Aidemy, Inc. (hereinafter referred to as “we”, “our” or “us”) recognizes appropriate management of information as an important management issue, and has established the following security policy to promote protection and appropriate management of information assets.
Information security management system
Last amended: April 1, 2022
We shall establish an information management committee in order to protect and appropriately manage all information assets held by ourselves. We shall also establish a system for promptly implementing information security controls by appointing an information management officer for each organization.
Implementation of information security controls
In order to prevent incidents such as unauthorized access, and destruction, information leakage and falsification of information assets, we will ensure that an appropriate organization and system for information security is in place, and will implement physical, technical, operational, administrative and personnel controls, as well as incident responses. In addition we will revise these organization, system and controls as necessary technically or socially and will continuously improve the same to adapt to any changes.
Establishment and maintenance of internal rules
We will establish and maintain internal rules on information security and will explain clear policies and rules for protection and appropriate management of information assets to ensure that our internal personnel are fully aware of them.
Provision of education on information security
We will continue to educate and train all of our employees in order to enhance information security literacy and to appropriately manage our information assets.
Implementation of appropriate contractor management
When we contract out our services to a third party, we will sufficiently examine its eligibility as a service provider and will take necessary measures to ensure an adequate level of security according to nature of the services to be contracted out. In addition, in order to continuously confirm that the security level is maintained appropriately, we will audit the service provider and review the management system.
Implementation of internal audit on information security
We will protect and appropriately manage information assets by conducting internal audits on information security regularly or irregularly in order to verify whether or not laws and regulations related to information security as well as our rules and regulations on information security are being complied with and function effectively in the course of performance of duties, and by strictly responding to any violation.
Implementation of continuous improvement
We will continuously improve our information security management system by regularly evaluating and reviewing our commitments above.