v3.25.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Role of Management [Text Block]

Risk Management and Strategy

We prioritize the security of our technological assets, including computer systems, software, and networks. Our comprehensive cybersecurity measures are integral to our risk management framework, enabling us to assess, identify, and manage material risks from cybersecurity threats. These measures address potential disruptions to business operations or financial reporting systems, intellectual property theft, fraud, extortion, harm to employees or customers, violations of privacy laws, legal risks, and reputational damage.

Our Board of Directors oversees cybersecurity-related risks, ensuring effective governance and compliance with regulatory requirements. Their responsibilities include:

  Disclosure Oversight: Ensuring accurate and timely disclosure of cybersecurity matters in our company’s reports, in line with SEC regulations.
  Annual Reporting: Reviewing cybersecurity disclosures in our annual Form 20-F, as presented by management, to ensure comprehensive reporting. At the management level, our CEO, CFO, and department heads are tasked with:
  Risk Assessment and Management: Identifying and mitigating cybersecurity risks, and overseeing the prevention, detection, and resolution of incidents.
  Board Reporting: Providing timely updates to the Board on material cybersecurity incidents or threats and contributing to the annual Form 20-F disclosures.

In the event of a cybersecurity incident:

  1. Internal Assessment: Our CTOs promptly evaluate the incident’s scope and impact.
  2. Executive Notification: If deemed potentially material, findings are reported to the CEO and CFO, with input from external experts and legal counsel as needed.
  3. Response and Disclosure: The CEO and CFO determine appropriate response measures, and management prepares disclosure materials for Board approval prior to public release.

Our cybersecurity risk management processes encompass:

  Robust Security Measures: Utilizing multifactor authentication, next-generation firewalls, integrated vulnerability testing, comprehensive backup solutions, and identity protection services to safeguard our systems and data.
  Employee Training: Conducting annual cybersecurity awareness training, emphasizing email security and phishing prevention, and regularly testing our Disaster Recovery and Business Continuity Plans.
  Regular Security Assessments: Performing penetration testing, vulnerability scanning, and attack simulations, with IT teams and third-party partners reviewing logs and ensuring applications are current.

Our risk management program includes continuous monitoring and adherence to industry best practices to mitigate potential vulnerabilities, especially concerning third-party service providers. We maintain technical support agreements covering software licensing, configuration, upgrades, and necessary changes, supplementing internal training initiatives.

Our IT departments regularly assess the qualifications of third-party partners, requiring them to demonstrate high expertise levels and relevant technical certifications.

As of the date of this Annual Report, we have not experienced any material cybersecurity incidents or identified any material cybersecurity threats that have materially affected, or are reasonably likely to materially affect, our business strategy, results of operations, or financial condition.
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Risk Management and Strategy

We prioritize the security of our technological assets, including computer systems, software, and networks. Our comprehensive cybersecurity measures are integral to our risk management framework, enabling us to assess, identify, and manage material risks from cybersecurity threats. These measures address potential disruptions to business operations or financial reporting systems, intellectual property theft, fraud, extortion, harm to employees or customers, violations of privacy laws, legal risks, and reputational damage.

Our Board of Directors oversees cybersecurity-related risks, ensuring effective governance and compliance with regulatory requirements. Their responsibilities include:

  Disclosure Oversight: Ensuring accurate and timely disclosure of cybersecurity matters in our company’s reports, in line with SEC regulations.
  Annual Reporting: Reviewing cybersecurity disclosures in our annual Form 20-F, as presented by management, to ensure comprehensive reporting. At the management level, our CEO, CFO, and department heads are tasked with:
  Risk Assessment and Management: Identifying and mitigating cybersecurity risks, and overseeing the prevention, detection, and resolution of incidents.
  Board Reporting: Providing timely updates to the Board on material cybersecurity incidents or threats and contributing to the annual Form 20-F disclosures.

In the event of a cybersecurity incident:

  1. Internal Assessment: Our CTOs promptly evaluate the incident’s scope and impact.
  2. Executive Notification: If deemed potentially material, findings are reported to the CEO and CFO, with input from external experts and legal counsel as needed.
  3. Response and Disclosure: The CEO and CFO determine appropriate response measures, and management prepares disclosure materials for Board approval prior to public release.

Our cybersecurity risk management processes encompass:

  Robust Security Measures: Utilizing multifactor authentication, next-generation firewalls, integrated vulnerability testing, comprehensive backup solutions, and identity protection services to safeguard our systems and data.
  Employee Training: Conducting annual cybersecurity awareness training, emphasizing email security and phishing prevention, and regularly testing our Disaster Recovery and Business Continuity Plans.
  Regular Security Assessments: Performing penetration testing, vulnerability scanning, and attack simulations, with IT teams and third-party partners reviewing logs and ensuring applications are current.

Our risk management program includes continuous monitoring and adherence to industry best practices to mitigate potential vulnerabilities, especially concerning third-party service providers. We maintain technical support agreements covering software licensing, configuration, upgrades, and necessary changes, supplementing internal training initiatives.

Our IT departments regularly assess the qualifications of third-party partners, requiring them to demonstrate high expertise levels and relevant technical certifications.

As of the date of this Annual Report, we have not experienced any material cybersecurity incidents or identified any material cybersecurity threats that have materially affected, or are reasonably likely to materially affect, our business strategy, results of operations, or financial condition.

Governance

Our board of directors is responsible for overseeing risks related to cybersecurity. Our board of directors shall (i) maintain oversight of the disclosure related to cybersecurity matters in current reports or periodic reports of our company, (ii) review updates to the status of any material cybersecurity incidents or material risks from cybersecurity threats to our company, and the disclosure issues, if any, presented by our management on a quarterly basis, and (iii) review disclosure concerning cybersecurity matters in our annual report on Form 20-F presented by our management.

At the management level, our CEO, CFO and the head of the departments in connection with cybersecurity-related matters are responsible for assessing, identifying and managing cybersecurity risks and monitoring the prevention, detection, mitigation, and remediation of cybersecurity incidents. Our CEO and CFO report to our board of directors (i) timely updates to the status of any material cybersecurity incidents or material risks from cybersecurity threats to our company, and the disclosure issues, if any, and (ii) in connection with disclosure concerning cybersecurity matters in our annual report on Form 20-F.
Cybersecurity Risk Management Processes Integrated [Text Block] Robust Security Measures: Utilizing multifactor authentication, next-generation firewalls, integrated vulnerability testing, comprehensive backup solutions, and identity protection services to safeguard our systems and data.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] false
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block]

As of the date of this Annual Report, we have not experienced any material cybersecurity incidents or identified any material cybersecurity threats that have materially affected, or are reasonably likely to materially affect, our business strategy, results of operations, or financial condition.
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]

Governance

Our board of directors is responsible for overseeing risks related to cybersecurity. Our board of directors shall (i) maintain oversight of the disclosure related to cybersecurity matters in current reports or periodic reports of our company, (ii) review updates to the status of any material cybersecurity incidents or material risks from cybersecurity threats to our company, and the disclosure issues, if any, presented by our management on a quarterly basis, and (iii) review disclosure concerning cybersecurity matters in our annual report on Form 20-F presented by our management.

At the management level, our CEO, CFO and the head of the departments in connection with cybersecurity-related matters are responsible for assessing, identifying and managing cybersecurity risks and monitoring the prevention, detection, mitigation, and remediation of cybersecurity incidents. Our CEO and CFO report to our board of directors (i) timely updates to the status of any material cybersecurity incidents or material risks from cybersecurity threats to our company, and the disclosure issues, if any, and (ii) in connection with disclosure concerning cybersecurity matters in our annual report on Form 20-F.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] Our board of directors is responsible for overseeing risks related to cybersecurity.
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] At the management level, our CEO, CFO and the head of the departments in connection with cybersecurity-related matters are responsible for assessing, identifying and managing cybersecurity risks and monitoring the prevention, detection, mitigation, and remediation of cybersecurity incidents.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true