Cybersecurity Risk Management and Strategy Disclosure |
12 Months Ended |
|---|---|
Dec. 31, 2024 | |
| Cybersecurity Risk Management, Strategy, and Governance [Line Items] | |
| Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] | Risk Management and Strategy We have implemented comprehensive cybersecurity risk assessment procedures that are integrated into our overall enterprise risk management system. These procedures aim to identify, assess, and manage potential and existing cybersecurity threats. We have a strong inhouse IT and cybersecurity department, led by our cybersecurity officer, that identifies, assesses, and manages cybersecurity risks on a daily basis. We have ensured that our employees have full access to the basic knowledge and principles of information security, established a sound responding process and disposal mechanism for system security, external attacks and violations, and safeguarded the confidentiality of information and data of the enterprise, employees and customers, making sure information and data can only be obtained and used when necessary. Besides, we engage external parties to conduct thorough assessments of our information systems. Our IT and cybersecurity department work closely with third-party service providers to ensure their compliance with our cybersecurity standards and to assess risks arising from our engagements with them. We strive to ensure the highest standards and procedures to protect data and information security for billions of consumers, millions of merchants, large multinational businesses, and government users. To guarantee the secure operation of large-scale online promotional shopping events, such as “618” and “11.11,” digital security is paramount to ensuring smooth business operations. We will continue to apply advance security technologies to ensure the safety of users, enterprises, and industries and contribute to the healthy development of the information security ecosystem. As of the date of this annual report, we have not experienced any material cybersecurity incidents that have affected or are reasonably likely to affect us, our business strategy, results of operations, or financial condition. In 2024, we did not identify any violations of information security or privacy protection and did not receive any penalty for information security vulnerabilities or other network security breaches.
|
| Cybersecurity Risk Management Processes Integrated [Flag] | true |
| Cybersecurity Risk Management Processes Integrated [Text Block] | We have a strong inhouse IT and cybersecurity department, led by our cybersecurity officer, that identifies, assesses, and manages cybersecurity risks on a daily basis. We have ensured that our employees have full access to the basic knowledge and principles of information security, established a sound responding process and disposal mechanism for system security, external attacks and violations, and safeguarded the confidentiality of information and data of the enterprise, employees and customers, making sure information and data can only be obtained and used when necessary. |
| Cybersecurity Risk Management Third Party Engaged [Flag] | true |
| Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] | true |
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] | false |
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block] | As of the date of this annual report, we have not experienced any material cybersecurity incidents that have affected or are reasonably likely to affect us, our business strategy, results of operations, or financial condition. |
| Cybersecurity Risk Board of Directors Oversight [Text Block] | Governance The ESG committee of our board of directors is responsible for overseeing risks related to cybersecurity. When appropriate, periodic reviews are held to discuss the landscape of cybersecurity, potential threats, and our preparedness for potential cybersecurity threats and risks to our company. In case a material cybersecurity occurs, the ESG committee is responsible for reviewing the information and issues involved, disclosures to be made, and the procedures followed. Our cybersecurity officer, who has over 10 years of experience as cybersecurity officer in large technology companies and extensive knowledge and skills in security products development, security risk management, and security compliance, is primarily responsible for assessing and managing cybersecurity risks and monitoring the prevention, detection, mitigation, and remediation of cybersecurity incidents. The cybersecurity officer reports to our chief compliance officer and provides periodic updates to our strategy execution committee and the ESG committee on any material cybersecurity incidents or material risks arising from cybersecurity threats.
|
| Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] | The ESG committee of our board of directors is responsible for overseeing risks related to cybersecurity. |
| Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] | The ESG committee of our board of directors is responsible for overseeing risks related to cybersecurity. When appropriate, periodic reviews are held to discuss the landscape of cybersecurity, potential threats, and our preparedness for potential cybersecurity threats and risks to our company. |
| Cybersecurity Risk Role of Management [Text Block] | Our cybersecurity officer, who has over 10 years of experience as cybersecurity officer in large technology companies and extensive knowledge and skills in security products development, security risk management, and security compliance, is primarily responsible for assessing and managing cybersecurity risks and monitoring the prevention, detection, mitigation, and remediation of cybersecurity incidents. The cybersecurity officer reports to our chief compliance officer and provides periodic updates to our strategy execution committee and the ESG committee on any material cybersecurity incidents or material risks arising from cybersecurity threats. |
| Cybersecurity Risk Management Positions or Committees Responsible [Flag] | true |
| Cybersecurity Risk Management Positions or Committees Responsible [Text Block] | In case a material cybersecurity occurs, the ESG committee is responsible for reviewing the information and issues involved, disclosures to be made, and the procedures followed. |
| Cybersecurity Risk Management Expertise of Management Responsible [Text Block] | Our cybersecurity officer, who has over 10 years of experience as cybersecurity officer in large technology companies and extensive knowledge and skills in security products development, security risk management, and security compliance, is primarily responsible for assessing and managing cybersecurity risks and monitoring the prevention, detection, mitigation, and remediation of cybersecurity incidents. |
| Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] | The cybersecurity officer reports to our chief compliance officer and provides periodic updates to our strategy execution committee and the ESG committee on any material cybersecurity incidents or material risks arising from cybersecurity threats. |
| Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] | true |