Information Security Policy

Epsilon Medical Inc. (hereinafter, “the Company”) has established and will implement a basic security policy to ensure cybersecurity throughout the entire life cycle of its devices in order to “develop medical devices and build systems that will broadly contribute to medical care through the design and development of intravascular electrodes.”

1.Management Responsibility

Led by management, we strive to systematically and continuously improve and enhance information security, and are accountable to all stakeholders.

2.Establishment of internal structure

The Company will establish an organization to maintain and improve information security and will establish information security measures as official internal rules.

3.Employee Initiatives

We will educate all employees, and our employees will acquire the knowledge and skills required for information security to ensure their commitment to information security.

4.Compliance with legal and contractual requirements

We comply with laws, regulations, norms and contractual obligations related to information security and meet our customers’ expectations.

5.Response to violations and accidents

In the event of any violation of laws, contracts, or accidents related to information security, we will take appropriate action and strive to prevent recurrence.