At Mercari Group (Mercari, Inc. and Merpay, Inc.), we recognize that appropriate information management is a crucial part of running our services, and we must not betray the trust that our users, business partners, and society as a whole place in us. As part of our security initiatives, we are committed to following this Information Security Policy to ensure that users can feel at ease using our services.
Information security management organization chart
Building an Information Security Management Organization
In order to drive information security measures encompassing the entire company, Mercari Group has established an Information Security/System Risk Committee with the CEO as the person ultimately responsible for information security. We also assign a person responsible for information management in each company to ensure appropriate decision-making regarding relevant policies. Through this, we have built an organization that can carry out information security measures swiftly.
Assigning a Person Responsible for Information Security Management
Mercari Group assigns a person responsible for information security management to promote security measures and protect and appropriately manage information assets.
Managing Information Assets Appropriately
Mercari Group manages information assets handled by Mercari Group appropriately based on the confidentiality, integrity, and availability of the assets.
Carrying Out Cybersecurity Measures
Mercari Group has established a cybersecurity organization, measures to prevent attacks, and preparations to handle attacks if they do occur. We strive to ensure and enhance security to protect information assets from cyberattacks and any other information security threats.
Improving Information Security Literacy
Mercari Group continuously works to educate all Mercari Group employees about information security.
In the event that Mercari Group outsources work to a contractor, we strive to ensure that the contractor has a level of information security equal to or above that of Mercari Group.
Abiding by Laws and Ordinances
Mercari Group strictly adheres to all laws and regulations, as well as contracts with users, business partners, employees, etc., and handles information assets in a suitable manner.
Mercari Group strives to continuously improve information security by periodically evaluating and reviewing the above initiatives.