IoT-EX Co., Ltd. (hereinafter referred to as “the Company”) recognizes the appropriate management of information as an important management issue and, in order to ensure that our customers can use our services with peace of mind, we hereby declare our “Information Security Policy” as our policy regarding information security, which we will make public both internally and externally. All employees, officers, and temporary workers of the Company hereby declare that they will comply with this basic policy and the separately listed “Privacy Policy.”
In order to protect and appropriately manage all information assets held by the company, we will establish an Information Security Committee consisting of members of management and assign information management officers to each organization, thereby establishing a system that enables us to promptly implement information security measures.
In order to prevent incidents such as unauthorized access, destruction, information leakage, and tampering related to information assets, we implement security measures from the perspectives of organizational, physical, technical, and human safety management, and make revisions as necessary from a technical and social standpoint to continuously improve and adapt to changes.
Our company has established internal regulations based on this basic policy and the separate privacy policy, and we will thoroughly disseminate clear policies and rules for the appropriate management of information assets within the company.
We will continue to provide information security education and training to all employees and related parties in order to improve their information security literacy and ensure the proper management of our information assets.
When concluding business consignment contracts, we will thoroughly review the eligibility of business consignees and request that they maintain the same level of security as our company. In addition, we will strive to review business consignees and strengthen contracts in order to continuously confirm that their security levels are being maintained appropriately.
In addition to complying with relevant laws and regulations, we will strive to ensure strict compliance with internal regulations and rules, and will take strict measures against any violations to ensure appropriate information management.
In order to verify that laws and regulations related to information security, as well as internal rules and regulations, are being complied with and are functioning effectively in the course of our business operations, we conduct internal information security audits on a regular basis and as necessary.
We will implement continuous improvements in information security by establishing and operating a company-wide information security management system (ISMS).