Information Security Policy
1. Basic Policy
Recharge Power LLC (hereinafter "the Company") contributes to the construction of stable and sustainable energy infrastructure both domestically and internationally through the provision of battery storage systems, energy management systems, and renewable energy-related solutions.
As an energy-related company operating internationally, the Company regards information received from customers, business partners, employees, and other stakeholders — as well as the Company's own technical information, trade secrets, system configuration information, operational information, and product and service-related information — as important information assets in its business activities.
In order to appropriately protect these information assets from threats such as unauthorized access, leakage, falsification, loss, destruction, service interruption, and other risks, and to ensure the trust of customers and society both domestically and internationally, the Company establishes this Policy and builds an information security management framework.
All officers and employees of the Company shall comply with this Policy and work to maintain and continuously improve information security.
2. Scope of Application
This Policy applies to all information assets owned or managed by the Company.
Information assets subject to this Policy include electronic data, paper media, systems, networks, software, equipment, design information, operational information, know-how, customer information, business partner information, and other information related to business activities.
This Policy also applies to all persons who handle the Company's information assets, including officers, employees, contract workers, temporary staff, outsourcing contractors, overseas offices, affiliated companies, cooperative companies, and others.
3. Protection of Information Assets
To maintain the confidentiality, integrity, and availability of our information assets, we will take the following measures, in accordance with the standards required for international business operations.
(1) Ensuring confidentiality
To prevent unauthorized access, leakage, theft, and misuse of information assets, our company implements access control, authentication management, authorization management, encryption, protection of communication paths, and other necessary measures according to the importance of the information.
(2) Ensuring integrity
To prevent tampering, destruction, loss, or misuse of information assets and to maintain their accuracy and integrity, our company implements change management, backup, log management, recovery procedures, and other necessary measures.
(3) Ensuring Availability
To prevent and mitigate business or service interruptions caused by disasters, system failures, cyberattacks, supply chain issues, and other events, the Company implements backups, redundancy, incident response procedures, and other measures necessary for business continuity.
4. Compliance with International Laws, Standards, and Contractual Obligations
The Company complies with laws and regulations in each country and region related to information security, personal information protection regulations, guidelines established by government and administrative authorities, industry standards, social norms, and contractual security obligations with customers and business partners.
The Company also confirms the applicable security requirements for battery storage systems, energy management systems, network-connected devices, and other products and services it provides or is involved in operating, and takes appropriate action in line with international best practices.
5. Responsibilities and Education of Officers and Employees
All officers and employees of the Company shall comply with this Policy and related internal regulations, procedures, and rules, and shall handle information assets appropriately.
The Company shall regularly conduct education and awareness activities on information security for its officers and employees, with the aim of raising information security awareness and ensuring the acquisition of necessary knowledge.
The Company shall also, where necessary, clearly communicate information security requirements to overseas offices, affiliated companies, outsourcing contractors, cooperative companies, and other relevant parties, and shall implement management appropriate to the Company's business operations.
6. Supply Chain and Product Security
As a company involved in the provision of battery storage systems, energy management systems, and related equipment and software, the Company endeavors to ensure information security throughout the entire lifecycle of its products and services.
At each stage — including design, development, procurement, deployment, operation, maintenance, updates, and disposal — the Company considers supply chain risks and works in coordination with affiliated companies, development contractors, equipment manufacturers, maintenance providers, and other partners to implement appropriate security measures.
7. Continuous Improvement and Incident Response
The Company periodically reviews its information security measures and works toward continuous improvement in response to changes in threats, technological trends, laws and regulations, international standards, the social environment, and the business environment.
In the event that an information security incident or potential incident occurs, the Company will promptly assess the situation and take action to prevent the spread of damage, investigate the cause, report to relevant parties, restore operations, and implement measures to prevent recurrence.
Established: June 12, 2026
