Aidemy, Inc. (hereinafter referred to as “we”, “our” or “us”) recognizes appropriate management of information as an important management issue, and has established the following security policy to promote protection and appropriate management of information assets.
We shall establish an information management committee in order to protect and appropriately manage all information assets held by ourselves. We shall also establish a system for promptly implementing information security controls by appointing an information management officer for each organization.
In order to prevent incidents such as unauthorized access, and destruction, information leakage and falsification of information assets, we will ensure that an appropriate organization and system for information security is in place, and will implement physical, technical, operational, administrative and personnel controls, as well as incident responses. In addition we will revise these organization, system and controls as necessary technically or socially and will continuously improve the same to adapt to any changes.
We will establish and maintain internal rules on information security and will explain clear policies and rules for protection and appropriate management of information assets to ensure that our internal personnel are fully aware of them.
We will continue to educate and train all of our employees in order to enhance information security literacy and to appropriately manage our information assets.
When we contract out our services to a third party, we will sufficiently examine its eligibility as a service provider and will take necessary measures to ensure an adequate level of security according to nature of the services to be contracted out. In addition, in order to continuously confirm that the security level is maintained appropriately, we will audit the service provider and review the management system.
We will protect and appropriately manage information assets by conducting internal audits on information security regularly or irregularly in order to verify whether or not laws and regulations related to information security as well as our rules and regulations on information security are being complied with and function effectively in the course of performance of duties, and by strictly responding to any violation.
We will continuously improve our information security management system by regularly evaluating and reviewing our commitments above.