Basic Policy on Information Security

Our corporate group is aware that the proper protection of information assets held by the Group, including information entrusted to us by clients who use our services, from various information security-related threats is a vitally important responsibility. In accordance with this thinking, we hereby declare that we will proactively work to establish, operate, and maintain an information security management system by setting forth and implementing a basic policy on information security.

We shall comply with laws, regulations, and other norms and standards related to information security.
We shall take organizational, human, physical, and technical safety management measures through ISMS activities to work on and firmly put in place information security measures.
We shall continuously review and improve management systems related to information security in line with changes in social conditions and the environment.

May 28, 2021

Kotaro Sawada, Representative Director

ZOZO Inc.

September 15, 2023

As a member of the ZOZO Group, we follow the Basic Policy on Information Security to achieve the objectives of ISMS.

Takayasu Yamada, Executive Director & CEO

ZOZO NEW ZEALAND LIMITED

Achieving ISMS Certification

Based on the above basic information security policy, ZOZO Group has been audited by a third-party organization and has acquired ISO/IEC 27001:2022, an international standard for information security management systems (ISMS), and JIS Q 27001:2023, a Japanese domestic standard.

Certified Standards

ISO/IEC 27001:2022 / JIS Q 27001:2023

Registration No.

IS 749678

IS 749678 / ISO 27001

Scope of Registered Certification

Operations described below for web-based services for BtoB and BtoC

Planning, development and operation
Technological development, R&D

Expiration Date

July 14, 2027

Examination and Certification Institution

BSI Group Japan K.K.