BASIC INFORMATION POLICY

1.Purpose of information security
We believe that proper handling and protection of information assets is a corporate social responsibility. Therefore, in view of the importance of information security, we aim to manage and operate information security by preventing loss, theft, misuse, tampering and leakage of all information assets involved in business, .

2. Definition of Information Security
Information security is defined as maintaining the confidentiality, integrity, and availability of information assets.

(1) Information assets are information owned by customers and our company. The range of information includes not only software existing in the information system, electronic equipment which is hardware, electronic media, media, but also all forms of voice, text, image and video.
(2) Confidentiality of an information asset is that only an information asset authorized to refer to can be referred to, and those without the authority to inquire can not be referred to.
(3) Integrity of information assets is to maintain accurate and complete information assets.
(4) The availability of information assets is to be used in a manner prescribed when information assets are necessary, maintaining authenticity, reliability, and trace of use.

3. Scope of application Applies to all businesses in our company and all officers, employees and partner companies engaged in it.

4. Organizational structure of information security We establish an organizational structure to realize information security.
(1) The Information Security Committee will be established as the top decision-making body on information security issues. The chairman of the Information Security Committee will be in charge of this by an officer or an executive officer.
(2) Establish a management system for information security, and establish a person responsible for information security supervising the introduction, operation, monitoring, review, and improvement. The Information Security Committee will appoint this information security chief.
(3) In order to properly manage and operate information security for each department, we set up information security officers for each department. The information security officer is appointed by the information security supervisor and the information security committee appoints it.
(4) The information security auditor is set up as a person responsible for monitoring that information security is properly realized, managed and operated, and reviews are being carried out when improvement is necessary. The Information Security Committee will appoint this information security auditor.

5. Operation management of information security In order to maintain proper operation management of information security, we operate and manage information assets as follows.
(1) The authority for information assets is granted only necessary for those who are necessary for business.
(2) Information assets are managed reasonably and properly according to laws and contracts.
3) We will continuously monitor the proper management of information assets.
(4) All officers, employees and cooperating company employees of the Company shall regularly take information security education.
(5) In the event of an accident related to information security, and in the event of encountering a threat with the possibility of accident, we will work to promptly deal with it and maintain the continuity of the project, analyze the situation and cause We will take measures to prevent recurrence as necessary.

6. Protection of Personal Information In order to properly handle and protect personal information, we operate and manage personal information as follows.
(1) We will acquire, use and provide personal information only to the extent and period necessary for business purposes, employment of employees, personnel management and the use of the specified work.
(2) For personal information, we will take reasonable safety measures and maintain and improve continuously in accordance with laws and guidelines and norms of relevant ministries and agencies.
(3) We respond promptly and sincerely to requests for complaints, corrections, disclosure, etc concerning personal information.

7. Known information This policy will be thoroughly disseminated to all officers, employees and employeesof cooperating companies. In the event of breach of this policy and information security related provisions, disciplinary action shall be applied in accordance with work rules or contracts.

8. Maintenance The Company reviews and maintains the Information Security Policy Statement every year or as necessary.

Shibuya Head Office
1208 BPR Residence Shibuya, 3-13-5 Shibuya, Shibuya-ku, Tokyo
TEL: +81 3-6417-4453 / FAX: +81-3-6417-4453

Meguro Office
3F Taishan-do Building 1-2-21 Meguro, Meguro-ku, Tokyo
TEL: +81-3-6417-4453 / FAX: +81-3-6417-4453