Voyage Health, LLC(hereinafter referred to as "VoyageAI") recognizes that it is extremely important to protect the information assets held by “VoyageAI" from risks such as leakage and destruction for business continuity.

1. Scope of Application

   This Information Security Policy shall apply to all information assets owned by the Company (referring to the information handled by the Company in providing services to users and the equipment necessary to handle such information).

2. Applicable Parties

   This Information Security Policy applies to the Company's directors, employees (regular employees, contract employees, etc.), temporary employees, subcontractors, part-time employees, and interns (hereinafter collectively referred to as "employees").

3. Establishment of Information Security Management System

   The Company shall establish an information security management system capable of complying with laws and regulations concerning information security and responding to various risks to information assets, and shall promptly implement measures necessary to monitor the status of information security and to maintain and improve the information security management system.

4. Maintenance of Internal Rules

   The Company shall establish internal rules based on this Information Security Policy and ensure that all employees are familiar with clear rules for the proper management and operation of information assets.

5. Education and Training on Information Security

   The Company shall provide its employees with education and training on information security in order to properly manage and operate the information assets held by the Company.

6. Response to Information Security Incidents

   In the event of an information security-related incident at the Company, the employee who discovers the incident shall immediately report the incident to the Information Security Manager, who shall immediately report it to the relevant parties and take emergency measures as necessary. The Company shall analyze the causes of such information security incidents and take appropriate measures to prevent a recurrence.

7. Obligations of Employees and Measures against Violations

   Employees shall understand the purpose and content of this Information Security Policy, laws and regulations related to information security, and internal rules, and shall comply with them. Employees who violate these policies shall be subject to disciplinary action in accordance with the employment regulations.

   We will strive to maintain and improve information security by periodically evaluating and reviewing this Information Security Policy and its implementation status of information security.