Commitments on Cyber Security INTERNAL Commitments on Cyber Security In order to effectively provide the related services, I personally make a solemn promise as follows: 1. Comply with all applicable laws and regulations concerning the protection of personal data, privacy, and freedom of communication and secure network operation. Strictly comply with the Customer's instructions and relevant terms and conditions under the agreement in processing or transferring personal data and in other related business. 2. Follow the rules and regulations of the Customer and be subject to the management of the Customer. Never attack or destroy the Customer's network nor crack the Customer's user name or password. 3. Comply with the Customer's requirements on user name management, and never share my user name and password with others, nor log in to a system by using others' user names or an unauthorized user name. 4. Never implant any malicious code, malicious software, or backdoor in the equipment or systems of the Customer, nor secretly reserve any unpublished interface or account in the equipment or systems. 5. Never access the Customer's network by using any personal portable devices or storage media without written authorization from the Customer. 6. Never access the Customer's system, nor collect, hold, process, or change any data or information in the Customer's network without written authorization from the Customer. 7. Never leak or broadcast data or information in the network of the Customer. Be obligated to keep strictly confidential information or data received during the service period until the related information or data is legally disclosed. 8. Never retain or use the administrator account or other unauthorized accounts after the system is in commercial use or has transferred to the maintenance phase. 9. Never use the information or data in the Customer's system for personal interests or for illegal purposes. 10. Never run illegal software on the Customer's network. Use only the software versions, patches, and licenses from the Customer's official channels. 11. Never carry out any operations beyond the approval of the Customer. 12. Never voluntarily implant any malicious code, malicious software, or backdoor in the equipment or systems of the Customer, nor secretly reserve any unpublished interface or account in the equipment or systems. If I breach the foregoing commitments, I will assume the legal responsibility and accept the disciplinary actions taken by the Company in accordance with relevant provisions. Attached: Basic Information of the Promisee Name Gender Address ID Card No. Postcode Promised By (signature): Date: 2015-6-18 Retention duration: permanent HUAWEI Confidential Page 1 of 1