EXIDEA Inc. (hereinafter referred to as “our company”), including its officers and employees (full-time employees, contract employees, temporary employees, part-timers, casual employees, interns, and other persons of similar status; hereinafter collectively referred to as “officers and employees”),All of us who handle information assets recognize the importance of protecting our information assets, including information entrusted to us by our customers and business partners, and in order to ensure and improve the confidentiality, integrity, and availability of information assets, we hereby establish and declare that we will put into practice this Basic Policy on Information Security (hereinafter referred to as “this Basic Policy”).

1. Management Responsibility The Company will strive to improve and enhance information security in a systematic and continuous manner under the leadership of management.
2. Scope This basic policy applies to all information assets (including personal information; the same applies below) related to our organization and business.
3. Compliance with Laws and Regulations We will comply with all laws and regulations related to information security, as well as national guidelines and separately established related regulations and contractual security matters.
4. Establishment and Compliance with Regulations, etc. In order to protect and properly manage information assets, the Company will establish regulations and standards, etc. regarding information security, ensure that all employees are aware of them, and comply with them appropriately.
5. Establishment of an information security management system In order to protect and properly manage information assets, the Company will establish an information security management system and an emergency response system for security incidents, appoint a person in charge of information security, and build an information security promotion system.
6. Management of Information Assets We will take appropriate physical, organizational, technical and personnel measures to prevent unauthorized access to, leakage, falsification, loss, destruction and interference with use of, etc., of information assets, and will manage such assets safely and appropriately.
7. Education and Training Based on this basic policy, the Company will regularly provide all officers and employees with the necessary education and training to ensure that they are aware of the importance of information security and that they properly manage and operate information assets.
8. Periodic Audits, Reviews, and Continuous Improvements The Company will regularly conduct internal audits regarding information security and take appropriate corrective measures as necessary. In addition, the Company will review its information security management system and the status of implementation of measures from time to time in response to changes in social conditions and the business environment, changes in management policies and business operations, or changes in laws and regulations, etc., and strive for continuous improvement.
9. Response to Accidents and Prevention of Recurrence In the unlikely event that an information security incident occurs, the Company will respond promptly, endeavor to minimize the damage, and take measures to prevent recurrence.

Established on February 1, 2021
EXIDEA Inc.
Representative Director Takuma Ogawa