Information Security Policy

Envalith Inc. (hereinafter, "the Company") is committed to protecting its information assets, as well as those entrusted to us by our customers, from threats such as accidents, disasters, and crime. To honor the trust placed in us by our customers and society, the Company is committed to information security on a company-wide basis, in accordance with the following policy.

Last Established: December 1, 2025

1. Management Responsibility

Under the leadership of management, the Company will work to improve and enhance information security in a systematic and continuous manner.

2. Internal Governance Framework

The Company will establish a dedicated organization to maintain and improve information security, and will formalize information security measures as official internal regulations.

3. Employee Commitment

Every employee of the Company will acquire the knowledge and skills required for information security, thereby ensuring a robust commitment to its practice.

4. Compliance with Laws, Regulations, and Contractual Requirements

The Company will comply with all laws, regulations, standards, and contractual obligations related to information security, and will meet the expectations of our customers.

5. Response to Violations and Incidents

In the event of a violation of laws or contracts, or any incident related to information security, the Company will respond appropriately and take measures to prevent recurrence.

---

Envalith, Inc.
Koichi Kawai, Representative Director