Information Security Policy

Brastel Co., Ltd. Corporate Business Headquarters and Telecommunications Business Division (hereinafter referred to as "the Company") are organized for the purpose of providing telecommunications services to corporate customers. In order to achieve this goal, we will protect the information assets we handle from all threats and respond to the trust of all stakeholders. Therefore, we hereby establish an information security policy and information security management system (hereinafter referred to as ISMS), and declare that we will implement safe and appropriate information security measures.

1. We establish an internal system for information security and personal information protection, allocate the necessary resources, formulate regulations, and promote their operation.
2. We identify all information assets and personal information handled by our company, conduct risk assessments, and take necessary security control measures to ensure that confidentiality, integrity, and availability are not compromised.
3. We comply with laws and orders related to the handling of information assets, including the Personal Information Protection Law and Unfair Competition Prevention Law, national guidelines, other social norms (especially including ISO27001 and privacy mark examination standards), and various contractual agreements.
4. We provide necessary education and training to all officers, employees, and others who use information assets, and will ensure that this policy is thoroughly understood on regular basis.
5. We strive to prevent information security problems from occurring, and in the unlikely event that a problem does occur, we will respond promptly and strive to prevent recurrence.
6. We operate the management system necessary for the implementation of this information security policy within the organization and strive for continuous improvement.