SECURITY ACTION Two-Star Logo

SECURITY ACTION

About Security Measures Self-Declaration

We have declared the 'Two-Star' level in the 'SECURITY ACTION' system established by the Information-technology Promotion Agency, Japan (IPA). We will continue to implement safe and appropriate information security measures based on our Information Security Basic Policy.

Information Security Basic Policy

Neopia Inc. (hereinafter referred to as "the Company") recognizes that properly protecting information entrusted to us by our customers and information handled in the course of our business operations is an important social responsibility. In order to protect our information assets from threats such as accidents, disasters, and crimes, and to use them safely and appropriately, the Company hereby establishes the following Information Security Basic Policy and is committed to its implementation.

1. Establishment of Information Security Management Framework

The Company assigns a person responsible for information security and establishes an internal framework and rules related to information security measures to appropriately manage information assets.

2. Compliance with Laws and Regulations

The Company complies with laws and regulations related to information security, guidelines established by the government and relevant organizations, industry standards, other social norms, and contractual obligations.

3. Proper Management of Information Assets

For all information assets handled by the Company, we implement appropriate security measures according to their importance and risk, including access control, authentication, malware protection, and backup, and strive to prevent unauthorized access, information leakage, falsification, loss, and destruction.

4. Education and Awareness for Officers and Employees

The Company ensures that its officers and employees fully understand the importance of information security, and continuously provides education and awareness programs to raise awareness and ensure compliance with internal rules related to information security.

5. Management of Outsourced Parties

When outsourcing part of its operations, the Company requires its contractors to implement information security measures equivalent to those of the Company, and conducts necessary and appropriate management and supervision.

6. Response to Incidents and Violations

If an incident or violation related to information security occurs, the Company promptly investigates the facts and causes, takes corrective actions to prevent the spread of damage and recurrence, and reports and communicates to relevant parties as necessary.

7. Continuous Improvement

The Company regularly reviews and inspects its efforts related to information security and strives for continuous improvement in light of technological trends and changes in the business environment.

Established: November 14, 2025

Neopia Inc.

Representative Director Jimin Park