GDX Co., Ltd. (hereinafter referred to as “the Company”) pursues the mission of “creating and realizing new forms of e-commerce” by launching and marketing e-commerce businesses in Japan and across Asia.
The purpose of this policy is to protect all information assets handled in every area of our business from all potential threats, while appropriately maintaining their confidentiality, integrity, and availability. To this end, we have established an Information Security Management System (ISMS) in compliance with ISO/IEC 27001:2022 (JIS Q 27001:2023), and have built the organizational framework required to operate it effectively.
By appropriately handling and managing information assets, we aim to ensure trust and confidence among all stakeholders, and we will continue our ISMS activities as part of this commitment.
1. Definition of Information Security
The Company defines information security as maintaining the confidentiality, integrity, and availability of information assets.
2. Risk Assessment
The Company identifies potential information security risks associated with its information assets in accordance with internal procedures. We analyze and evaluate the causes of identified risks, determine optimal countermeasures, and establish operational procedures accordingly.
Through the implementation of these measures, we reduce risks to a level acceptable to the Company.
3. Compliance with Laws, Regulations, and Contractual Obligations
In operating the ISMS, the Company complies with relevant information security laws, regulations, and contractual confidentiality obligations with stakeholders. Through proper information security management, we fulfill our social responsibility.
4. Information Security Education & Training
The Company ensures that all employees engaged in business operations recognize the importance of information security. We promote the proper use of information assets and provide necessary education and training to reinforce awareness and compliance.
5. Business Continuity Management
To prepare for major system failures or disasters that may disrupt business activities, the Company formulates, tests, and evaluates a business continuity plan (BCP).
6. Information Security Incidents
The Company implements preventive measures to avoid security incidents.
In the event of an incident, we conduct a root-cause analysis and take corrective measures to minimize impact through rapid response.
We hereby declare our commitment to information security in accordance with the above policy.
Established: November 1, 2021
GDX Co., Ltd.
President & CEO: Jun Horita