The information security policy of LunioCloud is summarized as follows.

1. Objective 

To ensure the information security, integrity, and usability Happy Dream Lab Sdn Bhd (hereinafter called LunioCloud), this policy is drafted in accordance with relevant laws and regulations to prevent any threat from the staff, other parties, or accidents, and according to LunioCloud’s business requirements.

2. Scope of Application

2.1 This policy is applicable to LunioCloud’s entire staff, contractors, part-time employees, and visitors.

2.2 According to the spirit and purport of continuous improvement as seen in ISO27001 and ISO27017, a “Plan, Support, Do, Check, Action” cycle and related management system were constructed.

2.3 The information security management scope and the cloud service information security management policy prevent LunioCloud from potential risks and damages that may arise from the misusage, leaking, tampering, and damaging of information caused by negligence, malicious intentions, or natural disasters.

3. Targets

To ensure the confidentiality, integrity, and usability of LunioCloud’s information asset and the privacy and security of user information, the entire staff of LunioCloud strive together to achieve the target of sustainable operation and to meet the demands of related laws and regulations.

4. Responsibilities

LunioCloud established an information security team to be in charge of events related to information security and to ensure that its management system is in accordance with ISO27001 and ISO27017. With the active participation and support of the management team, the security team aims to meet related standards and procedural regulations and to provide LunioCloud’s information security officials with a performance report.

5. Management Indicators

LunioCloud established an “Information Security Plan” to evaluate whether LunioCloud meets the information security management targets. Furthermore, related information security management indicators were established. LunioCloud also regularly reviews the responsibilities of its staff and personnel, provides training on information security, monitors computer and internet infrastructure security, and formulates information security loophole report system.

6. Audit

This policy is evaluated at least once a year to timely reflect government regulation updates and technology development, and to ensure the sustainable operation of LunioCloud.

7. Implementation

The policy is implemented upon the approval of administrative managers, and its revision goes through the same process.