We believe that ensuring information security is one of the most important issues for the normal and smooth conduct of our business activities. Therefore, we formulate the Information Security Policy as a guideline for protecting customers' confidential information, personal information, and our information assets, and implement and promote it as follows:

1. Establishment and continuous improvement of information security management system

In order to ensure the secure management of information assets, we establish and operate an information security management system, supervise the operation status, and continuously maintain and improve the system.
In order to ensure that the information security management system contributes to corporate management, we set information security targets and promote activities to achieve them.

2. Compliance with legal regulations and contractual requirements

We comply with the laws and regulations concerning information assets, as well as with the requirements of contracts concluded with customers and external stakeholders.

3. Protection of information assets and continuous risk management

We conduct ongoing risk management, identify and evaluate information security risks that may affect our business in handling information assets, implement appropriate measures based on risk acceptance standards, and strive to protect information assets properly.

4. Implementation of educational training

We continuously provide educational training on information security to all the personnel engaged in our business in order to make them aware of the importance of information security and to ensure proper use and management of information assets.

5. Safe operations

In the event of an incident related to information security, we take emergency measures as necessary based on a timely report of the incident to minimize damage, analyze the cause of the incident, and take appropriate measures to prevent any recurrence.

6. Formulation of a business continuity plan

We minimize the impact of disasters and other events on our business activities, formulate a business continuity plan for recovery, and strive to continue our business in the event of an emergency.