Corporate Governance

During the reporting period

Milkyway held
4
shareholders' meetings
41 proposals were considered and passed
Milkyway held
12
shareholders' meetings
81 proposals were considered and passed
(7 directors)
Supervisors held
12
meetings of the Board of Supervisors
53 proposals were considered and passed
(4 supervisors, including 2 shareholder representatives and 2 employee representatives)

Compliance

3849
employees attended compliance training
290
announcements and annexes disclosed in total
217/1663
received investor times / covering persons
18
questions answered on the SSE E-interaction platform

Data security grading

Top trade secrets
  • All documents of national confidential operations
  • Five-year plan and strategic breakdown
  • Unannounced stage for M&A, investment and bidding of major projects
Confidential restricted to use
  • Remuneration and personal information
  • Basic management systems of the Company and annexes thereof
  • Contracts, and business information and client data of relevant partners
  • All documentation in relation to business and security and financial compliance
Secret partially public
  • All business documents
  • Quotation and MCP system data
Top secret and confidential data are called crucial data

Principles for protecting data security

  • Principle of minimum authorization
    Important information shall be authorized to a minimum extent, and employees can only apply and be configured to appropriate account operating authority.
  • Principle of information desensitization
    If scenario-specific information need to be publicized in IT development, testing and rehearsal environments, important data shall be appropriately desensitized.
  • Principle of information encryption
    The use, transmission and processing of important data shall be encrypted.
  • Principle of auditability
    The whole process of important MCP data operations shall be recorded.
  • Principle of lifecycle information protection
    The full lifecycle of generation, processing, storage, transmission, sharing, and destruction of information systems shall be protected.
Principles for protecting data security