PRIVACY POLICY. ＜Personal Information Protection Policy＞

[1] Basic Policy

1. 1.With regard to the protection of personal information, the Company complies with the "Act on the Protection of Personal Information" and other relevant laws and regulations. Moreover, we endeavor to appropriately collect, use, and handle personal information in accordance with the various guidelines stipulated by the Personal Information Protection Commission Japan, and with other practices concerning the handling of personal information generally accepted as fair and appropriate.
2. 2.The Company has established internal regulations concerning the handling of personal information, and thoroughly informs all of our employees, including officers and staff, of these. In addition, we serve as the responsible party for controlling those companies to which we entrust the handling of personal information, and require appropriate handling thereof.
3. 3.With regard to security controls for personal information, the Company designates a person responsible for control, establishes organizational frameworks for implementing security control measures, provides training for employees, controls areas where personal information is handled, and establishes security controls concerning information storage media and information systems used to control personal data.
4. 4.The Company receives questions and complaints from individuals identified using personal information (hereinafter, the "Person(s) Concerned"); requests for notification regarding the purpose of use of retained personal data; requests for disclosure, correction, addition, deletion, suspension of use, or erasure of retained personal data; and requests for disclosure of records of provision to third parties, or suspension of provision of retained personal data to third parties, through the designated contact point, and responds in good faith in accordance with laws and regulations.

[2] Purpose of Use, etc.

1. 1.The Company collects personal information necessary for the execution of our operations, and uses such for the following purposes. Except where permitted by laws and regulations, we do not use personal information for any purpose other than the following without the prior consent of the Person(s) Concerned. Details
   1. （1）Personal information of customers
      1. a.Providing information and services concerning the Company’s products and new products
      2. b.Shipping the Company’s gift products and responding to inquiries
      3. c.Sending out questionnaires and making analyses concerning the Company’s various operations
      4. d.Sending notifications regarding and managing campaigns, exhibitions, events, and other sales promotion activities for the Company’s products and new products
      5. e.Running open factory (factory tour) events organized by the Company
      6. f.Operating online stores and mail order sales, etc., for the Company’s products
      7. g.Responding to inquiries made to the Company’s Customer Service Department
      8. h.Responding to inquiries made to the Company’s Personal Information Contact Center
      9. i.Performing other duties closely associated with these operations
   1. （2）Personal information of job applicants
      1. a.Conducting recruitment activities to hire Company employees
      2. b.Performing other duties closely associated with these operations
   1. （3）Personal information of business partners
      1. a.Providing information and services concerning the Company’s products and new products
      2. b.Implementing and making contact regarding joint development of products and technologies
      3. c.Implementing and making contact regarding business negotiations
      4. d.Performing entrusted operations
      5. e.Providing producer history information for the purpose of breeding and fattening livestock
      6. f.Managing entry into and exit from the Company’s facilities
      7. g.Performing other duties closely associated with these operations
   1. （4）Personal information of shareholders and former shareholders
      1. a.Controlling information about shareholders based on laws and regulations
      2. b.Exercising rights or performing obligations by shareholders or the Company
      3. c.Providing services to shareholders and former shareholders
      4. d.Implementing various communications to shareholders
      5. e.Performing other duties closely associated with these operations
   1. （5）Personal information of former employees and retirees
      1. a.Performing personnel and labor services for retirees (including benefits), and making contact as necessary for social interactions, etc.
      2. b.Performing other duties closely associated with these operations
2. 2.The Company may share use of the personal data regarding the Person(s) Concerned with other Group companies. The purpose of use and items of personal data for shared use, the scope of shared users, and the names, addresses, and representatives of the persons responsible for controlling personal data to be shared are as follows.
   1. （1）Purpose of use and items of personal data to be shared:
      1. a.The purposes of use are the same as those described in Paragraph 1 above
      2. b.Items, names, addresses, telephone numbers, fax numbers, email addresses, affiliation information (company name, department name, job title, etc.), inquiry items, requested items, items concerning product purchases, and items concerning contracts
   1. （2）Scope of shared users:
      1. Group companies
   1. （3）Name, address, and representative of the persons responsible for controlling personal data to be shared:

      1. NH Foods Ltd.

         BREEZE TOWER, 2-4-9, Umeda, Kita-ku, Osaka, Japan

         Nobuhisa Ikawa, President and Representative Director

[3] Provision to Third Parties, etc.

1. 1.The Company may provide personal data to an entity to which it has entrusted all or part of the handling of personal data within the scope necessary for achieving the purposes of use specified in Paragraph [2]-1. In this case, we request the entrusted entity to handle personal data appropriately. In addition, after the entrusted entity has been selected and handling has been outsourced, we continue to verify whether the entrusted entity properly implements security controls concerning personal data.
2. 2.The Company does not disclose or provide personal data for the Person(s) Concerned to third parties, except where any of the following applies. Details
   1. 1. a.Cases where the Person(s) Concerned have given their consent to disclose or provide their personal information to a third party
      2. b.Cases based on laws and regulations
      3. c.Cases where it is necessary for the protection of human life, physical well being, or property, and where it is difficult to obtain the consent of the Person(s) Concerned
      4. d.Cases where it is particularly necessary for the improvement of public health or the promotion of the sound development of children, and where it is difficult to obtain the consent of the Person(s) Concerned
      5. e.Cases where it is necessary to cooperate with national-level organizations or local governments, or entities entrusted by such, to execute duties prescribed by laws and regulations, and where obtaining the consent of the Person(s) Concerned may hinder the execution of said duties
      6. f.Cases where the third party is an academic research institution, etc., and where it is necessary for said third party to handle the personal data for academic research purposes (including cases where the purpose of handling the personal data is partly for academic research purposes, and excluding cases where there is a risk of unreasonable infringement upon an individual’s rights and interests)

[4] Management of pseudonyum processing information, etc.

1. 1Our company uses pseudonyum processing information (information about individuals obtained by processing personal information so that a specific individual cannot be identified unless it is compared with other information in accordance with the provisions of laws and regulations. The same applies hereinafter), perform appropriate processing.
2. 2When our company creates pseudonyum processing information or obtains pseudonyum processing information* and deletion information related to thepseudonyum processing information, we will take measures to safely manage the deletion information, etc. , and handle it appropriately. *(This refers to the descriptions, etc. and personal identification codes that have been deleted from personal information used to create pseudonyum processing information, as well as information regarding the processing method carried out pursuant to the provisions of the preceding paragraph. The same applies hereinafter)
3. 3Our company handles pseudonyum processing information within the scope of the specified purpose of use, except when required by law.
   In addition, if our company acquires pseudonyum processing information that is personal information or changes its purpose of use, we will publicly announce the purpose of use of that pseudonyum processing information.
4. 4When our company uses pseudonyum processing information ourselves, we do not compare it with other information for the purpose of identifying the person related to the original personal information.
5. 5When handling pseudonyum processing information, the Company may make a telephone call, send by correspondence, deliver a telegram, send using a facsimile device or electromagnetic method, or visit the residence. We will not use contact information or other information contained in the pseudonyum processing information.
6. 6Our company may share personal data, which is pseudonyum processing information, with our group companies. The purpose and items of use of the personal data, which is pseudonyum processing information to be jointly used, the scope of joint users, the name and address of the person responsible for the management of the personal data to be jointly used, and the name of its representative are as follows. That's right.
7. 1. （1）Purpose and items of personal data as pseudonyum processing information to be jointly used
      1. ①Purpose of use The purpose stated in [2] 1 above and the purpose announced based on [4] 3
      2. ②Items Address, telephone number, fax number, email address, affiliation information (company name, department name, job title, etc.), inquiries, requests, product purchase matters, contract matters. (However, regarding the joint use of pseudonyum processing information, if a specific individual can be identified by the item itself or a combination of items to be jointly used, it will not be subject to joint use, and the specific individual will not be subject to joint use.) Only items that have been processed so that personal information cannot be identified may be shared.
   1. （2）Scope of joint users
      1. Our group companies
   1. （3）Name of the person responsible for managing personal data, which is pseudonyum processing information to be jointly used, and name of its representative.

      1. NH Foods Group

         NH Foods Ltd.

         President and Representative Director

         Nobuhisa Ikawa

[5] Management of anonymously processed information, etc.

1. 1When we create anonymously processed information*, we will process it appropriately. *(Information about an individual that is obtained by processing personal information so that a specific individual cannot be identified in accordance with the provisions of laws and regulations, and that personal information cannot be recovered. Same below)
   In addition, when we create anonymously processed information, we will publicize the items of information contained in the information, and will take measures such as safety management measures and complaint handling, and will publicize the contents.
2. 2When our company creates anonymously processed information, we will take measures to safely manage the information, such as processing methods, and handle it appropriately.
3. 3When our company provides anonymously processed information to a third party, we will publicly announce the items of information to be provided and the method of provision.
4. 4When our company uses anonymously processed information ourselves, we do not compare it with other information for the purpose of identifying the person related to the original personal information.

[6] Measures Taken for Security Controls for Retained Personal Data

1. The Company appropriately implements the following measures in order to securely control retained personal data.
   1. （1）Formulation of a basic policy
      1. In order to ensure that personal data is handled appropriately, the Company has prepared this policy as a basic policy.
   1. （2）Improvement of discipline
      1. In order to prevent personal data leaks, etc., and to implement other security controls concerning personal data, the Company has established regulations for controlling personal information, which stipulate the handling methods, responsible persons and persons in charge, and their duties, etc., in relation to the collection, use, storage, provision, deletion, and disposal, etc., of personal information.
   1. （3）Organizational security control measures
      1. For each appropriate organizational unit, the Company establishes a person responsible for and a person in charge of handling personal information, and clarifies the responsibilities and authorities of each.
         We have established a system to report any facts discovered as having violated laws, or that are likely to do so, to the relevant departments.
         We conduct periodic self-inspections and audits regarding the handling of personal data.
   1. （4）Human security control measures
      1. Regulations concerning the control of personal information stipulate that employees must not leak, destroy, or damage personal information. The Company therefore provides education and training regarding these regulations to employees as appropriate.
   1. （5）Physical and technical security control measures
      1. In order to prevent leaks and unauthorized use of personal data, as well as access to personal data by unauthorized persons, the Company takes appropriate control measures, and specifies the storage locations for recording media.
         We have introduced security software and other mechanisms to protect against unauthorized access from outside sources and use of unauthorized software.
   1. （6）Understanding the external environment
      1. When personal data are stored in a foreign country, the Company endeavors to implement security control measures based on an understanding of systems for protecting personal information in the relevant foreign country.

[7] Contact Point for Handling Requests from the Person(s) Concerned

1. 1.The following Personal Information Contact Center accepts inquiries from the Person(s) Concerned regarding the handling of personal information by the Company; requests for notification regarding the purpose of use of retained personal data; requests for disclosure, correction, addition, deletion, suspension of use, or erasure of retained personal data; requests for disclosure of records of provision to third parties, or suspension of provision of retained personal data to third parties; and other requests.
2. 2.When the Company receives a request to provide notification concerning the purpose of use of retained personal data, we will respond within a reasonable period and scope in accordance with the prescribed procedures. However, please note that due to laws and regulations, we may not be able to respond to requests for notification.
3. 3.When the Company receives a request to disclose retained personal data or records of provision to third parties, we will respond within a reasonable period and scope in accordance with the prescribed procedures. However, please note that due to laws and regulations, we may not be able to respond to requests for disclosure.
4. 4.When the Company receives a request for correction, addition, or deletion to retained personal data, we will conduct an investigation and confirmation in accordance with the prescribed procedures. If the details of the retained personal data differ from the facts, we will correct, add, or delete the retained personal data within a reasonable period and scope.
5. 5.When the Company receives a request to suspend use of or delete retained personal data, we will conduct an investigation and confirmation in accordance with the prescribed procedures. If the results meet the requirements prescribed by law, we will suspend use of or delete the retained personal data within a reasonable period and scope.
   Please note that due to suspension of use or deletion of personal information, we may no longer be able to provide services in accordance with your requests.
6. 6.When the Company receives a request to suspend provision of retained personal data to third parties, we will conduct an investigation and confirmation in accordance with the prescribed procedures. If the results meet the requirements prescribed by law, we will suspend provision of retained personal data to third parties within a reasonable period and scope.
7. 7.Reception method, etc.
   The Company accepts requests under Items 2 through 6 through the following procedure. Please note that we may not be able to respond to requests that are not submitted through this procedure.
8. [Reception procedure]
   1. Please submit your request in writing to the Personal Information Contact Center using the following request procedure.
      Please note that we may ask for your personal information to the extent necessary to search for your personal information at the time of reception. Moreover, please note that we will not return any documents or personal identification documents, etc., submitted at the time of your request.
      After an internal investigation requiring a certain amount of time, we will respond by the method you have requested, either by providing electronic records or by delivering written documents. Please note that if it is difficult to disclose the information using your requested method, we will contact you before responding in writing.
9. [Request procedure]
   1. Documents, etc., to be submitted at the time of any request set forth in Items 2 through 6
      1. (i)Request form for disclosure, correction, or suspension of use, etc., of retained personal data, etc.
      2. (ii)Personal identification documents

      3. (In either case, please send a copy of the section with your name and address.)

      4. (A) One of the following IDs with a photo
         1) Driver's License 2) Passport 3) Basic Resident Registration Card with Photo
         4) Physical Disability Booklet 5) Residence Card 6) Special Permanent Resident Certificate

      5. (B) Two of the following IDs without a photo
         1) Health Insurance Card 2) Pension Booklet
         3) Abridged Family Register or Copy of Family Register

      6. (iii)If an agent is making the request in place of the Person(s) Concerned, the agent must submit the following documents in addition to (A) or (B) in (ii) above.

      7. (C) Personal identification for the agent ((A) or (B) in (ii) above)

      8. [In the case of delegation]

      9. (D) A power of attorney designated by the Company bearing the registered seal of the person subject to disclosure (the Person(s) concerned)

      10. (E) Certificate of seal registration for the person subject to disclosure (the Person(s) Concerned)

      11. [If the person is a minor or a ward]

      12. (F) A document certifying that the agent is the legal representative of the Person(s) Concerned (Abridged Family Register or Copy of Family Register for the Person(s) Concerned, judgement document regarding commencement of guardianship, etc.)

[8] Other