Information Security Policy

Brastel Co., Ltd. Corporate Business Headquarters and the Telecommunications Business Division (hereinafter referred to as "the Company") were established to provide telecommunications services to corporate customers. To maintain the trust of all stakeholders, we have established an information security policy and information security management system (hereinafter referred to as ISMS) to protect the information assets we handle from all threats. The following are the information security measures we have implemented and will uphold.

1. We have established an internal system for information security and personal information protection, and we will allocate the necessary resources, formulate regulations, and promote their operation.
2. We will identify all information assets and personal information handled by our company, conduct risk assessments, and take necessary security control measures to ensure that confidentiality, integrity, and availability are not compromised.
3. We will comply with laws and orders related to the handling of information assets, including the Personal Information Protection Law and Unfair Competition Prevention Law, national guidelines, and other social norms (especially including ISO27001 and privacy mark examination standards) and various contractual agreements.
4. We will provide necessary education and training to all officers, employees, and others who use information assets and will ensure that this policy is thoroughly understood on a regular basis.
5. We will strive to prevent information security problems, and in the unlikely event that a problem occurs, we will respond promptly and strive to prevent a recurrence.
6. We will operate the management system necessary for the implementation of this information security policy within the organization and strive for continuous improvement.