Samty Asset Management Co.,Ltd. (the “Company”) hereby stipulates the following matters to ensure the secure management of information handled by the Company.

Measures to Ensure the Secure Management of Information

1. The Company will take necessary measures, including preventing information leakage, loss, damage, and theft, to ensure the secure management of information.

Compliance with Laws and Regulations and This Policy

2. The Company and all officers and employees (including dispatched and temporary workers) will comply with laws and regulations related to information security as well as this policy.

Chief Information Security Officer

3. The General Manager of Business Management Department will be appointed the Chief Information Security Officer who is responsible for the roles listed in the items below.

• Oversight of information security managers
• Reporting of information security incidents to the Board of Directors
• Directing response in the event of material incidents

Appointment of Information Security Managers

4. The Company will appoint an Information Security Manager in each division/department, grasp information assets within the Company, and provide instruction on the secure management of information.

Monitoring

5. The Company will conduct regular monitoring of the status of information asset management within the Company and continually review the information management system.

Education and Training

6. The Company will continually conduct education and training related to information security for its officers, employees and related persons toward the appropriate management of information assets.

Supervision of Entrusted Persons

7. With regard to the business operator(s) it entrusts, the Company will adequately examine their eligibility as entrusted person(s) to which it provides information, require them to maintain security levels that are at least equivalent to those implemented by the Company, and conduct continuous management and supervision of such person(s).