Tuya Passed SOC 2 Audit

Tuya Smart announced that it has passed the independent evaluation by Ernst & Young and officially passed the SOC 2 Type II service audit to protect users' network security and privacy.SOC 2 is an audit program used to ensure that service providers manage data securely and protect the interests of the company and the privacy of its customers.For customers who pay attention to corporate security,SOC 2 compliance can give companies peace of mind when considering SaaS vendors.

Information security and privacy management are important topics that all companies are paying attention to,especially those using third-party vendors in key business operations such as SaaS and cloud computing.Once the application and network security provider's data is handled improperly,the enterprise will be vulnerable to various attacks, such as data theft, extortion, and malware installation.Tuya Smart is always committed to protecting device security and data privacy.The passage of the SOC 2 audit will be based on the data security standards and privacy regulations that Tuya Smart has passed (such as GDPR and CCPA Privacy Protection Act,ISO certification,continuous improvement after third-party penetration testing,and security vulnerability bounty program).Give customers extra guarantees.

SOC 2 was founded by the American Institute of Certified Public Accountants (AICPA) and defines the management standards for customer data based on the principle of trust service.In order to achieve uniform audit requirements,the following specific trust service principles need to be met:

Security:The system has appropriate control measures to prevent unauthorized access (including physical and logical levels).

Availability:According to the promise or agreement, the system is available for normal operation and use.

Confidentiality:Information designated as "confidential" by users is strictly protected.

Privacy:Collect,use,retain and disclose personal information in accordance with the privacy statements and principles formulated by the American Institute of Certified Public Accountants (AICPA) and the Canadian Institute of Chartered Accountants (CICA).

Tuya Smart has realized the comprehensive verification of the SOC 2 Type II service audit report,and proved the security of its system infrastructure and data operations to ensure the security of customer sensitive data.When using cloud services and related IT services,high-quality service quality and reliability are absolutely necessary, and the requirements of regulatory agencies,review agencies, and auditors will become higher and higher in the future.