Information Security Policy

Kitamura Holdings Co., Ltd. (hereinafter referred to as "KHD") acknowledge that the protection of personal information is an important social responsibility of KHD and strive for the confidentiality, integrity, and availability of information assets by all employees, including executives, and strives to ensure and improve the availability of information assets, and the Company's Information Security Policy (hereinafter referred to as the "Policy"). KHD declare that the entire company will work on information security measures.

1　Scope

Under this Policy, all information assets (including personal information) related to all business activities managed by group companies of KHD (hereinafter referred to as the "Group") is referred to as the "Group") are subject to scope.

2　Compliance

The Group will comply with laws and regulations related to information security, guidelines and guidelines established by the government, and other norms.

3　Management System Establishment

To protect and appropriately manage information assets, the Group shall establish an information security management system and an emergency response system in the event of a security threat. The Group also appoint a person responsible for information security and establish an information security promotion system.

4　Establishment of regulations

To protect and appropriately manage information assets, the Group has established information management regulations and implementation manuals, and thoroughly disseminates them internally.

5　Implementation of Measures

The Group strives to protect information assets and prevent information security incidents by implementing appropriate information security measures according to information assets. In the unlikely event of an accident, the Group will respond promptly, minimize damage, and take measures to prevent recurrence.

6　Implementation of Education and Training

To improve the level of information security for the entire Group, the Group recognize the importance of information security and provide all employees with education and training necessary for the appropriate use and management of information assets.

7　Periodic evaluation and continuous improvement

To maintain information security initiatives and responding to changes in the business environment and social conditions, the Group will continuously improve information security management by regularly evaluating and reviewing the management system and implementation status of measures related to information security.