Toast Farm LLC (hereinafter referred to as "our company") recognizes the importance of information security in corporate activities, and has established and will comply with this policy in order to protect the information assets it holds from threats such as accidents, crimes, and negligence (hereinafter referred to as "security incidents") and to use them in a healthy and safe manner.

1. Scope

(1) The scope of application of this policy includes our information assets and related

This includes all human, physical and environmental resources related to the project.

(2) This policy applies to employees and other parties involved in the management of our information assets.

This applies to all users of the above.

(3) When outsourcing our business within the scope of this policy to a third party, we will comply with the

Based on a contract that clearly defines the measures to be taken and the responsibilities in the event of a security incident

The Company will entrust such information to third parties only when necessary.

2. Establishment of information security system and internal regulations

(1) We will establish an appropriate information security system and

We will work to maintain and improve our security, as well as prevent security incidents.

It also puts in place a response and recovery structure.

(2) The Company will establish internal regulations based on this policy, and the applicable persons are as follows:

In accordance with this, we will handle information assets appropriately.

3. Protection of information assets and response to accidents

(1) We will maintain the confidentiality, integrity, and confidentiality of all information assets in our possession.

Recognize and understand the importance of each aspect of availability,

This will be properly protected.

(2) The Company may, upon notice of the occurrence or possibility of a security incident,

If we become aware of such a problem, we will take prompt action to prevent the occurrence or spread of damage.

I will try to recover.

4. Information security education

The Company aims to disseminate and improve knowledge about information security.

We will continue to provide educational activities to employees, etc.　

5. Compliance with laws, regulations and rules

We will comply with laws, regulations and other standards related to information security.

6. Review and Improvement

The Company will take measures to protect information security from the social and technological advances.

In order to respond to changes, this policy and the systems and internal regulations based on it

will be regularly reviewed and improved.

Effective from March 1, 2024