Information Security Policy

AINNA Co., Ltd. (hereinafter referred to as the "Company") recognizes the importance of information assets handled in the "notreu" series and other services provided by the Company, and considers the appropriate protection of such assets to be a social responsibility.

The Company is committed to ensuring and improving information security based on the following policies.

1. Purpose

This Policy aims to protect the information assets held or handled by the Company from threats such as unauthorized access, leakage, tampering, loss, and destruction, and to meet the trust of our customers and stakeholders.

2. Scope of Application

This Policy applies to all parties who handle the Company's information assets, including officers, employees, and contractors.

3. Protection of Information Assets

The Company appropriately manages and protects the following information assets.

  • Data provided by customers (website information, PDFs, documents, etc.)
  • Technical and operational information related to service operations
  • Personal information and equivalent information

4. Access Control and Authorization

The Company limits access to information assets to the minimum necessary for business purposes, and implements appropriate authentication and authorization.

Additionally, the granting, modification, and revocation of access privileges are reviewed on a regular basis.

5. Use of External Services and Cloud Services

The Company may use cloud services and external vendors in the provision of its services.

In such cases, appropriate management and oversight are exercised with due consideration to information security standards.

6. Incident Response

In the event of an information security incident or violation, the Company shall promptly investigate the facts and work to prevent the spread of damage and recurrence.

Reports and notifications to relevant parties will be made as necessary.

7. Education and Awareness

The Company continuously conducts appropriate education and awareness activities for its officers and employees to promote the importance of information security.

8. Continuous Improvement

The Company continuously reviews and improves its information security systems and measures in light of social demands and technological trends.

9. Management Officer

The management officer responsible for this Policy is the Representative Director of the Company.

10. Revisions

This Policy may be reviewed and revised without prior notice as necessary.

Established on December 9, 2025 AINNA Co., Ltd. Representative Director: Kengo Ishii