1. Purpose:

SEKISUI KASEI CO., LTD (“Company”) aims to become a company in which its stakeholders can place trust. For that purpose, the Company needs to appropriately protect all information assets that the company possesses and prevent any issues related to information security from occurring. To achieve this, we have developed a policy regarding the security of information that the Company holds to be implemented at all Group companies.

2. Purpose of Ensuring Information Security:

The most important reason for the Company to ensure information security is to protect information assets that the Company holds from the risk of accidents, crimes and errors. In addition to these direct benefits, ensuring information security can also produce indirect benefits such as enabling sound and safe operations, facilitating understanding of the importance of information assets and helping develop effective procedures.

3. Basic Principles:

All managing and non-managing members of the Company who handle information assets must comply with the following principles:

1. 1) Handling of Information Assets:

   Information assets handled by the Company must be handled appropriately according to the rules regarding information security set out by the Company.

2. 2) Response to Security Incidents:

   In case of security incidents, employees must report the occurrence, severity and location of such incident immediately. Each incident must be analysed to reduce the chance of recurrence.

3. 3) Business Continuity Management:

   All employees must endeavour to ensure the continuity of business operations, by minimizing the chance of business interruption due to security incidents and disasters.

4. 4) Security Education:

   The Company shall offer regular learning opportunities through the provision of handbooks and e-learning materials.

5. 5) Compliance with Laws and Contractual Terms:

   We shall comply with laws and contractual terms regarding information security.