Risk Management and Strategy

We have implemented comprehensive cybersecurity risk assessment procedures to ensure effectiveness in cybersecurity management, strategy and governance and reporting cybersecurity risks. We have also integrated cybersecurity risk management into our overall executive management controls system.

Our approach to managing cybersecurity risks and safeguarding sensitive data is multi-faceted, involving technological safeguards, procedural protocols, a program of surveillance on our corporate network, continuous testing of aspects of our security posture, and regular cybersecurity training sessions for our key employees. Our IT department is actively engaged in continuous monitoring of the performance of our infrastructure to ensure prompt identification and response to potential issues, including potential cybersecurity threats.

As of the date of this annual report, we have not experienced any material cybersecurity incidents or identified any material cybersecurity threats that have affected or are reasonably likely to materially affect us, our business strategy, results of operations or financial condition.

Governance

Our board of directors is responsible for overseeing our company’s cybersecurity risk management and be informed on risks from cybersecurity threats. Our board of directors will review, approve, and maintain oversight of the disclosure (i) on Form 6-K for material cybersecurity incidents (if any) and (ii) relating to cybersecurity matters in the periodic reports (including annual report on Form 20-F) of our company. In addition, on the management level, we have established a cybersecurity taskforce to oversee and manage cybersecurity related matters and formulate policies as necessary. Pursuant to the internal controls and procedures in connection with cybersecurity, our cybersecurity disclosure taskforce reports to our board of directors, as needed, regarding its assessment, identification, and management on material risks from cybersecurity threats happened in the ordinary course of our business operations. If a cybersecurity incident occurs, our cybersecurity disclosure taskforce will promptly organize relevant personnel for internal assessment and, depending on the situation, seek the opinions of external experts and legal advisors.

Governance

Our board of directors is responsible for overseeing our company’s cybersecurity risk management and be informed on risks from cybersecurity threats. Our board of directors will review, approve, and maintain oversight of the disclosure (i) on Form 6-K for material cybersecurity incidents (if any) and (ii) relating to cybersecurity matters in the periodic reports (including annual report on Form 20-F) of our company. In addition, on the management level, we have established a cybersecurity taskforce to oversee and manage cybersecurity related matters and formulate policies as necessary. Pursuant to the internal controls and procedures in connection with cybersecurity, our cybersecurity disclosure taskforce reports to our board of directors, as needed, regarding its assessment, identification, and management on material risks from cybersecurity threats happened in the ordinary course of our business operations. If a cybersecurity incident occurs, our cybersecurity disclosure taskforce will promptly organize relevant personnel for internal assessment and, depending on the situation, seek the opinions of external experts and legal advisors.