Information Security Policy

S and BTS Global K.K. (hereinafter referred to as “the Company”) provides international voice, A2P SMS, DID number, and various other telecommunication-related services to telecommunications carriers and enterprise customers. Recognizing the importance of safeguarding our information assets—including communication data, contractual information, personal data, and intellectual property—and ensuring the reliability of our services, the Company commits to the following principles for information security.

1. Management Responsibility
   The Company’s management takes the lead in recognizing the importance of information security and strives for its continual improvement and enhancement throughout the organization.
2. Establishment of Internal Structure
   The Company maintains an information security framework led by a designated person responsible for information security. Security policies and procedures are regularly reviewed and updated. Overseas offices are required to comply with the Company’s security policies set forth by the Tokyo headquarters.
3. Management of Corporate Customer Information
   While the Company does not regularly retain personal information, it treats corporate customer-related information—such as business contact details, contractual information, and communication configuration data—as confidential information assets, and manages them with the same level of rigor and security as other sensitive data.
4. Employee Commitment
   All employees receive regular training and education on information security to maintain and improve their knowledge and skills. Communication data, customer information, and other sensitive information handled in daily operations are managed with strict care.
5. Compliance with Laws and Contractual Obligations
   The Company complies with all applicable information security laws and regulations, including telecommunications laws, and adheres to relevant standards and contractual requirements to meet stakeholder expectations.
6. Response to Violations and Incidents
   In the event of a violation or incident related to information security, the Company will take appropriate action, investigate the root cause, strengthen reporting systems, and implement preventative measures to avoid recurrence.