Cybersecurity Risk Management and Strategy Disclosure |
12 Months Ended |
|---|---|
Dec. 31, 2024 | |
| Cybersecurity Risk Management, Strategy, and Governance [Line Items] | |
| Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] | Risk Management and Strategy We have implemented comprehensive cybersecurity risk assessment procedures to ensure effectiveness in cybersecurity management, strategy and governance and reporting cybersecurity risks. We have also integrated cybersecurity risk management into our overall enterprise risk management system. We have developed a comprehensive cybersecurity threat defense system to address both internal and external cyber threats. This system spans multiple security domains, including network, host and application layers. It integrates a range of security capabilities, such as threat defense, continuous monitoring, in-depth analysis, rapid response, as well as strategic deception and countermeasures. Our approach to managing cybersecurity risks and safeguarding sensitive data is multi-faceted, involving technological safeguards, procedural protocols, a rigorous program of surveillance on our corporate network, continuous testing of aspects of our security posture internally and with third-party business partners and third-party service providers, such as third-party online payment system provider, a solid incident response framework and regular cybersecurity training sessions for our employees. Our IT department is actively engaged in continuous monitoring of the performance of our infrastructure to ensure prompt identification and response to potential issues, including potential cybersecurity threats. We rely on our own professional team and capabilities to manage network security matters, and have completed third-party security certifications such as the PCI-DSS certification and the Equal Protection evaluation. As of the date of this annual report, we have not experienced any material cybersecurity incidents or identified any material cybersecurity threats that have affected or are reasonably likely to materially affect us, our business strategy, results of operations or financial condition. |
| Cybersecurity Risk Management Processes Integrated [Flag] | true |
| Cybersecurity Risk Management Processes Integrated [Text Block] | We have also integrated cybersecurity risk management into our overall enterprise risk management system. We have developed a comprehensive cybersecurity threat defense system to address both internal and external cyber threats. This system spans multiple security domains, including network, host and application layers. It integrates a range of security capabilities, such as threat defense, continuous monitoring, in-depth analysis, rapid response, as well as strategic deception and countermeasures. Our approach to managing cybersecurity risks and safeguarding sensitive data is multi-faceted, involving technological safeguards, procedural protocols, a rigorous program of surveillance on our corporate network, continuous testing of aspects of our security posture internally and with third-party business partners and third-party service providers, such as third-party online payment system provider, a solid incident response framework and regular cybersecurity training sessions for our employees. Our IT department is actively engaged in continuous monitoring of the performance of our infrastructure to ensure prompt identification and response to potential issues, including potential cybersecurity threats. |
| Cybersecurity Risk Management Third Party Engaged [Flag] | true |
| Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] | true |
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] | false |
| Cybersecurity Risk Board of Directors Oversight [Text Block] | Our board of directors is responsible for overseeing our cybersecurity risk management and is informed on risks from cybersecurity threats. Our board of directors shall review, approve and maintain oversight of the disclosure (i) on Form 6-K for material cybersecurity incidents (if any) and (ii) related to cybersecurity matters in the periodic reports (including annual report on Form 20-F) of our Company. |
| Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] | board of directors |
| Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] | Our Cybersecurity Risk Management Officers report to our board of directors (i) on a quarterly basis regarding their assessment, identification and management of material risks from cybersecurity threats which arise in the ordinary course of our business operations and (ii) on disclosure concerning cybersecurity matters in our Form 6-K for material cybersecurity incidents (if any) and our annual report on Form 20-F. |
| Cybersecurity Risk Role of Management [Text Block] | On the management level, our chief executive officer, vice president of finance, and cybersecurity officer who has over 10 years of experience as cybersecurity officer in technology companies and extensive knowledge and skills in security products development, security risk management, and security compliance, are responsible for assessing, identifying and managing material risks from cybersecurity threats to our company and monitoring the prevention, detection, mitigation and remediation of material cybersecurity incidents. They are collectively referred to as the Cybersecurity Risk Management Officers. Our Cybersecurity Risk Management Officers report to our board of directors (i) on a quarterly basis regarding their assessment, identification and management of material risks from cybersecurity threats which arise in the ordinary course of our business operations and (ii) on disclosure concerning cybersecurity matters in our Form 6-K for material cybersecurity incidents (if any) and our annual report on Form 20-F. If a cybersecurity incident occurs, our Cybersecurity Risk Management Officers will promptly organize relevant personnel for internal assessment and, depending on the situation, seek the opinions of external experts and legal advisors. If it is determined that the incident could potentially be a material cybersecurity event, our Cybersecurity Risk Management Officers will promptly report the incident and relevant assessment results to our board of directors and our board of directors will decide on the relevant response measures and whether any disclosure is necessary. If such disclosure is determined to be necessary, our Cybersecurity Risk Management Officers shall promptly prepare disclosure material for review and approval by our board of directors before it is disseminated to the public. |
| Cybersecurity Risk Management Positions or Committees Responsible [Flag] | true |
| Cybersecurity Risk Management Positions or Committees Responsible [Text Block] | chief executive officer, vice president of finance, and cybersecurity officer |
| Cybersecurity Risk Management Expertise of Management Responsible [Text Block] | our chief executive officer, vice president of finance, and cybersecurity officer who has over 10 years of experience as cybersecurity officer in technology companies and extensive knowledge and skills in security products development, security risk management, and security compliance, are responsible for assessing, identifying and managing material risks from cybersecurity threats to our company and monitoring the prevention, detection, mitigation and remediation of material cybersecurity incidents. |
| Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] | If a cybersecurity incident occurs, our Cybersecurity Risk Management Officers will promptly organize relevant personnel for internal assessment and, depending on the situation, seek the opinions of external experts and legal advisors. If it is determined that the incident could potentially be a material cybersecurity event, our Cybersecurity Risk Management Officers will promptly report the incident and relevant assessment results to our board of directors and our board of directors will decide on the relevant response measures and whether any disclosure is necessary. If such disclosure is determined to be necessary, our Cybersecurity Risk Management Officers shall promptly prepare disclosure material for review and approval by our board of directors before it is disseminated to the public |
| Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] | true |