Declaration of Information Security (Basic Policy)

1. Purpose

To continue to be a company trusted by customers, stakeholders and society as a "Group that co-creates value for individuals, communities and people’s lifestyles", the Daiwa House Group (hereinafter referred to as the "Group") recognizes the importance of protecting, managing and utilizing of information such as trade secrets and personal information appropriately. Regarding this, we have established the Group's "Declaration of Information Security (Basic Policy)" and will endeavor to properly handle, manage, protect and maintain information, and take necessary measures.

2. Appointment of Chief Information Management Officer

The Group will appoint a Chief Information Management Officer to assess the status of information security throughout the company accurately and promptly implement necessary measures.

3. Establishment of Information Security Management System

To protect and properly manage all the information assets we owned, the Group shall appoint an administrator in charge of information management at each Group company and establish a system that can promptly implement information security measures.

4. Implementation of Information Security Measures

The Group shall recognize risks to all information assets we owned, endeavor to ensure the confidentiality, integrity, and availability of information assets, and take organizational, human, physical, and technical security measures. In the event of an information security incident or accident, we will promptly take appropriate measures, including consideration of measures to prevent recurrence.

5. Improvement of Information Security Literacy

The Group shall continue to provide education to raise awareness of information security so that all users of information assets who come into contact with information assets can conduct their business with information security literacy.

6. Compliance with Laws and Regulations, etc.

The Group shall comply with laws and regulations regarding information security, as well as contractual requirements and obligations regarding information security with customers.

7. Correspondence to Business Partners, etc.

The Group shall request business partners and contractors to maintain information security, and endeavor to improve the information security of the Group 's entire business.

8. Implementation of Continual Improvement

The Group shall continuously endeavor to maintain and improve the information security level and management by regularly evaluating and reviewing activities of information security and sharing information.