XML 55 R11.htm IDEA: XBRL DOCUMENT v3.25.1
Cybersecurity Risk Management, Strategy, and Governance Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

ITEM 16K. CYBERSECURITY

Risk Management and Strategy

We have implemented comprehensive cybersecurity risk assessment procedures to ensure effectiveness in cybersecurity management, strategy and governance and reporting cybersecurity risks. We have also integrated cybersecurity risk management into our overall enterprise risk management system.

We are committed to safeguarding our systems and data. Our approach to managing internal and external cybersecurity risks and safeguarding sensitive data is multi-faceted, involving technological safeguards, procedural protocols, a rigorous program of surveillance on our corporate network, continuous testing of aspects of our security posture internally and with third-party consultants or collaborators, a solid incident response framework and regular cybersecurity training sessions for our employees. Our IT department is actively engaged in continuous monitoring of the performance of our infrastructure to ensure prompt identification and response to potential issues, including potential cybersecurity threats. We use third-party service providers to assist us from time to time to identify, assess, and manage material risks from cybersecurity threats, including for example: professional services firms, cybersecurity consultants and cybersecurity software providers.

As of the date of this annual report, we have not experienced any material cybersecurity incidents or identified any material cybersecurity threats that have affected or are reasonably likely to materially affect us, our business strategy, results of operations or financial condition.

Governance

Our nominating and corporate governance committee of our board of directors is responsible for overseeing our cybersecurity risk management and is informed on risks from cybersecurity threats. The nominating and corporate governance committee shall review, approve and maintain oversight of the disclosure (i) on Form 6-K for material cybersecurity incidents (if any) and (ii) related to cybersecurity matters in the periodic reports (including annual report on Form 20-F) of our company.

On the management level, our Chief Executive Officer and Chief Financial Officer, collectively referred as the Cybersecurity Risk Management Officers, are responsible for assessing, identifying and managing material risks from cybersecurity threats to our company and monitoring the prevention, detection, mitigation and remediation of material cybersecurity incidents. Our Cybersecurity Risk Management Officers report to our nominating and corporate governance committee (i) periodically regarding their assessment, identification and management on material risks from cybersecurity threats in the ordinary course of our business operations and (ii) on disclosure concerning cybersecurity matters in our Form 6-K for material cybersecurity incidents (if any) and our annual report on Form 20-F.

If a cybersecurity incident occurs, our Cybersecurity Risk Management Officers will promptly organize relevant personnel for internal assessment and, depending on the situation, seek the opinions of external experts and legal advisors. If it is determined that the incident could potentially be a material cybersecurity event, our Cybersecurity Risk Management Officers will promptly report the incident and relevant assessment results to our nominating and corporate governance committee, who will decide on the relevant response measures and whether any disclosure is necessary. If such disclosure is determined to be necessary, our Cybersecurity Risk Management Officers shall promptly prepare disclosure materials for review and approval by our nominating and corporate governance committee before it is disseminated to the public.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block] We have also integrated cybersecurity risk management into our overall enterprise risk management system.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]

Governance

Our nominating and corporate governance committee of our board of directors is responsible for overseeing our cybersecurity risk management and is informed on risks from cybersecurity threats. The nominating and corporate governance committee shall review, approve and maintain oversight of the disclosure (i) on Form 6-K for material cybersecurity incidents (if any) and (ii) related to cybersecurity matters in the periodic reports (including annual report on Form 20-F) of our company.

On the management level, our Chief Executive Officer and Chief Financial Officer, collectively referred as the Cybersecurity Risk Management Officers, are responsible for assessing, identifying and managing material risks from cybersecurity threats to our company and monitoring the prevention, detection, mitigation and remediation of material cybersecurity incidents. Our Cybersecurity Risk Management Officers report to our nominating and corporate governance committee (i) periodically regarding their assessment, identification and management on material risks from cybersecurity threats in the ordinary course of our business operations and (ii) on disclosure concerning cybersecurity matters in our Form 6-K for material cybersecurity incidents (if any) and our annual report on Form 20-F.

If a cybersecurity incident occurs, our Cybersecurity Risk Management Officers will promptly organize relevant personnel for internal assessment and, depending on the situation, seek the opinions of external experts and legal advisors. If it is determined that the incident could potentially be a material cybersecurity event, our Cybersecurity Risk Management Officers will promptly report the incident and relevant assessment results to our nominating and corporate governance committee, who will decide on the relevant response measures and whether any disclosure is necessary. If such disclosure is determined to be necessary, our Cybersecurity Risk Management Officers shall promptly prepare disclosure materials for review and approval by our nominating and corporate governance committee before it is disseminated to the public.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] Our nominating and corporate governance committee of our board of directors is responsible for overseeing our cybersecurity risk management and is informed on risks from cybersecurity threats.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] The nominating and corporate governance committee shall review, approve and maintain oversight of the disclosure (i) on Form 6-K for material cybersecurity incidents (if any) and (ii) related to cybersecurity matters in the periodic reports (including annual report on Form 20-F) of our company.
Cybersecurity Risk Role of Management [Text Block]

On the management level, our Chief Executive Officer and Chief Financial Officer, collectively referred as the Cybersecurity Risk Management Officers, are responsible for assessing, identifying and managing material risks from cybersecurity threats to our company and monitoring the prevention, detection, mitigation and remediation of material cybersecurity incidents. Our Cybersecurity Risk Management Officers report to our nominating and corporate governance committee (i) periodically regarding their assessment, identification and management on material risks from cybersecurity threats in the ordinary course of our business operations and (ii) on disclosure concerning cybersecurity matters in our Form 6-K for material cybersecurity incidents (if any) and our annual report on Form 20-F.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] On the management level, our Chief Executive Officer and Chief Financial Officer, collectively referred as the Cybersecurity Risk Management Officers, are responsible for assessing, identifying and managing material risks from cybersecurity threats to our company and monitoring the prevention, detection, mitigation and remediation of material cybersecurity incidents.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

If a cybersecurity incident occurs, our Cybersecurity Risk Management Officers will promptly organize relevant personnel for internal assessment and, depending on the situation, seek the opinions of external experts and legal advisors. If it is determined that the incident could potentially be a material cybersecurity event, our Cybersecurity Risk Management Officers will promptly report the incident and relevant assessment results to our nominating and corporate governance committee, who will decide on the relevant response measures and whether any disclosure is necessary. If such disclosure is determined to be necessary, our Cybersecurity Risk Management Officers shall promptly prepare disclosure materials for review and approval by our nominating and corporate governance committee before it is disseminated to the public.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true