Based on the "Act on the Protection of Personal Information" (Act No. 57, promulgated May 30, 2003 , including any subsequent amendment), the Ordinance for Enforcement of the Act (Cabinet Order No. 507, promulgated 2003, including any subsequent amendment), and other relevant laws, regulations, practices, etc. (hereinafter collectively referred to as "laws, etc."), the Company has enacted the personal information protection policy described in the Declaration, complies with laws etc. when handling personal information, does not use personal information for any purpose other than the purposes described in Article 4, and properly handles complaints.

(1)When the Company acquires personal information for any purpose other than the purposes described in Article 4, the Company, in principle, shall notify the person in writing of the purpose of use.

(2)Notwithstanding the provision of the preceding paragraph, when acquiring the personal information of the person stated in a document, such as a contract when concluding a contract with the person, etc., the Company shall clarify to such person the purpose of use of the personal information. However, if there is an urgent need to protect the life, body, or property of any person, the purpose of use may not be specified.

(3)When the purpose of use is changed, the Company, in principle, shall notify the person or announce the changed purpose.

(1)Personal information shall not be obtained by deception or other improper methods, it will be obtained properly in accordance with laws etc. When obtaining personal information from a third party, the Company shall be careful not to infringe on the interests of the person unreasonably.

(2)The main methods used by the Company for obtaining personal information are as follows:

(1)Personal information shall be used appropriately in accordance with laws etc.

(2) The purposes for which the Company uses personal information are as below, and, in the case of any another purpose of use, the Company shall notify individuals separately. Personal information will not be used for any purpose other than the following intended purposes:

• (a) Use associated with execution of business related to our investment advisory business;
• (b) Use associated with execution of business related to business outsourcing to a third party;
• (c) Use associated with any due diligence process of an investment project;
• (d) Use associated with businesses ancillary to the preceding items; and
• (e) The Company’s corporate operations (finance / accounting, HR / general affairs, system management, legal affairs / compliance, auditing, etc.) and businesses ancillary there to.

(3) In principle, the Company does not provide personal information to any third party unless the consent of the person to whom the personal information pertains is obtained, the consent can be presumed, or the provision is permitted under laws etc. However, when entrusting the handling of personal information to the extent necessary to achieve the purpose of use, or in the case of a merger, etc., personal information may be provided without obtaining the consent of the person.

Notwithstanding the provisions of the preceding two Articles, sensitive information will not be obtained, used, or provided to any third party except as required by laws etc.

(1)Personal information and personal data will be managed appropriately in accordance with laws etc.

(2)Personal data will be kept accurate and up-to-date within the scope necessary to achieve the purpose of use, and, when it is no longer necessary to use such personal data, the Company shall endeavor to delete the personal data without delay.

(3) The Company shall take necessary and appropriate measures in accordance with laws etc. to prevent unauthorized leakage of personal information, prevention of leakage, loss, or damage of personal data, and take other necessary measures for safety management of personal information and personal data.

(4) When employees handle personal information or personal data, the Company shall supervise the employees as necessary and appropriate so that the personal information or personal data can be safely managed.

(5) When the management of personal data is outsourced to a third party, the outsourcee should be thoroughly examined when selecting the outsourcee so that the management of the personal data outsourced by the Company can be managed safely. After the outsourcing, the Company shall supervise the outsourcee as necessary and appropriate.

(1) Name of the business operator handling personal information
IA Partners Inc.

(2)Purpose of use of retained personal data
The purpose of use of retained personal data is the same as described in 4. (2) above.

(3)Procedures followed in order to meet requests for disclosure, etc.
The Company shall observe the following procedures with regard to retained personal data, as concerns (a) notification of the purpose of use; (b) disclosing; (c) correcting, adding, and deleting; (d) discontinuation of use, erasure, and discontinuation of provision to a third party (hereinafter, “disclosure, etc.”). In addition, in cases where it is not possible to respond to requests for disclosure, etc., due to stipulations of laws etc., cases where identity verification is not possible, or cases where the authorization of proxy cannot be confirmed at the time of a request by an agent, the request for disclosure, etc., may not be accepted.

• (a) Notification of purpose of use
• - Where to submit application
  The Company
• - Application method, required documents, etc.
  The applicant should contact the Company.
• - Fees
  Gratis
• - Response method, timing, etc.
  The applicant will be provided with a Notice of Purpose of Use Form prescribed by the Company.

• (b) Disclosure
• - Where to submit application
  The Company
• - Application method, required documents, etc.
  After completing the necessary items in the Retained Personal Data Disclosure Request Form prescribed by the Company, the applicant should submit such form to the Company, along with the documents indicated below, in order to confirm his or her identity.
• - Personal identification methods (including methods used for confirming a proxy's power of attorney)
  For personal identification, provide one of the following:
  (i) Seal registration certificate for the seal imprinted on the disclosure request form mentioned above (must be issued within the last six months);
  (ii) Public certificate issued or provided by a government body, containing the applicant's photograph, name, date of birth, and physical address (acceptable documents include, but are not limited to, a driver's license and passport; documents must be currently valid); or
  (iii) If neither (i) nor (ii) above are available, then it is acceptable to use a health insurance certificate, pension passbook, welfare booklet, etc., so long as such documents are currently valid.
  If the applicant requesting disclosure, etc., is the legal representative of a minor or an adult ward, or an agent to whom the request for disclosure, etc., has been delegated, the documents listed below must be presented (for both the individual and the agent) in addition to those mentioned above.
• If a person with parental rights:

  - One copy of the family register to confirm the party's parental rights (must have been issued or prepared within the last six months)

• If an adult ward:

  - One copy of the registration document certifying that the party has proxy authority (must have been issued or prepared within the last six months)

• If a delegated agent:

  - One copy of a power of attorney prescribed by the Company

  - One copy of the individual's seal registration certificate (must have been issued or prepared within the last six months)

  - Fees and payment methods
  ¥1,500 (excluding tax) for each disclosure request form mentioned above.

• This fee may be paid (1) in cash (including by registered mail) or (2) by bank transfer. Bank transfer should be made to the account designated by the Company.
• – Response method and period

  In principle, a response document will be posted to the address specified by the applicant within 10 business days of receiving the application.

• – Cases where disclosure is refused

  Disclosure may be refused for legal reasons in the cases listed below. In this event, the decision will be communicated along with an explanation of the basis or reason for the decision, which specifies the grounds for the judgment and the facts that form these grounds. The specified fees will be charged even in the event of a non-disclosure decision.

• – If a request for disclosure, etc., does not apply to retained personal data

• – If there is difficulty in identifying the retained personal data requested, or if it is deemed that searching would be unreasonably difficult

• – If disclosure would expose the applicant or a third party to the risk of physical harm or harm to their assets or other interests

• – If disclosure would expose the Company to the risk of significant damage to its proper conduct of business

• – In other cases that contravene other laws etc.

• (c) Corrections, Additions, and Deletions

  – Where to submit application
  The Company

• – Application method, required documents, etc.
  The applicant should apply to the Company. (After confirming the contents of the application, as necessary, the Company may ask the applicant to complete and submit the Retained Personal Data Correction etc., Request Form prescribed by the Company.)

• – Personal identification methods (including methods used for confirming a proxy's power of attorney)
  To be performed as under Disclosure (b)

• – Response method, timing, etc.
  In principle, a response will be provided within 10 business days of receiving the application, either verbally or in writing.

• – Cases where correction, addition, or deletion is refused
  Correction, addition, or deletion may be refused in the cases listed below. In the event of a decision against correction, addition, or deletion, this decision will be communicated along with an explanation of the basis or reason for the decision , which specifies the grounds for the judgment and the facts that form these grounds.
• – If the content of the request for correction, etc., is untrue or if its truth cannot be verified
• – If the content of the request for correction, etc., is information that the Company has evaluated or added
• – If the content of the request for correction, etc., is considered of little importance to achieving the purpose of use

• (d) Discontinuance of Use, Erasure, and Discontinuance of Provision to a Third Party
• – Where to submit application
  The Company
• – Application method, required documents, etc.
  The applicant should apply to the Company. (After confirming the contents of the application, as necessary, the Company may ask the applicant to complete and submit the Retained Personal Data Discontinuance of Use etc., Request Form prescribed by the Company.)
• – Personal identification methods (including methods used for confirming a proxy's power of attorney)
  To be performed as under Disclosure (b)
• – Response method, timing, etc.
  In principle, a response will be provided within 10 business days of receiving the application, either verbally or in writing.
• – Cases where discontinuance of use, erasure, or discontinuance of provision to a third party is refused
  Discontinuance of use, erasure, or discontinuance of provision to a third party may be refused in the cases listed below. In the event of a decision against discontinuance of use, erasure, or discontinuance of provision to a third party, this decision will be communicated along with an explanation of the basis or reason for the decision, which specifies the grounds for the judgment and the facts that form these grounds.

If the Company receives a consultation or complaint regarding the handling of personal information, the Company shall respond in good faith and handle it appropriately and promptly in accordance with laws etc.

For inquiries regarding our handling of personal information, please contact the Company (5F, Toranomon 40 MT Building 5-13-1 Toranomon, Minato-ku, Tokyo, Telephone: +81-3-6432-4710, Hours: Weekdays (except for national and year-end holidays) 9:00 am to 5:15 pm).

The Company continuously reviews and improves its efforts to protect personal information. If this Declaration is revised, it will be announced by promptly posting the revised Declaration at our head office and/or our Website. The revision shall take effect on the date of posting.