Information Security Policy

Intermestic Inc. (hereinafter referred to as the “Company”) considers ensuring of information security to be the one of the most important issues in the normal and smooth operation of its business activities, and to protect customers’ confidential and personal information and our information assets, we shall establish information security basic guidelines which we shall implement and promote as follows.

The Company shall establish information security management system to ensure appropriate protection and management of information assets.

The Company, to ensure the confidentiality/integrity/availability of information assets, shall strive to manage them appropriately according to the level of importance and risk.

The Company shall establish regulations describing the requirements for ensuring information security, strive to properly manage information assets, and to ensure that ISMS contributes to the management of the Company, information security objectives shall be set and promote activities to achieve such objectives.

The Company shall continuously educate/train executives and employees in charge of information systems on information security in order to raise awareness on information security and ensure the implementation of regulations.

The Company shall comply with laws, other rules and social norms related to information security.

The Company shall continuously improve and enhance our efforts to ensure information security.

The Company shall establish a response system to minimize the impact in the event of information security incident. In an unlikely event of an information security incident, we shall respond promptly and work to prevent recurrence.