Information Security Policy
情報セキュリティ方針

Yaraku Co., Ltd. (hereinafter referred to as “the company”) conducts business based on the philosophy of “enjoying global communication”.
The Information assets handled by the company, such as customer information, are extremely important to us as the foundation of our business.
To guard against the risk of leakage, damage, loss, etc., we recognize the importance of protecting information assests and all personnel who handle information assests, including officers of the company and any personnel responsible for information protection, must comply with the following policy to maintain the confidentiality, integrity, availability, and other aspects of information security of information assets.

1. In order to protect information assets, we will formulate an information security policy and related regulations; and conduct business in accordance with this policy, as well as comply with legislaion, regulations, and other norms related to information security, as well as contractually-agreed terms with customers.
2. We will determine the criteria for analyzing and evaluating risks such as leakage, damage, and loss of information assets, establish systematic risk assessment methods, and carry out risk assessments on a regular basis. Based on the results, we will implement necessary and appropriate security measures.
3. We will establish an information security system centered on the officer in charge and clarify authority and responsibility for information security. In addition, all employees will be made aware of the importance of information security with regular education, training and development provided to ensure the proper handling of information assets.
4. We will regularly inspect and audit the status of compliance with the information security policy and the handling of information assets, and promptly take corrective action for any deficiencies that are discovered or make improvements based on the inspection.
5. In addition to taking appropriate measures against the occurrence of information security events and incidents, we will establish response procedures and protocols in advance such that in the unlikely event that an incident occurs, the damage will be minimized and all appropriate parties are notified as we respond and take appropriate corrective action. In addition, particularly for incidents related to business or service interruption, we will ensure business continuity by establishing a management framework and periodically reviewing it.
6. We will establish and implement an information security management system with goals to realize our basic philosophy, while continuously reviewing and improving it.

Established September 30, 2022
Yaraku Inc.
Chief Executive Officer: Sakanishi Suguru