INFORMATION SECURITY POLICY | KADOKAWA GROUP GLOBAL PORTAL SITE

Basic Policies on Information Security

As a company that advocates Global Media Mix with Technology as its fundamental strategy, KADOKAWA CORPORATION (the “Company”) aims to protect content created by creators, information, and other assets from various types of threats and to maximize its value.
Based on the above policy, the Company has adopted basic policies on information security with the aim of appropriately managing all important information and assets (personal information, specific personal information, etc.).
For the purpose of further improving and achieving information security and ensuring that customers can make use of services that the Company provides securely and with peace of mind, the Company undertakes the following initiatives to confirm that all officers and employees comply with this fundamental policy.

1. Information security management system

The Company has appointed personnel responsible for information security management and has established a Risk Management Committee under the responsibility of both those personnel and other administrative structures. Based on the above, the Company reviews the company-wide status of information security and proactively takes a range of measures with the aim of building the optimum environment.

2. Establishment of internal regulations regarding information security

The Company has developed information security rules, etc. concerning the management and operation of information assets and complies with the Copyright Act and other laws and regulations concerning information security. The Company will continuously review and endeavor to improve the relevant rules so that they meet service contents and environments.

3. Realization of systems that ensure information security

Information systems that are protected from illegal access to information assets, unauthorized modification, loss, destruction and leakage of information will be built and operated.

4. Education and training

Education and training will be provided to officers and employees with the aim that they execute daily business with a greater understanding of, and interest in, information security.

5. Development of environment for content production under a secure environment

As more content becomes digitized, the Company will proactively verify and introduce technologies that allow content production in circumstances where confidentiality obligations are imposed on rights-holders and relevant parties.

Information Security Initiatives

Initiatives related to information security measures

The Company has established KADOKAWA-CSIRT to communicate information about security incidents and vulnerability information and to deal with requests for consultation concerning security. With the aim of protecting IT assets from cyberattack, the CSIRT team regularly collects information and implements measures concerning the provision of advice about preventing cyberattacks and about the vulnerability of software, etc. In addition, the operation condition of the Company’s websites is evaluated, and inventory taking is implemented annually.

Initiatives for the handling of personal information

The Company has established measures for the handling of personal information in Privacy Policy to ensure strict control of personal information and information security.

• Privacy Policy
• Use of the Cookie Information
• Privacy Policy for Employees

Initiatives for effective use and protection of large-size data

The Company has established the Secretariat for Personal Information and Data Management for the promotion of information security management. Under the responsibility of General Manager for Personal Information Protection, efforts are made to ensure safety by conducting discussions and making judgments on basic policies for the handling of acquired information and effective use of data and whether or not information and data are handled according to relevant laws and regulations and the Privacy Policy.