1 minute read
Data Privacy and Security
DATA PRIVACY AND SECURITY
Overview
Upholding a high level of data privacy and security is an important part of responsible value chain management. Our data privacy & security program incorporates firewalls, multi-layer authentication, continuous network monitoring, and strict password regulations to ensure the safety of our customer’s and employees’ personal information. Our organization maintains compliance with all applicable global regulatory requirements and utilizes internal employee training to help our team members better understand the roles they play in protecting sensitive data.
GOALS
• Update privacy policies in 2021 and distribute to all global employees in 2022 • Continue to provide our customers with clear information about our privacy practices
Upholding Data Privacy and Security
To assist our employees with operating in line with the IT objectives we set for our business, we appointed a Senior Vice President of Information Technology and provided them with the responsibility of spearheading the data privacy and security program. We then updated and distributed our Privacy Policy to our employees in late December 2020 to implement a procedural change to better secure and protect our information during the 2021 calendar year.
Our privacy policy outlines the different types of information we gather from consumers and employees and highlights the many ways this data can be used in our operations. Our processes aim to maintain compliance with applicable regulatory regimes such as the European Union General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the Payment Card Industry Data Security Standard (PCI DSS).
Beginning in 2021, we increased the scope of our data security program by offering mandatory cybersecurity training sessions to 100% of our employees. Employees in these training sessions reviewed topics including data protection, privacy and security, and different types of targeted attacks such as phishing. We understand that the safety of our data depends on a knowledgeable employee base, and with global cybersecurity attacks becoming ever more frequent, we want to do everything we can to ensure our team members are educated on the risks they face while online. The impact of our 2021 efforts to improve our cybersecurity program resulted in 0 leaks, losses, or thefts of customer data.
