ESG

Information Security and Customer Privacy

Information Security Management

To ensure the confidentiality, integrity, availability, and legitimacy of information assets (hardware, software, data, documents, and personnel related to information processing), prevent willful or accidental internal or external threats, MetaAge has effectively reduced the risks of information and communication assets being stolen, used improperly, disclosed, altered, or damaged due to manned negligence or intentional or natural disasters.

  • Steady operations: Ensure business continuity of the Company and steady use of the IT services provided.
  • Asset security: Ensure the confidentiality, integrity, and availability of information assets in our custody and protect the privacy of personnel data.
  • Compliance: Establish the business continuity plan and implement IT operations in compliance with related laws and regulations.

The Information Security Committee is jointly formed by the Chief Information Security Officer and the heads of various departments of the Company, and the Information Security Officer serves as the convener and the heads of various departments serve as members. Hold regular meetings to coordinate the formulation, implementation, risk management and review of information security-related policies. On February 23, 2023, the first ICT security management review meeting was held.

Customer Privacy Protection

We deeply understand the importance of privacy and are thus committed to ensuring, respecting, and protecting customer privacy and trade secrets. Except for definite authorization or legal requests, we will not disclose or use the privacy or trade secrets off customers for any purpose. We have established the “Information and Communication Security Inspection Management Regulations”, built a secure and trusted IT environment, and equipped the IT environment with various information and communication security equipment such as firewalls and antivirus systems to ensure the security of corporate IT data, systems, equipment, and networks and thereby protect customer privacy data.

Additionally, we have established the “Employee Code of Ethics and Conduct”, which stipulates that employees shall carefully manage the matters or confidential information acknowledged from their duties and shall not disclose them to others or use them for purposes unrelated to work, except after the disclosure by the Company or for provision required to perform their duties. This obligation shall remain valid after the resignation of employees. To prevent employees from leaking confidential information for personal reasons, we request employees to sign the “Consent for Personal Data Use” to protect the rights and interests of customers and prevent customer data from exploitation by interested parties.

We implement strict protection and control over customer data. Internally, we enhance awareness education on the importance of protecting customer data and technical trade secrets and persistently make employees understand the importance of information security through internal email communication and newcomer educational training. Additionally, we protect confidential documents by means of privilege control. Except for the related operation staff, employees with lower relevance must acquire the permission of their immediate supervisor before accessing part of such documents. Every year we verify if there is customer complaint about data loss. If there is, we will conduct a full-scale review.

Contact Us