Basic Policy on Protection of Personal Information

November 14, 2025

Nomura Micro Science Co., Ltd. (hereinafter referred to as “the Company”) strongly recognizes the importance of protecting customers' personal information, and in compliance with the “Act on the Protection of Personal Information” (Personal Information Protection Act) and related laws, regulations, and guidelines, the Company will properly manage and utilize personal information in accordance with the following Basic Policy on Protection of Personal Information, striving to ensure the trust of stakeholders.

1. 1. Purpose of Use of Personal Information
   The Company will use the personal information provided (referred to as “personal information” as defined in Article 2, Section 1 of the Personal Information Protection Act) for the following purposes.
   
   <Personal Information of Customers and Business Partners>
   1. ・To respond to inquiries from customers and business partners
   2. ・To send various materials requested or applied for by customers
   3. ・To provide information regarding the Company's services and support, as well as other related updates
   4. ・To fulfill and manage transactions related to the Company’s business activities
   <Personal Information of Shareholders>
   
   1. ・To exercise rights and fulfill obligations in accordance with the Companies Act
   2. ・To provide shareholders with information regarding the Company and its group’s business operations
   3. ・To implement various measures to facilitate a smooth relationship between shareholders and the Company
   4. ・To provide various conveniences from the Company in relation to the shareholder status
   5. ・To create data and perform statistical processing for the execution of the above-mentioned matters
   <Personal Information of Job Applicants>
   
   1. ・To provide information to job applicants (including those applying for work experience or internships) and to carry out tasks related to recruitment activities
   2. ・To manage recruitment activities
   <Personal Information of Executives, Employees, Employees' Families, and Former Employees>
   
   1. ・To fulfill the rights the Company holds over each employee, or to perform the obligations the Company owes to each employee, based on the employment contract, company policies, and other internal regulations, including the payment of compensation (wages, bonuses, allowances, etc.)
   2. ・To carry out procedures in accordance with various laws and regulations, such as tax withholding procedures and health management based on the Occupational Safety and Health Act
   3. ・To smoothly exercise the Company's authority over employees and fulfill the labor management obligations owed to each employee, such as through personnel data analysis and creation
2. 2. Provision of Personal Information to Third Parties
   The Company will not provide personal data to third parties, except in the following cases.
   
   
   1. ・If the individual’s consent is obtained
   2. ・If it is necessary to disclose or provide the information to contractors or other parties in order to achieve the purpose of use explicitly stated to the individual, within the required scope.
   3. ・If disclosure or provision is required by law
   4. ・If it is urgently necessary to protect a person’s life, body, or property, and obtaining the individual’s consent is difficult.
   5. ・If it is particularly necessary for the improvement of public health or the promotion of the sound development of children, and obtaining the individual’s consent is difficult.
   6. ・If it is necessary to cooperate with national agencies, local governments, or parties entrusted by them in the performance of duties prescribed by law and obtaining the individual’s consent could potentially hinder the execution of those duties.
   When disclosing or providing personal information to contractors, the Company will require the contractor to implement appropriate security measures for handling personal information and will conduct necessary and appropriate supervision to ensure compliance.
3. 3. Joint Use
   The Company may jointly use the personal data it holds with other companies within the Company group.
   
   
   1. (1) Items of Personal Data to be Jointly Used
      

      Name, contact information (company name, affiliation, address, phone number, fax number, email address, etc.), and other relevant details.

   
   
   2. (2) Scope of Joint Use
      

      Companies within the Nomura Micro Science Group

   
   
   3. (3) Purpose of Use
      

      For the fulfillment and management of transactions related to the Company’s business activities.

   
   
   4. (4) Person Responsible for Joint Use
      

      Nomura Micro Science Co., Ltd. (For the address and representative, please refer to the end of the page.)

4. 4. Safety Management Measures
   The Company will take the following measures to prevent the leakage, loss, or damage of personal data it holds, as well as to ensure the appropriate management of personal information.
   
   
   1. (Establishment of Basic Policy)
   2. ・To ensure the proper handling of personal information and to provide a contact point for inquiries and complaints, this basic policy has been established.
   3. (Development of Regulations for Handling Personal Data)
   4. ・At each stage of acquisition, use, storage, provision, deletion, and disposal, the Company has established “Personal Information Handling Regulations” that define the handling methods, responsible persons, and their duties.
   5. (Organizational Safety Management Measures)
   6. ・The Company has appointed a person responsible for handling personal data and clarified the scope of personal data handled by employees. Additionally, a reporting and communication system has been established to notify the person in charge of any violations or signs of violations of laws or the “Regulations on Handling Personal Information.”
   7. ・The Company regularly conducts self-assessments of the handling of personal data and carries out audits and other reviews by responsible managers.
   8. (Human Resources Safety Management Measures)
   9. ・The Company conducts regular training for employees on matters to be mindful of when handling personal data.
   10. ・The Company has established provisions regarding the confidentiality of personal data in its work regulations.
   11. (Physical Safety Management Measures)
   12. ・In areas where personal data is handled, the Company manages employee access and restricts the bringing in of devices, while implementing measures to prevent unauthorized individuals from viewing personal data.
   13. ・The Company takes measures to prevent theft or loss of equipment, electronic media, and documents that handle personal data. Additionally, when transporting such items, including within the workplace, measures are implemented to ensure that personal data is not easily identifiable.
   14. (Technical Safety Management Measures)
   15. ・The Company implements access control to limit the scope of personal information databases and restrict access to authorized personnel only.
   16. ・The Company has implemented systems to protect information systems that handle personal data from unauthorized external access or malicious software.
5. 5. Requests for Disclosure of Retained Personal Data
   The Company will respond without delay to requests for the disclosure of retained personal data, made by the individual or their authorized representative, following the prescribed procedures, except in the following cases. If the data is not disclosed, or if the retained personal data does not exist, the Company will inform the requester of this fact.
   
   
   1. ・If there is a risk of harm to the life, body, property, or other rights and interests of the individual or a third party.
   2. ・If there is a risk of significantly hindering the proper execution of the Company's operations.
   3. ・If disclosing the information would result in a violation of laws or regulations.
   Additionally, if the Company receives requests from the individual or their authorized representative, following the prescribed procedures, for the correction, addition, or deletion of retained personal data, or for the suspension of use, erasure, or cessation of third-party provision, the Company will investigate and respond in accordance with the law.
6. 6. Point of Contact for Inquiries and Complaint Handling
   
   1. For any inquiries or complaints regarding the Company's handling of personal information, please contact the following:
   2. Nomura Micro Science Co., Ltd.
   3. Human Resources Department, Personal Information Protection Consultation Desk
   4. TEL: 046 (228) 3235
   5. Reception Hours: Monday to Friday (excluding public holidays, year-end and New Year holidays, and company-designated holidays)
   6. 9:30 AM to 12:00 PM, 1:00 PM to 4:30 PM

   Makoto Uchida
   President and Chief Executive Officer
   Nomura Micro Science Co., Ltd.
   2-9-10 Okada, Atsugi-shi, Kanagawa