Statement on Establishing a Global Cyber Security Assurance System

As a global leading cloud computing and IT infrastructure provider, xFusion is fully aware of the importance of cyber security and understands the concerns of various governments and customers about security. With the constant evolution and development of the telecom industry and information technology, cyber security threats and challenges are increasing. xFusion pays a great deal of attention to this issue and devotes itself to improvement of the security of its products and services with feasible and effective measures, to help customers reduce and avoid security risks and to build customers' trust and confidence in xFusion's business. xFusion believes that the establishment of an open, transparent and visible security assurance framework will be conducive to the sound and sustainable development of industry chains and technological innovation; it will also facilitate rapid development of the digital world.

In light of the foregoing, xFusion hereby undertakes that it establishes and improves a sustainable and reliable security assurance system in terms of policy, organization, process, management, technology and standard practice based in compliance with the applicable laws and regulations in countries and regions, and international ICT technology standards and by reference to the industry best practice. xFusion has been actively tackling the challenges of cyber security together with governments, customers, and partners in an open and transparent manner to meet customers' requirement on cyber security. xFusion's commitment to cyber security will never be outweighed by the consideration of commercial interests.

xFusion establishes the Compliance Management Committee (CMC) that acts as the company's highest authority on compliance management. This Committee is responsible for deciding on and approving the company's overall strategy for cyber security and privacy protection. The company appoints the Cyber Security and User Privacy Protection RCO, who is responsible for leading his team to develop a cyber security and privacy protection strategy and policies, and for managing and overseeing the implement of cyber security and privacy protection in business domains. The officer also drives communication with stakeholders such as governments, customers, suppliers, partners, and employees.

In terms of business processes, security assurance is integrated into all business processes relating to R&D, the supply chain, sales and marketing, delivery, and technical services. Such integration, as the fundamental requirement of the quality management system, will be implemented under the guidance of management regulations and technical specifications. In addition, xFusion monitors and improves its business processes by conducting internal auditing and receiving external security certification and auditing from third-party agencies.

In connection with personnel management, our employees, partners and consultants are required to comply with cyber security policies and to receive appropriate training so that the concept of security is deeply rooted throughout xFusion. xFusion takes appropriate actions against those who violate cyber assurance policies. Employees may also incur personal legal liability for violation of relevant laws and regulations.

Taking on an open, transparent and sincere attitude, xFusion is willing to work with all governments, customers and partners through various channels to jointly cope with cyber security threats and challenges.

xFusion Digital Technologies Co., Ltd.