About Information Security and Protection of Personal Information
Information Security Policy
Version 2.3
Last revised 2022/2/1
EvangTech Co., Ltd.
EvangSol Co., Ltd.
President Toshiyuki Koyama
Our company operates a business that provides planning, design, development, maintenance and operation services related to information systems, as well as cloud services (SaaS for companies, etc.). Responsibility to stakeholders is especially essential.
general direction
The company takes appropriate measures to protect the information assets it owns from the perspective of confidentiality, integrity and availability. Also, since our business is an area of rapid technological innovation, we will take protective measures in line with the latest trends.
Compliance with laws and regulations
We manage the assets entrusted to us by our customers at our data centers in a safe physical and network manner, and at the same time, we are legally and contractually obligated to ensure information security regarding the services we provide.
Organizational Structure
We have established an information security management system, put in place an organizational structure for introduction and execution, audit and review, maintenance and improvement, so that we can systematically respond to risks arising from business operations to minimize the impact on customers and management losses.
Risk management
We have a systematic approach to assessing and managing risks. In addition, we will take systematic and human preventive measures to reduce the risks that may occur, and create a system to minimize the impact in the event of an accident.
ISMS certification
In order for our customers to use our services with peace of mind, we have introduced an information security management system (ISMS) and are actively working to improve the confidentiality, integrity, and availability of the information assets that we must protect in a well-balanced manner. As proof that the ISMS is being properly operated, we have received an ISMS conformity certification after being audited by a third-party organization.
Authentication overview
Certification standard: JIS Q 27001:2023 (ISO/IEC 27001:2022)
Certification number: MSA-IS-455
Registered organization name: EvangTech Co., Ltd.
Location: 4-15-11 Nihonbashi Honcho, Chuo-ku, Tokyo
Scope of certification: Planning, design, development, maintenance and operation related to information systems, and provision of cloud services (SaaS for companies, etc.)
Certification date: February 27, 2024
Expiration date: March 28, 2027
About personal information protection
We believe that protecting and properly handling personal information and specific personal information (hereinafter referred to as “personal information”) is the basis of our business activities and a social responsibility, and we will implement the following policy.
<Personal Information Protection Policy>
-
When acquiring personal information, we will clarify the purpose of acquisition to the customer and take measures to prevent the use and provision of personal information for purposes other than those intended.
-
We will take measures to prevent the leakage, loss or damage of personal information, and in the unlikely event that it occurs, we will promptly implement corrective measures.
-
We will comply with laws and regulations regarding the handling of personal information, national guidelines and other norms.
-
We will sincerely and promptly respond to complaints and consultations regarding personal information from customers.
-
We will continuously improve the system for managing personal information.