INFORMATION SECURITY POLICY

SB Intuitions Corp. (the “Company”) has formulated an “Information Security Policy” to ensure it consistently has the trust of society, including customers, by taking drastic and sophisticated measures against risk of information leaks.
We will work to maintain information security by complying with this “Information Security Policy” as well as the separate “Personal Information Protection Policy” to protect our information assets against various threats, and take appropriate measures.

Implementation of the Information Security Policy

1. Establishment of an information security management system: Establish an extremely secure information security management system to ensure the Company consistently earns the trust of society, by working to protect all information assets held by the Company and complying with information security-related laws and regulations and other rules.
2. Establishment of internal rules for information security: Establish internal rules based on the Information Security Policy and clearly communicate our policy for not just personal information but for all information assets that we handle, as well as extensively inform internally and externally our tough stance toward information leaks and the like.
3. Development/expansion of an audit system: Develop a system for conducting internal audits of compliance with Information Security Policy as well as regulations and rules, etc. Additionally, we will make efforts to continue external audits to obtain more objective evaluations. The Company will prove that all of its employees, etc. comply with the security policy by systematically conducting these audits.
4. Realization of an extensive system for information security measures: Realize a system that reflects extensive countermeasures against unauthorized access to information assets, leaks, modification, loss, destruction or hindered use of the information assets.
5. Enhanced information security literacy: Ensure that employees, etc. are given full security education/training and that all people engaged in information assets perform activities with information security literacy. In addition, we will continue providing employees with education/training to cope with ever-changing circumstances.
6. Strengthened management structure for outsourcers: Request outsourcers to keep a security level that is the same or more than that of the Company's and fully examine their eligibility as outsourcers when signing outsourcing contracts. In addition, we intend to continuously review outsourcers and strengthen contracts with the intent to continuously confirm that security levels are appropriately maintained.