Integrity management and other implementation situations

Integrity management

  The Board of Directors of the Company has established a Code of Ethics and Code of Ethical Conduct, and internal operating procedures for the handling of material information to regulate the prevention of business activities with the risk of dishonesty, and encourages internal and external personnel to report dishonest or improper behaviors to implement ethical management, and the implementation of such activities shall be reported to the Board of Directors on a regular basis every year.
  The company’s “Integrity Business Code”, which prohibits the standards of dishonesty, is prohibited from the dishonesty behavior. Receive any unfair interests, or make dishonest behaviors such as violations of integrity, illegal or violation of obligations of trustees in order to obtain or maintain benefits. Its interests refer to anything valuable, including money, gifts, commissions, jobs, positions, services, preferential treatment, rebates, etc.
  The company’s “work rules”, clearing that employees shall not use the relationship between their positions or accept the improper gifts, gifts, invitations or donations of others in their jobs. Through the establishment of principles and systems The possibility of reducing risks.
  In order to ensure the practice of integrity operations, in addition to the regular auditing laws, the internal system is followed through the audit room, and the appeal pipeline is provided for internal and external stakeholders, and it will quickly respond to improve the lack of operations, ensure the quality of service, establish a company to establish a company Good interaction with interests.
  The Finance and Accounting Department of the Company is responsible for promoting the Company’s integrity management objectives.

2025 Implementation situation

The implementation of 2025 integrity management has been Report to the board of directors on November 7, 2025, the contents are as follows:
  1. The company conducted 8 communications with all directors and insiders regarding ethical business practices (including prevention of insider trading). It also reminded directors via email not to trade its shares during the closed periods of 30 days before the announcement of the annual financial report and 15 days before the announcement of each quarterly financial report. The company further reminded directors and insiders of the closed periods before the announcement of each quarterly financial report on January 24, April 23, July 23 and October 22, 2025, respectively, to avoid inadvertently violating the regulations.
  2. Violation of integrity operations: Report 0 pieces and discover 0 items.
  3. Protection and interests of stakeholders:
    1. In 2025, 25 samples of suppliers were required to sign corporate responsibility commitment letters, and the recovery rate was 100%.
    2. In 2025, the top 60 suppliers will be evaluated: 22 A-level suppliers accounting for 37%; 38 B-grade companies accounted for 63%
    3. The shareholders’ meeting will be held on May 29, 2025, and the board of directors will hold five meetings in 2025.
    4. Equipment avoidance: A total of 5 cases have been avoided in the interests of the board of directors.
  4. Education and training on integrity management issues: In 2025, a total of 464 person-times (including courses related to compliance with integrity management laws and regulations, workplace illegal infringement, information security, intellectual property rights, confidentiality agreements, personal data protection, accounting and internal control systems, etc.) were held for a total of 631.5 person-hours.
  5. All 11 new recruits in the 2025 signed the Intellectual Property and Confidentiality Pledge.

2024 Implementation situation

The implementation of 2024 integrity management has been Report to the board of directors on November 8, 2024, the contents are as follows:
  1. Integrity operation (including prevention of inside transactions, etc.), publicity: A total of 8 publicity sessions were conducted for all directors and insiders.
  2. Violation of integrity operations: Report 0 pieces and discover 0 items.
  3. Protection and interests of stakeholders:
    1. Qualified Supplier Audit: Conduct one supplier evaluation, and all suppliers with a transaction amount in the top 60 of the ranking must complete the evaluation, with a pass rate of 100%. There are 16 A-grade manufacturers, 36 B-grade manufacturers, and 8 C-grade manufacturers.
    2. Communication of shareholders/investors: Holding one shareholder meeting and 5 boards.
    3. Equipment avoidance: A total of 7 cases have been avoided in the interests of the board of directors.
  4. Education and training on integrity management issues: In 2024, a total of 673 person-times (including courses related to compliance with integrity management laws and regulations, workplace illegal infringement, information security, intellectual property rights, confidentiality agreements, accounting and internal control systems, etc.) were held for a total of 819 person-hours.
  5. All 20 new recruits in the 2024 signed the Intellectual Property and Confidentiality Pledge.
  6. In 2024, we have signed 7 non-disclosure agreements (NDAs) for joint development with new partners.

2023 Implementation situation

In 2023, the new directors and managers have completed signing statements such as declarations of non-violation of the principles of integrity and other related statements. The signing rate reached 100%. The implementation of 2023 integrity management has been Report to the board of directors on November 10, 2023, the contents are as follows:
  1. Integrity operation (including prevention of inside transactions, etc.), publicity: A total of 4 publicity sessions were conducted for all directors and insiders.
  2. Violation of integrity operations: Report 0 pieces and discover 0 items.
  3. Protection and interests of stakeholders:
    1. Qualified supplier audit: Apply for 1 supplier evaluation.
    2. Communication of shareholders/investors: Holding one shareholder meeting and 7 boards.
    3. Equipment avoidance: A total of 6 cases have been avoided in the interests of the board of directors.

2024 and 2025 Information security implementation status

  The company completed the formulation of the “Information Security Policy and Management Plan” in 2023, which has been disclosed in the important regulations on the company’s official website. Its purpose is to protect the security of the company’s information equipment, systems and network communications, and effectively reduce the risk of human errors and external threats. Threats or natural disasters may lead to unauthorized access, use, control, leakage, destruction, tampering, destruction or other infringement of information assets. Strengthen information security management to ensure the confidentiality, integrity and Availability to maintain an operating environment where the company’s continued operations are free from information security hazards and free from internal and external intentional or accidental threats.
  The establishment and promotion of the information security system is divided into responsibilities among three people in the management department. Crisis prevention measures and management are adopted in response to external threats, authority management, access control, system availability, etc.; at the same time, NewSoft International Technology Co., Ltd. is appointed The company regularly assists in the implementation of information security assessments. Projects include: computer system testing, computer maintenance and system reorganization, server maintenance, firewall management, network problem maintenance, anti-virus processing, data backup management and settings, etc. to avoid company information security occurrence of risks.
  In order to establish the information security concept of company colleagues and avoid being attacked by hackers, phishing, piracy, copyright infringement issues and malware, teaching materials are formulated to conduct regular information security propaganda and employee security education training for all employees every year. The audit office discusses risks Information security inspections are regularly audited every year, and announcements and promotions are made by email from time to time. In order to implement the information security environment and technical regulations, in line with the belief that everyone is responsible for information security, the company requires all employees to comply with various information security regulations. Regarding policies, procedures and operations, this year’s safety promotion training for all employees was completed on June 17, 2024、December 13, 2024、June 30, 2025 and December 12, 2025 respectively.