Trust Center

Security Manifesto Principles of IOI
 

Read More

Importance of Privacy at IOI
 
 

Read More

Importance of Security at IOI
 
 

Read More

4 Principles of Data Protection Framework of IOI

Read More
Download Privacy Policy of IOI

Security Manifesto Principles of IOI

  1. Security as a priority consideration for all IOI products and solutions is to inspire confidence among users and partners when we scale across the different industrial sectors.
  2. We see security to be both a challenge and also an opportunity for differentiation and collaboration.
  3. We jointly develop security strategies with users and partners to reduce risk and to facilitate adoption.
  4. We review security requirements thorough the system development lifecycle.
  5. We are focused on lifetime protection of processes.
  6. We develop security features with consideration that human is prone to ‘human error’.
  7. We deliver the technologies and you own the data.
  8. You use the data and we defend it.

IOI is committed to protect and manage administrative, physical, and technical processes to protect the confidentiality, integrity, and availability of non-public personal and corporate information.

Importance of Security at IOI

IOI builds trust with customers and stakeholders by voluntary adopts enterprise-wide data protection practices that are accountable and robust. IOI boosts it’s data protection framework to better protect users’ data especially in new technology areas like IoT, artificial intelligence to cloud computing. 

The IOI Data Protection Framework includes the following 4 key principles:

1. Governance and Transparency

  • Enterprise wide data protection policies for different stakeholders
  • Processes to manage risks, queries and disputes
  • Data breach management plan
  • Appointment of Data Protection Officer at IOI
  • Provision of data protection policies and relevant resources to public
  • Communication of data protection policies and processes to all employees

2. Management of Personal Data

  • Definition of appropriate purposes when collecting personal data
  • Timely notification of purposes of personal data collection
  • Timely securing of consent for personal data
  • Ensuring usage and disclosure of personal data is for the purposes for which consent has been obtained

3. Care of Personal Data

  • Processes to verify that staff execute personal data retention policies
  • Third parties are requested to secure and protect personal data as well
  • Processes to dispose, destroy and/or anonymize personal data when they are no longer legal or relevant for retaining
  • Accurate and thorough personal data usage and disclosure

4. Individuals’ Rights

  • Provision for withdrawal of consent for the collection, usage and disclosure of personal data
  • Allowing individual to access and correct his own personal data upon request