Tokyu Agency shall secure information by implementing operations as follows:

• （1）Establishing, maintaining and operating an organization and systems dedicated to information security management under the direction of the Information Security Committee headed by the Information Security Supervisor and presided over by the President
• （2）Stipulating rules of appropriate and proper information security, and reviewing the rules periodically to introduce more appropriate information security
• （3）Ensuring that all personnel dealing with information or information systems comply with the rules governing information security, including laws and Company regulations as well as contractual obligations with business partners, and that employees employing Company-owned information or processing information with information systems shall ensure the appropriateness, safety and effectiveness of the information and information systems
• （4）Requesting the cooperation of the Company’s business partners or affiliated companies in ensuring information security
• （5）Creating a plan to respond to system failures or disasters that enables precise implementation of risk management measures to maintain information security
• （6）Continually conducting education to all personnel to raise awareness of information security
• （7）Establishing and operating an inquiry counter to answer questions concerning information security management from parties inside and outside the Company in order to contribute to more appropriate management of information security
• （8）Conducting audits of information security to ensure the appropriateness and propriety of management and operations with respect to information security