Data Security and Privacy

Data security and privacy involves the policies, procedures, and practices to safeguard the collection, storage, use, and disclosure of personal data in compliance with legal and ethical standards, minimize cybersecurity attacks and breaches and data loss, and ensure the protection of stakeholders’ privacy rights.

Why It Matters to Us

As a retail company, data drives our operations and enables us to make more effective business decisions. We rely on our data to maintain accountability and fulfill audits. Our data management systems drive the stability of our operations. But without proper data protection measures, we are at risk of data breaches, losses, and integrity risks. Thus, we aim to implement tight control mechanisms and improve our data management systems to ensure the security and reliability of our data. To uphold data security and privacy is also part of our efforts to maintain our highest standard of integrity to protect the private information entrusted to us.

Key Strategies


System & SOP Upgrades - Improve current systems and SOPs to mitigate poor data handling and ensure secured data management


Risk Assessment & Mitigation - Review and test our data management systems against threats and risks and make systematic changes to strengthen them


Policy & Governance - Establish policies and governance training for relevant stakeholders to ensure high standards in data handling

Initiative Highlights

Enacted our Personal Data Protection Policy
Established our Intellectual Property Protection Policy
Data server security enhancements

In The Pipeline

Conduct necessary data risk assessments, including penetration tests, to identify data security improvement needs

Implement tighter data management control SOPs

Enact data breach and crisis management procedures

Conduct data protection and data management training

UN Sustainable Development Goals​