信息安全承诺书
Commitment on Information Security
1. 为了保护XXXX向物流商开放的用户个人信息的信息安全,物流商向XXXX郑重承诺遵守以下条款:
1. In order to protect the users' personal information released by XXXX to the logistics provider, the logistics provider solemnly undertakes to XXXX to abide by the following terms:
1.1 建立和完善信息安全管理制度,认真落实信息安全技术防护措施;定期开展风险评估工作,认真排查自身信息系统的安全隐患和漏洞,对薄弱环节和潜在威胁采取切实有效的整改措施,以避免和消除信息安全风险,确保信息系统安全可靠地运行。
1.1 Establish and improve the information security management system, and seriously implement the protection measures with information security technology; regularly carry out risk assessment, carefully check the hidden security risks and bugs of its own information systems, and take practical and effective rectification measures for weak links and potential threats to avoid and eliminate information security risks and ensure the safe and reliable operation of information systems.
1.2 建立和健全相应的数据分类分级规范、敏感信息操作日志和基础架构日志规范,并严格按照数据分类分级规范使用用户个人信息,确保用户个人资料不泄漏。
1.2 Establish and improve relevant specifications for data classification, sensitive information operation log and infrastructure log, and use the users' personal information in strict accordance with the specifications on data classification to ensure that such information won't be leaked.
1.3 仅将从XXXX获取的用户个人信息用于物流商履行提供《XXXX平台合作协议》(下称“合作协议”)及各产品协议下的物流服务的用途。未经XXXX事先书面允许,不得超范围使用,更不得以任何形式提供给第三方。
1.3 The users' personal information obtained from XXXX is only used by the logistics Provider to perform and provide the logistics services under XXXX Platform Cooperation Agreement (hereinafter referred to as the "Cooperation Agreement") and various product agreements. Without the prior written approval of XXXX, it shall not be used beyond the scope, nor shall it be provided to any third party in any form.
1.4 积极开展信息安全对接与信息安全检查工作。
1.4 Actively carry out communication and inspection in information security.
1.5 物流商在信息系统发生重大安全事故时,立即采取应急措施,避免对消费者或XXXX业务造成持续影响。
1.5 In case of a major security accident in the information system, the logistics provider shall immediately take emergency measures to avoid continuous impact on consumers or XXXX's businesses.
1.6 建立信息安全责任制度,加强组织领导,设立信息安全第一责任人、负责人和联系人,并明确各自的具体职责。物流商信息安全第一责任人、负责人和联系人的相关资料见下表。如果信息安全负责人、联系人发生变更的,应由物流商第一责任人联系邮箱发出邮件通知XXXX。物流商信息安全联系人应当保持7*24小时可联系。
1.6 Establish information security responsibility system, strengthen organization and leadership, set up the first person in charge, the persons in charge and contact persons responsible for information security, and specify their responsibilities. The relevant information about such persons are seen in the table below. If the persons in charge and contact persons change, the first person in charge shall notify XXXX through email. The contact persons responsible for the information security of the logistics provider shall be available for 7 * 24 hours.
乙方保证其此处及后续向XXXX披露的责任人、联系人个人信息的行为已获得其本人的知情同意。
Party B guarantees that its disclosure of the personal information about the persons in charge and contact persons to XXXX currently and subsequently has obtained their consent.
1.1 乙方对接入XXXX的应用,应明确数据安全要求和责任,乙方需要对相关应用加强数据安全管理和保护。乙方应用发生数据安全事件对用户造成损失的,乙方应当承担部分或全部责任,除非乙方能够证明无过错。
1.7 Party B shall specify the data security requirements and responsibilities for the applications connected to XXXX, and also needs to strengthen data security management and protection of relevant applications. If a data security incident occurs in Party B's application and causes losses to users, Party B shall bear part or all of the responsibilities, unless Party B can prove that there is no fault.
1.2 XXXX鼓励乙方自愿的通过国家或者行业认证和测评,包括但不限于:等级保护测评、GDPR认证、SOC2认证、渗透测试报告等;
1.8 XXXX encourages Party B to voluntarily pass national or industrial certification and assessment, including but not limited to: grade protection assessment, GDPR certification, SOC2 certification, and penetration test report, etc.;
1.3 乙方需要有安全责任人履行下列职责:
1.9 Party B needs to designate persons in charge of security to perform the following duties:
-组织制定数据安全保护计划并督促落实;
- Organize the formulation of data security protection plan and supervise its implementation;
-组织开展数据安全风险评估,督促整改安全隐患;
- Organize and carry out data security risk assessment, as well as supervise and urge the rectification of potential security risks;
-在发生数据安全事件时,积极与XXXX方配合进行应急响应及事件处置。
- Actively cooperate with XXXX in emergency response and incident handling in case of data security incidents.
1.4 乙方从XXXX调取的数据,务必要保证数据的保密性,任何情况下,未经XXXX公司的书面确认,不得将XXXX数据以任何形式输出给第三方;
1.10 Party B shall ensure the confidentiality of the data obtained from XXXX and shall not deliver such data to any third party in any form without written confirmation by XXXX Company under any circumstances;
专业英语翻译公司推荐介绍:
玖九翻译公司从创立至今,对英语翻译售后服务的重视程度与日俱增,采取的是纯粹的手工翻译方式,我们将严格按照行业规范和合同要求提供翻译服务,在项目成功后,我们会一直与客户保持良好的关系,如果您认为我们的译文质量不合格,请及时反馈,我们可以免费进行改进和完善,并且在项目结束后,我们会根据需要开具收据或者发票,客户有什么问题可以随时和我们沟通。
我们作为国内知名专业英语翻译公司之一,始终秉承"立信求是、精益求精"的企业精神,坚持"诚信服务、顾客至上"的经营理念,我们专业的翻译团队和多年的翻译经验,赢得了众多客户的好评。已为多家世界500强企业提供翻译服务。凭借着自身积累的资源,我们组成了一个较为完备的英语翻译人才项目组,译员大多都具有8年以上的行业专业翻译经验,并且均由有着资深行业背景知识和行业翻译经验,对行业有着比较深刻的理解,掌握着大量的最前沿的行业术语。
本公司是一家经过工商行政管理局注册的具有涉外翻译资格的优秀英语翻译公司,并配备了一支专业的人力翻译队伍,本司英语翻译专业译员在英语方面均有5年以上的工作经验。英语翻译译员均经专业培训,其中大部分为海外学习或国外工作经验,具备较强的英语翻译技能。我司英语翻译团队的成员对行业发展、专业术语等有着深刻的理解,凭借着严谨的质量控制体系、规范化的操作程序、独特的审稿标准,我们已经为许多著名的公司和机构提供了优质的英语翻译服务。
如果您有翻译方面的需求,欢迎致电专业翻译公司玖九翻译中心热线:0731-86240899或者微信咨询(QQ/微信同号:747700212),我们玖九翻译中心将竭诚为您服务。