Security Policy

Atrae, Inc. (hereinafter referred to as 'our company') has been developing its business mainly in the area of People Tech based on the vision of 'creating a company that attracts people from all over the world'. In order to realize this vision and to operate our organization and business, we recognize that carefully handling the various information assets we possess in order to protect them from all kinds of threats is an important management issue that all executives and employees must address together. Therefore, we have established the 'Basic Policy on Information Security' and will comply with and promote it.

1. Organizational Structure

   When acquiring personal information, we will specify the purpose of use to the greatest extent possible and acquire personal information only to the extent necessary to achieve that purpose. Necessary measures will be taken to achieve this.

2. Compliance with Laws and Regulations

   We will comply with laws, regulations, and guidelines related to information security.

3. Protection of Information Assets

   In order to protect all of our information assets from various threats, we will recognize the importance of confidentiality, integrity, and availability, conduct risk assessments, and strive to protect our information assets appropriately.

4. Response to Information Security Incidents

   We shall strive to prevent the occurrence of information security incidents, and in the event that an information security incident should occur, we shall take prompt and appropriate action, including measures to prevent recurrence, rather than simply taking temporary measures.

5. Implementation of Education and Training

   We will provide all directors and employees with the necessary education and training on information security to ensure that they are aware of the importance of handling information assets appropriately, and to improve their literacy and familiarize them with the relevant regulations.

6. Implementation of Continuous Improvement

   We will implement continuous improvement of information security management by periodically evaluating and reviewing the above efforts.