Information Security Policy

Declaration

Ubiquitous AI Corporation (hereinafter referred to as "the Company") regards the information assets and information systems it handles in the course of its business -- including customer information -- as being of the utmost importance. The Company is committed to protecting these assets from threats such as cyberattacks, while delivering secure products and services that create the value of safety and peace of mind, thereby contributing to the realization of a sustainable society.

All officers and employees of the Company, recognizing the critical importance of protecting information assets and providing secure products and services to meet the trust placed in us by our customers, hereby declare our commitment to implementing cybersecurity measures to protect and operate these assets against all threats, ensuring safety and reliability in information security, and building and maintaining an appropriate information security management framework -- in accordance with this Information Security Policy.

Definition of Information Security

Information security means protecting the information assets handled by the Company from current and anticipated threats to their confidentiality, integrity, and availability. It encompasses the implementation of necessary measures to prevent unauthorized disclosure, loss, or destruction of information assets, to ensure their safe management, and to apply cybersecurity measures necessary to ensure the security and reliability of information systems and information and communications networks -- while maintaining these measures in an appropriate and ongoing manner.

From a cybersecurity perspective, information security additionally encompasses cybersecurity measures applied to the Company's own information assets, as well as actions taken to continuously maintain and deliver secure products and services -- including responses to vulnerabilities discovered in products and services and measures to address security incidents arising from such vulnerabilities.

Policy Principles

1. Scope of Application

This Policy applies to all information assets, information systems, and the personnel who handle them across all organizations and business activities of the Company, as well as to the Company's products, services, and those involved with them.

2. Management Responsibility

Senior management recognizes that ensuring information security is one of the most critical management priorities, and shall allocate the management resources necessary to achieve the goals of this Policy.

3. Establishment of a Governance Structure

To protect and properly manage information assets and information systems, the Company shall establish an information security governance framework and an emergency response structure for information security incidents. A person responsible for information security shall be designated, and an information security promotion structure shall be built.

4. Legal Compliance

The Company shall comply with all applicable laws and regulations, government-issued guidelines, and other norms related to information security.

5. Implementation of Security Measures

The Company shall conduct risk analyses of threats and vulnerabilities affecting information assets and information systems, formulate internal regulations and standards for appropriate information security management and protection, and ensure full compliance with them.

6. Education and Training

The Company shall continuously communicate to all users of information assets and information systems the importance of their appropriate use and management, and implement education, awareness-raising and training on information security based on this Policy, thereby ensuring thorough understanding among such users.

7. Collaboration with External Parties

The Company shall endeavor to engage in information sharing , disclosure and collaboration with external organizations such as IPA (Information-technology Promotion Agency, Japan) and JPCERT/CC, as well as government agencies including regulatory authorities and law enforcement, and business partners.

8. Regular Review and Continuous Improvement

This Policy shall be regularly evaluated, reviewed, and improved in response to changes in management policy, business activities, social developments, technological developments, and revisions of applicable laws and regulations.

Ubiquitous AI Corporation
President & CEO: Yuta Oyoshi