Information Security Policy
QunaSys Inc.
CEO: Tennin Yan
1. Basic Policy
QunaSys Inc. (hereafter, "the Company") recognizes its social mission to accurately and securely handle and protect the information assets of its customers and the Company's own information assets from various threats. To uphold this, the Company has established information systems and related information security rules and regulations. Based on the following policy, the entire company is committed to maintaining and improving information security.
2. Organizational Initiatives for Ensuring and Maintaining Information Security
To ensure and maintain information security, the Company appoints an information security management officer, establishes internal regulations, and develops an internal audit system to periodically verify compliance.
3. Business Continuity Management
The Company protects information assets from accidental threats such as disasters, malfunctions, or negligence, as well as intentional threats, thereby ensuring business continuity.
4. Awareness and Thoroughness
The Company regularly educates its officers and employees (including part-timers) on information security to ensure they understand and adhere to the policy and internal regulations. This ensures that everyone involved with the Company's information assets performs their duties with strong information security literacy.
5. Compliance with Laws and Contractual Requirements
The Company complies with all laws, regulations, standards, and contractual obligations related to information security, and strives to meet customer expectations.
6. Penalties
Officers and employees (including part-timers) who commit violations, such as information leakage, will be strictly punished in accordance with the Company's employment regulations and other relevant rules.
7. Review and Revision
The Company will strive to ensure up-to-date information security by taking appropriate measures as needed, based on changes in the management environment and audit results.
Revised: June 1, 2025