INFORMATION SECURITY POLICY

1. Purpose

The Company prioritizes the protection of information assets and aims to build trust with customers and employees through ensuring information security.

2. Scope

This policy extends beyond the Company's internal operations to include a wide range of initiatives involving affiliated companies and partner companies. We aim for all relevant parties to work together to ensure information security.

3. Legal Compliance

The Company complies with laws and regulations related to information security and ensures compliance. We regularly review and implement measures to prevent legal violations.

4. Basic Principles of Information Security

• Confidentiality: Ensure information is accessible only to authorized individuals.
• Integrity: Guarantee the accuracy and completeness of information.
• Availability: Ensure information is accessible when needed.

5. Incident Response

The Company implements measures for prevention, response, and recurrence prevention of information security incidents. In the event of an incident, we will respond promptly and implement appropriate procedures to minimize impact.

6. Management System

The Company establishes and continuously improves an ISMS (Information Security Management System). We ensure proper operation of the ISMS and evaluate the effectiveness of information security measures through regular audits and reviews.

7. Education and Awareness

We conduct regular information security education for all employees and related parties to raise security awareness.

8. Monitoring and Review

We regularly monitor the effectiveness of information security measures and review the policy as necessary. Through internal audits, we confirm the operational status of the ISMS and strive for continuous improvement.