We have implemented robust processes for assessing, identifying and managing material risks from cybersecurity threats and monitoring the prevention, detection, mitigation and remediation of material cybersecurity incident. We have also integrated cybersecurity risk management into our overall enterprise risk management system.

We have established a dynamic and multi-layered cybersecurity defense system to effectively mitigate both internal and external cybersecurity threats. This comprehensive system spans multiple security domains, including network, host, and application layers. It integrates a range of security capabilities such as threat defense, continuous monitoring, in-depth analysis and rapid response. Our approach to managing cybersecurity risks and safeguarding sensitive data is multi-faceted, involving technological safeguards, procedural protocols, a rigorous program of surveillance on our corporate network, ongoing internal and external evaluations of our security measures, a solid incident response framework, and regular cybersecurity training sessions for our employees. Our cybersecurity department is actively engaged in continuous monitoring of our applications, platforms and infrastructure to ensure prompt identification and response to potential issues, including emerging cybersecurity threats.

If a cybersecurity incident occurs, our cybersecurity department will promptly organize personnel for internal assessment and report to our cybersecurity committee. If it is further determined that the incident could potentially be a material cybersecurity event, our cybersecurity officer will promptly report the incident and assessment results to our disclosure committee and external legal counsel to the extent appropriate. Our cybersecurity officer shall prepare disclosure material on the cybersecurity incident for review and approval by our disclosure committee and board of directors, before it is disseminated to the public.