Information Security Policy

Japan Create Group Co., Ltd. and its group companies (hereinafter “the Group”) recognize that protecting the information assets handled in our business activities from all threats—such as cyber-attacks, system failures, and unauthorized access—and ensuring continuous and stable business operations constitute our social responsibility.

To promote measures that cover the entire supply chain in addition to close collaboration among group companies, the Group has established the following Information Security Policy and will implement it on an ongoing basis.

1. 情報セキュリティ推進体制の強化

   We will clarify roles and responsibilities related to information security and establish a framework that enables swift decision-making across the Group. Each group company will appoint an Information Security Manager to enhance cross-group information sharing and cooperation.

2. Management and Protection of Information Assets

   For all information assets held by the Group (customer information, technical information, personal information, etc.), we will implement appropriate access controls according to their importance and take technical safety measures for cloud and remote-work environments.

3. Compliance with Laws, Regulations, and Contracts

   We will comply with laws, governmental guidelines, other norms related to information security, and confidentiality obligations under contracts with customers.

4. Education and Awareness Activities

   We will regularly and continuously provide education and awareness activities on information security to all officers and employees, share knowledge of the latest threats, and raise security awareness throughout the organization.

5. Ensuring Supply-Chain Security

   We will require our business partners and external contractors to maintain security levels equivalent to those of the Group and cooperate to ensure safety.

6. Incident Response and Business Continuity

   To minimize business interruptions caused by cyber-attacks, natural disasters, etc., we will establish a Business Continuity Plan (BCP) that emphasizes rapid recovery (resilience). In the event of information leakage or a major accident, we will strive to prevent further damage and promptly report to and disclose information to the relevant authorities.

7. Continuous Improvement

   To respond flexibly to environmental changes such as technological advances, social conditions, and new threats, the Group will regularly evaluate and review its information-security status and implement continuous improvements.

Established: January 4, 2022
Revised: April 1, 2026
JAPAN CREATE GROUP, LTD.
Representative Director & Chairman　五十嵐 庸公（Nobumasa Igarashi）