Security Policy

Kachilu Inc. ("we," "us," or "our") positions proper management of information assets as one of our highest management priorities. To earn and maintain trust from customers and society, we establish the following Security Policy.

1. Establishment of a Management System

We establish an information security management system centered on our Representative Director and clarify authority and responsibilities for protecting and properly managing information assets. We also comply with laws, government guidelines, and other standards related to information security.

2. Scope of Application

This policy and related rules apply to all officers, employees (including full-time, contract, part-time, and temporary staff), and dispatched workers.

3. Implementation of Security Control Measures

To prevent unauthorized access, loss, destruction, falsification, and leakage of information assets, we implement the following measures.

  • Technical measures: SSL/TLS encryption for all communications, blocking unauthorized access via firewalls, introduction of WAF (Web Application Firewall), and regular vulnerability assessments.
  • Physical measures: Entry/exit management for offices, anti-theft measures for devices, and locked management of confidential documents.
  • Human measures: Regular security training for all employees and execution of confidentiality pledges.
  • Organizational measures: Minimization of access privileges (need-to-know principle), continuous monitoring of operation logs, and regular audits.

4. Management of Outsourcing Partners

When we outsource part of our operations, we conduct strict security screening of the contractor and confirm that a security level equal to or higher than ours is maintained, then execute confidentiality agreements.

5. Incident Response

If an information security incident occurs, we will promptly investigate the cause and take measures to prevent further damage, report to relevant organizations, and formulate and implement recurrence prevention measures.

6. Continuous Improvement

We regularly review and continuously improve this policy and our information security management system in response to social changes and technological progress.