steadily.

A total of 2 information security management review meetings and 4 information security representative meetings were held in 2022. The information security governance report and results have been recorded in the report of the 27th Board of Directors of the ninth session in 2022. For more information about the policies and management plans related to information security, please refer to Information Security Management Manual.

THSRC Information Security Management Framework

Implementation of Personal Information Security Maintenance Measures

Safety Maintenance Measures for Personal
Information Protection Management		 Personal Information Management Measures and
Implementation Results in 2022
Establish a management organization
and allocate considerable resources		 Segment representatives formed the “Personal Information Protection Implementation Group.” As of September 2022, there were 20 personal information representatives and a personal information representative meeting is held every quarter, and a total of fourmeetings were held in 2022.
Risk assessment and management
mechanism for personal information		 A three-level management model is adopted as per the security level of personal information files, and risk identification and assessment of personal information files were conducted every year, and personal information files inventory audits were performed twice every year, to maintain the correctness of the “Personal Information File Inventory”.
Information security management and
accident prevention, notification, and
response mechanisms		 Information is divided into three types: written forms, electronic files, and system files, and relevant regulations on personal information security incident response, a complete notification mechanism, and a review and improvement policy have been formulated. As of 2022, no personal information security incident occurred.
Awareness promotion, education and training One hour of education and training for new employees and one hour of annual training for all employees.
Equipment safety management Terminal equipment (including personal computers, notebook computers, and mobile devices) and various types of servers are all handled in accordance with THSRC's relevant information security management regulations.
Overall continuous improvement of personal
information security maintenance		 The annual audit results are regularly reviewed at the personal information representative meeting and reported to the review meeting of the Information Security Management Committee.

THSRC continue to strengthen security operations in 2022, such as the use of the Virtual Private Network (VPN) and the employee remote work emergency measures and security are listed below to improve the high-speed rail information communication security environment:

  • Ensure employee portal availability: Increase equipment capacity to ensure sufficient employee connections and adjust the system to a high availability architecture.
  • Strengthen the security authentication of the portal website system: Two-factor authentication is adopted for employees who log in to the Company's intranet from the external network. The employee account number, password and One Time Password (OTP) are required for authentication, and the time limit of OTP is shortened while the length of OTP is increased.
  • Increase network bandwidth: Increase network bandwidth and circuit redundancy, increase the number of employee connections, and improve network connection stability.
  • Improve VPN to high-availability architecture: In case of any abnormality, the VPN device will complete the switch within one second. After the switch is completed, the password and One Time Password need to be re-authenticated.
  • Strengthen VPN connection monitoring: VPN uses two-factor authentication to monitor the connection source IP. In case of any abnormality such as the connection source IP is detected from a place outside Taiwan and intensively requests for login in a short period of time, the firewall will control and block the connection IP.
  • Integrated information security monitoring mechanism: Integrates the main systems, endpoints, networks, and security and reconnaissance threat monitoring information of information technology (IT) and operation technology (OT), analyzes the status of threats in real time, introduces information security solutions such as abnormal alarms and defense disposal, and monitors and reports full-time through the information center computer room.
  • Cooperate with the national information and communications security operation: Restrict the use of products that threats the national information and communication security, inventory the company's internal information and communications equipment, conduct replacement operations; while we cannot require suppliers to replace the restricted Chinese branded equipment immediately, we have reached an agreement for suppliers to replace them at the end of the products' lives, and strengthen the management of information security.

In response to the "Accelerating Digital Optimization and Moving Towards Digital Transformation" aspect of the six strategic directions of THSRC in the medium and long term, while accelerating digital innovation and transformation, we have formulated four development strategies for high-speed rail information technology, including management information digital optimization, maintenance management digital optimization, operation management digital optimization, and marketing digital optimization. The projects and goals we planned to introduce are as follows:

  • Management Information Digital Optimization: Build off-site backup mechanisms to improve service availability and introduce IT asset and configuration management platforms to ensure consistency of service data, as a way of increasing automation and saving manpower.
  • Maintenance management digital optimization: Establish high-speed railway geographic map to quickly obtain the corresponding mileage assets and maintenance records information, and continue to collect track, tramway and power system detection and maintenance data, and analyze the data to establish the basis for predictive maintenance operations and provide a coordinating mechanism for track maintenance area scheduling to further improve maintenance efficiency.
  • Digital Optimization of Operations Management: Establish a new generation ticket booking service system to meet market demand, import cloud computing into station equipment, and improve service timeliness. Digital Optimization of Operations Management: Establish a new generation ticket booking service system to meet market demand, import cloud computing into station equipment, and improve service timeliness.
  • Digital Marketing Optimization: Enhance the company's revenue through accurate marketing and the establishment of a new business model platform, while developing the T Express sales model to provide diversified ticketing services and enhance market competitiveness.