Governance

(1) Guiding Principle

We observe all laws and regulations related to conducting business in Japan and other countries around the world. In addition, starting with the risk management policy, we observe all rules, standards, notifications, and other guidelines issued by the company in order to comply with those laws and regulations.

(2) Fair Practices

We observe the Anti-Monopoly Act (a Japanese law) and all related laws and regulations. Accordingly, we do not conduct business using unreasonable conditions or carry out any unfair business practices. Furthermore, we do not provide or receive personal favors or payoffs that violate laws or regulations, or are contrary to accepted social standards. This includes entertaining, dining, gifts, and payoffs in any form.

(3) Intellectual Property Rights

We respect the value of intellectual property rights and handle them properly whether they are owned by our company or another party.

(4) Insider Trading

We do not engage in insider trading based on information obtained from within or outside the company over the course of business, and do not conduct trading that could be suspected of being insider trading.

(5) Regarding Anti-Social Forces

We do not have any relationships whatsoever with criminal organizations or other organizations that threaten the order or safety of civil society.

(6) Respect for Human Rights

We respect fundamental human rights and do not discriminate in the employment or evaluation of individuals. Discrimination of any kind—including on the basis of gender, age, nationality, race, religion, creed, or disability—is not tolerated. Furthermore, we do not condone or use forced labor or child labor in any form.

(7) Safe and Comfortable Work Environment

We observe labor laws and regulations, such as the Labor Standards Act (a Japanese law), and carry out activities to ensure and maintain a safe and healthy work environment. We make efforts to create a fair and friendly workplace that is free of harassment and other acts that disregard a person’s human rights.

(8) Conflicts of Interest

We clearly separate our positions as company employees and as private individuals, and do not allow personal interests to influence us when carrying out our duties. If the company’s interests conflict with our personal interests, we act in accordance with the decisions of the company.

(9) Company-Wide Thoroughness

We implement company rules and other frameworks to ensure compliance with all relevant laws and regulations. We actively collect legal and regulatory information related to our business activities, and ensure that the information is communicated company-wide through training and other communication efforts.

(10) Internal Reporting System

We maintain a strictly managed internal reporting system. If any improper conduct related to our business or violations of laws, regulations, company rules, or business ethics are suspected, the matter is reported to a supervisor, an appropriate department or division such as the Personnel & General Affairs Department, or to another designated internal representative.
Any individual who reports a violation or potential violations is protected from discrimination or retaliation. All reports are handled with strict confidentiality and managed appropriately.
Should a violation be confirmed, prompt corrective action is taken, and countermeasures are implemented to prevent recurrence.

(1) Guiding Principle

We collect information such as strategic business information and personal information using appropriate means. Information is accurately recorded, managed and used appropriately.
When information is no longer needed, it is permanently deleted, properly disposed of, or destroyed.
We take great care to ensure that information is not plagiarized or falsified. We have constructed an organizational system to prevent information leaks, and perform effective management to sustain and improve this system.

(2) System Maintenance Architecture

We have established an organizational system to ensure information security and have implemented rules and other measures to effectively manage, sustain, and continuously improve the system.

(3) Management of Information Assets

We ensure the security of information assets by defining and managing such assets appropriately.

(4) Company Assets

We do not use the company’s information system or other company assets, whether tangible or intangible, for any dishonest or improper purposes. When an employee resigns, they must return all company assets, confidential information, and any other materials related to their work for the company. Furthermore, employees and former employees may not disclose or leak any information, such as business secrets or corporate information, that was gained during their employment without the express permission of the company.

(5) Confidential Information

We strictly manage confidential information and handle such information appropriately. Confidential information is used only within the scope necessary for business purposes.
We do not employ deceptive tactics or dishonest means when obtaining confidential information from within or outside the company.

(6) Personal Information

We comply with the Personal Information Protection Act (a Japanese law) and related laws. Personal information is collected using fair means and only within the scope necessary for business purposes. All personal information is handled following procedures that are in accordance with best practices and laws, regulations, and company rules.

(7) Education and Training

We regularly carry out education and training regarding information security for all employees to increase awareness throughout the company and ensure strict observance of best practices, laws, regulations, and company rules.

(8) Trusted Delivery of Products and Services

We meet our customer’s requirements for information security to ensure that customers feel secure in purchasing our products and services and entrusting us with work.

The Crestec Group plans and makes advanced preparations to ensure business continuity or timely recovery in the event of emergencies such as natural disasters, terrorist attacks, or system failure.

(1) Guiding Principle

As a company committed to sustainably increasing our corporate value, we act according to the following basic guidelines to quickly restore operations in the event of natural disasters or other emergency situations.

(2) Objectives

We have established a business continuity system to achieve the following objectives.
① Prioritize confirming and ensuring the safety of company employees, business partners, and other concerned individuals.
② Minimize the effects on the business operations of our customers.
③ Respond according to the expectations and trust our stakeholders have in the company.

(3) Business Continuity System

We treat business continuity management as a critical priority and implement it as a company-wide activity to continuously strengthen the foundations of our business. Furthermore, in order to achieve the preceding objectives, we identify and focus management resources on the business functions that must be given top priority in the event of an emergency.

(4) Threats to Business Continuity

We aim to create a system that can respond to a wide range of emergencies and ensure business continuity. The typical threats to business continuity include events such as natural disasters (earthquakes, and wind and flood damage) and accidents (fires and industrial work accidents).

(5) Business Prioritization Function and Business Recovery Goals

We quickly establish a decision-making system in emergencies to ensure uninterrupted service and maintain communication with our stakeholders. While protecting our customers’ information assets, we prioritize restoring communication with customers who are highly dependent on uninterrupted services. By aligning recovery objectives for each business function throughout the company, we are able to respond as an organization to minimize disruptions and support ongoing business.