Trust & Security

SOC2 Audit Report

Taimei regularly audits the system services through independent third-party on SOC2 standards. The SOC2 audit report meets the Trusted Service Principles (TSP Section 100) proposed by the American Institute of Certified Public Accountants (AICPA). Taimei has designed and implemented a complete internal control system, and security & privacy management processes and technologies, including data security and key management, security vulnerabilities, security incidents and fault management, terminal management, availability management, privacy protection and among others. In addition to the traditionally focused security, availability and confidentiality, data privacy has gradually become a major factor of the evaluation. Taimei has passed the audits in the four areas of security, availability, confidentiality and privacy, which means that Taimei has the ability to provide reliable security & privacy protection and services for global customers. Any distribution of the report requires an application to Taimei and the report shall be only shared under a non-disclosure agreement.

ISO (International Organization for Standardization)
27001 Certification

Taimei has passed the internationally recognized system certification in the field of information security, and the company meets the requirements of the 14 control categories of ISO27001. As the globally recognized most authoritative informati on security management standard, ISO27001 adopts a process methodology to establish, implement, operate, monitor, review, maintain and improve an organization’s information security management system (ISMS) which is the core of the information security management standard. This certification proves that Taimei has established and operated a complete set of information security management system (ISMS), so as to effectively protect the orderly and sustainable development of important information assets and processes.

ISO (International Organization for Standardization)
27701 Certification

Taimei has passed the globally recognized privacy management system standard certification, which is a strong proof of the effectiveness of personal privacy protection. This standard, in the form of an extension to ISO/IEC 27002, provides requirements and guidelines for the origin, processing, transmission, computation, storage, and disposal of personal privacy data, which can better implement privacy management within an organization. ISO27701 has established a mapping relationship with GDPR, making Taimei use the methodology of ISO27701 to continuously and systematically comply with the requirements of GDPR. Taimei identifies, analyzes and takes measures to privacy risks to reduce the risk to a level acceptable to subjects and sponsors, and gradually optimizes the internal privacy information management system (PIMS) of the organization, so that Taimei can achieve long-term personal privacy security compliance.

ISO (International Organization for Standardization)
27017 Certification

Taimei has passed the internationally recognized cloud service information security management system certification, which regulates the construction and maintenance of cloud security. ISO 27017 is a requirement to extend the control measures of ISO 27002. It is a practical standard specifically for cloud service information security, providing specific security controls and implementation guidelines for cloud service providers and cloud service customers. This certification helps Taimei, as a SAAS operating platform provider, establish a more complete cloud security management system and improve our overall cloud security service capabilities.

ISO (International Organization for Standardization)
27018 Certification

Taimei has passed the globally recognized public cloud personal information protection management system certification, which highlights Taimei’s obligations as a processor of personal privacy data. The certification provides guidelines for the obligations and responsibilities of cloud service providers handling personally identifiable information (PII) in data processing to protect data in sponsors from any form of infringement. Taimei has passed the ISO 27018 standard certification, so that the public cloud and private data have taken corresponding control measures in the fields of data anonymization, privacy computing, privacy storage, etc., meeting the requirements of the sponsor and the requirements of different jurisdictions. Taimei has passed ISO27018 certification to strengthen the protection of personal information in the cloud, so that the services provided are more secure and reliable.