I. Information Security Policy

We recognize the importance of asset information, including personal information, establish the ISMS, wich stands for Information Security Management System, to defend the electronic information system and the information property that we treat against any and all threats, take appropriate human, organized and technical measures and aims at the improvement of enough provision under the following agendas.

1. We observe the law and the restriction concerning the information security and also observe the contract with the customer.
2. We clarify the locus of responsibility and the system of the information property.
3. We evaluate the security risk of the information property, and promote effective security countermeasures in consideration of the result.
4. We examine and execute the measure of the information security from viewpoints of the equipment function, the technology, the operation and maintenance control, the organizational structure, the education, and the legal system and so on.
5. Considering the technological improvement, the business and so on, we review the measure of the information security regularly and whenever needed.
6. We aim to raise the employees' awareness of the information security, publicize it as best we can by continuous education, edification and so on and provide thorough instruction in the security measure.
7. We try to investigate the cause promptly when any of the problems on security occur in the information property, and to stop the damage to the minimum.

II. Information Security Measures

1. Network
   We set up "Network Management Regulation", "E-mail Management Regulation" and "Antivirus Rules" internally, build firewalls and adopt antivirus software to block virus invasion, attack from the network and so on and actually comply with those regulations faithfully.
2. Computer Use
   We set up "Guidlines for Computer Use" and "Hardware Management Regulation" internally, set the rules of usage and method of custody and take measures to prevent from unauthorized access, property loss and so on.
3. Confidential Business Information
   We manage the business confidential document as customer belongings, settle "Customer Property Control Policy" internally, protect the customer property against divulgation, loss, crash etc. and cut them if they need to be destructed. We never lodge customer confidential unless the customer agrees beforehand.

III. Management Structure

We settle the ISMS management representative for the management of the information security. The examination of the information security technology is promoted by "System management room".

IV. Education / edification

We settle "Information Security Education Traning Policy" and "Information Security Traning Program" internally and keep the employees informed about information security measures and policies. We explain the content of the law, the restriction and the requests from the customer to the employee at sectional conferences and keep them informed.

V. Inquiry

1. If you have any questions about the privacy policy, please contact the following division;
   TSP Co., Ltd. ISO Implement Division
2. This policy and compliance programs are improved when the related laws or environment is changed. They are also reviewed, conducted and improved regularly or as needed.