Huaqin values customer information and makes every effort to keep it secure. With ISO/IEC 27001 certification, we have established a sound information security system to protect customer information through all-round, multi-level, and three-dimensional management and technical means.
Ensuring the security of customer information is our top priority. Huaqin has established multiple customer-specific confidential work areas to ensure the confidentiality, integrity and availability of customer information through multi-dimensional measures concerning environment security, network security, personnel security, physical security and data security. We conduct regular audits on the confidential areas to guarantee information security during customer services.
All suppliers are required to sign a confidentiality agreement before their cooperation with Huaqin. Huaqin has strict restrictions on all physical and logical access by suppliers, and conducts annual audits and evaluations on key suppliers. All suppliers are required to show their valid ID when entering the company and are permitted to enter upon approval and registration.
Huaqin organizes information security training and competence certification for employees every year as well as activities such as information security month to enhance the security awareness of employees. This helps them understand relevant concepts, management system, and protection measures and practices. For employees in confidential areas, we provide advanced security essentials training and certification to ensure that they develop the awareness and capability required for their specific working area.
ISO/IEC 27001 is the most authoritative, stringent and widely recognized standard for information security management system worldwide. By following ISO/IEC 27001, Huaqin meets international requirements of enterprise information security management and fulfills our commitment to users. Huaqin designs and develops products in full compliance with applicable laws and regulations, including the Network Security Law and the Personal Information Protection Law.
Huaqin has set up an Information Security Committee, which is responsible for determining our information security objectives and reviewing information security implementation results, to keep information security risks within acceptable levels. Every business department is equipped with information security specialists for work execution, risk evaluation and response, incidents investigation, and continuous improvement. We have established an effective information security management system covering organization, system and process to protect customer information.
We regularly conduct a wide variety of activities, such as security rules interpretation, violation case analysis, do's and don'ts reminders, and information security drills so that information security is rooted in the mindset and behaviors of every employee and partner.