SECURITY POLICY

Information Security Policy

AIRS, Inc. (“the Company”) protects its own information assets and the information assets entrusted to it by clients from threats such as accidents, disasters, and crime. To live up to the trust of our clients and society, the entire company works on information security based on the following policy.

1. Management responsibility

The Company strives to improve information security in an organized and continuous manner, led by management.

2. Internal organization

The Company establishes an organization to maintain and improve information security, and defines information security measures as formal internal rules.

3. Employee commitment

The Company’s employees acquire the knowledge and skills required for information security and make our information security efforts solid.

The Company complies with laws, regulations, norms, and contractual obligations related to information security, and meets the expectations of its clients.

5. Response to violations and incidents

In the event of a legal violation, breach of contract, or incident related to information security, the Company responds appropriately and works to prevent recurrence.

6. Risk management

The Company regularly assesses the risks to its information assets and reduces them by implementing appropriate controls.

7. Continuous improvement

The Company regularly reviews the effectiveness of its information security management system (ISMS) and improves it continuously.

8. Awareness

The Company communicates this policy to all employees and provides the necessary education and training.

9. Revision history

2025/08/22: First edition established

Established: August 22, 2025
AIRS, Inc.
Masakuni Kato, CEO