Uninote

Information Security Policy

Effective date: May 1, 2026

Our company recognizes that properly implementing information security and working to protect information assets is an essential requirement for operating a business that enjoys the trust of society, and also a significant social responsibility. We are deeply aware that the meeting recordings, transcription data, AI summary data, and similar information handled by Uninote Meeting are critical information assets of our customers, and we will strive to protect them appropriately. In light of the importance of information security, we have established this Information Security Policy and will establish, implement, maintain, and continuously improve an Information Security Management System to put it into concrete practice.

In accordance with this Policy and our Information Security Management System, we will carry out the following.

(1) Information Security Objectives

We will establish information security objectives consistent with this Policy, taking into account applicable information security requirements and the results of risk assessment and risk treatment. We will communicate these objectives to all employees and review them as needed in response to changes in our environment, and periodically even in the absence of such changes.

(2) Handling of Information Assets

  • Access rights will be granted only to those who need them for their work.
  • Management will be performed in accordance with legal and regulatory requirements, contractual requirements, and the provisions of our Information Security Management System.
  • Information assets will be appropriately classified and managed according to their importance from the perspectives of value, confidentiality, integrity, and availability. In particular, for meeting recordings, transcriptions, AI analysis data, and similar information collected and processed by Uninote Meeting, we apply strict access controls and technical protection measures such as encryption.
  • We continuously monitor information assets to verify that they are managed appropriately.

(3) Risk Assessment

  • We conduct risk assessments, implement appropriate risk treatment for information assets we judge most important given the characteristics of our business, and introduce control measures.
  • We analyze the causes of information-security-related incidents and take measures to prevent recurrence.

(4) Business Continuity Management

We will minimize business interruptions caused by disasters or failures and ensure the service continuity of Uninote Meeting. We maintain redundant configurations on our cloud infrastructure (AWS) to ensure data availability.

(5) Education

We provide information security education and training to all employees.

(6) Compliance with Rules and Procedures

We comply with the rules and procedures of our Information Security Management System.

(7) Compliance with Legal, Regulatory, and Contractual Requirements

We comply with legal, regulatory, and contractual requirements related to information security.

(8) Continuous Improvement

We are committed to the continuous improvement of our Information Security Management System.

Widsley Inc., Representative Director, Hirotaka Takahashi