Basic Policy on Information Security

Leopalace21 Corporation and its group companies (hereinafter the "Group") positions all information assets they own as important assets essential for business management. The Group has formulated its basic policy on information security, which consists of the following five items, in its efforts to operate the information assets under strict control.

1. Principle

The Group will take appropriate measures to ensure that its information assets related to all of its business activities are protected from hacking, leakage, alteration, destruction, unauthorized use, and interference with use. The Group will also immediately take appropriate remedial actions when necessary.

2. Operation System

To smoothly and appropriately promote the basic policy, the Group will establish an operation system with a clearly defined scope of the organization and responsibilities. The Group will thus strive to take measures for information security protection as an organization.

3. Training

The Group will train all parties who contact its information assets so that they will understand this policy and the importance of information security. The Group will thus ensure that they will use the information assets appropriately.

4. Compliance with Laws, Regulations, and Other Rules

Based on its understanding of this basic policy, the Group will comply with provisions of laws, regulations, and other rules concerning information assets and ensure effective implementation of information security measures, thereby fulfilling its responsibility to society.

5. Maintenance and Improvement

To achieve this basic policy, the Group will strive to ensure information security by understanding and recognizing related rules. At the same time, the Group will conduct regular compliance audits and implement whatever improvements found necessary.