1. Management and Protection of Information Assets

The Company clearly defines and manages the information security of all important information assets it holds, including personal information, evaluates and classifies such assets from the perspectives of confidentiality, integrity, and availability, and, on that basis, takes the necessary measures to protect them.

2. Information Security and Personal Information Protection Management System

The Company has established a management system for information security and personal information protection, ensures that all employees are fully informed of and thoroughly comply with it, and regularly reviews and continuously improves this management system.

3. Information Security Education

The Company provides information security education to all current employees, ensures that all employees are informed of the necessity of the Company's information security requirements and the specific rules to be observed, and regularly conducts information security training for all employees in order to maintain and improve the information security management system.

4. Prevention of and Response to Information Security Incidents and Accidents

The Company considers not only improper acts by third parties but also incidents caused by intentional acts or operational errors on the part of employees, and takes appropriate measures to prevent such incidents, respond promptly, and implement corrective actions.

5. Compliance with Laws and Regulations

All employees of the Company must comply with laws, regulations, internal rules, and contracts related to information security.

• Tuosi Culture & Technology Group
• Chairman Zhou Guoxi