Information Security Policy

Based on our management philosophy and quality policy, we establish the following information security policy.

1. Compliance
We comply with relevant laws and regulations, including the Act on the Protection of Personal Information, the Unfair Competition Prevention Act, and the Copyright Act. We also appropriately engage in information security management based on requests from business partners and other stakeholders.

2. Information Security Management
We securely manage important information, including customers' confidential information and personal information, to prevent leakage, loss, damage, and unauthorized use. Information related to business operations will not be disclosed beyond the prescribed scope, even among employees. In the event of a violation, disciplinary action stipulated in the work rules will be applied. We also ensure appropriate consideration of information security when outsourcing operations.

3. Continuous Improvement of the Information Security Management System
Through information security activities based on the PDCA cycle, we maintain the level we have achieved and continuously implement improvements. We communicate the information security policy to everyone, from executives to employees, and cultivate the necessary knowledge and judgment through daily operations, education, and training.

4. Response to External and Internal Environmental Changes
We conduct risk assessments in response to changes in business activity domains, information assets handled, information and communication technologies, and other factors, and review our information security management framework accordingly.

December 1, 2015
Sola Inc.
Keisuke Yoshimura, President and Representative Director