Skip to content

GOVERNANCE

Privacy and Data Protection

Masteel continue to report that we received no complaints or reports regarding data breaches or leakage of employee and customer information in FY2024. This reflects our unwavering commitment to safeguarding data privacy and cybersecurity, ensuring full compliance with regulatory frameworks, and reinforcing stakeholder trust.

We have implemented a comprehensive Personal Data Protection Policy in recognising that cyber threats and data breaches pose significant risks to business continuity and operational resilience. This policy outlines the types of employee data collected, the permissible usage within Masteel’s operations, and the rights of employees to address concerns regarding their personal data. To ensure accessibility, this policy is integrated into the Employee Handbook, available in various main languages.

Furthermore, our Information Technology (“IT”) Policy serves as a critical pillar in managing the Group’s IT systems securely. This policy includes stringent cybersecurity protocols, such as:

  1. Enforcing strong access controls to prevent unauthorised access.
  2. Implementing mandatory lock screens and password protection on company devices.
  3. Deploying antivirus software and conducting regular security audits.
  4. Ensuring proper data storage and backup management to mitigate the risks of cyber threats.

Data Security and Backup Protocols

We at Masteel carefully balances the adoption of cloud technology with data confidentiality and integrity by conducting regular system assessments and security updates. To prevent data loss, the Information Technology Policy mandates:

 

a. Weekly data backups by Department Managers to external hard disks.

b. Storage of backup media in designated secure locations, separate from employees’ workstations.
c. Clear labelling of storage devices with the statement: “Property of Masteel” to prevent unauthorised access or removal.
d. Controlled access to external storage media, ensuring that no device is removed without proper authorisation.

 

These measures are designed to maintain operational resilience, reduce downtime, and safeguard productivity in the face of cybersecurity threats. By integrating robust cybersecurity governance with scenario planning and response strategies, Masteel remains committed to upholding industry best practices and enhancing our sustainability resilience.