All colleagues must carry out information security measures, ensuring the confidentiality, integrity, and availability of business data. This is to prevent risks such as leakage, destruction, or loss due to external threats or improper management by internal personnel.

We supervise all colleagues in implementing information security management tasks. Appropriate information security education and training will be conducted annually to establish the concept of "Information Security is Everyone's Responsibility."

We establish emergency response plans and disaster recovery plans for critical information assets and key business operations, and regularly conduct drills for various emergency response processes. This ensures that in the event of information system failures or major disasters, rapid recovery can occur, ensuring that critical business operations continue and minimizing losses.