Our Priorities

Governance and Data
Responsibility

Our Governance & Data Responsibility Program ensures that we have robust policies and commitments in place across corporate governance, ESG oversight, ethics and transparency, human rights, responsible sourcing, health and safety, data privacy and security, and risk management.

Corporate Governance and Ethics

Serving the social impact community requires that we uphold the highest governance and ethical standards across our company. We demonstrate our ongoing commitment to operating our business with integrity through corporate governance guidelines, Board committee charters, codes of conduct for employees and partners, and a safe, efficient ethics complaint process.

How we’re doing:

  • In December 2023, the Board of Directors amended the tenure limits for its independent directors within our Corporate Governance Guidelines, which state that an independent director of the Company will not be nominated for election as a director if he or she has, or will have, served on the Board for 12 years or more as of the date scheduled for his or her next election
  • We require employees to comply with our Code of Business Conduct and Ethics; our CEO and other relevant executive leaders also adhere to our Code of Ethics for CEO and Senior Financial Officers
  • We expect those we do business with to act ethically and abide by our Code of Business Conduct and Ethics for Suppliers and Business Partners

 

Data Privacy and Security

Our customers’ trust is a top priority and is embedded in everything we do. We are committed to providing them with the confidence that their technology and data are secure, and we continue to make significant investments in our security program.

How we’re doing:

  • Operational security: We leverage the industry standard CIA Triad Model in conjunction with comprehensive industry control frameworks, compliance regulations, privacy requirements, and best practices, including: NIST CSF, PCI DSS, SOC 1, SOC 2, GDPR, and Cloud Security Alliance
  • Product security: Our development teams take part in regular training and use industry best practices and frameworks, such as OWASP, to build security into our solutions
  • Incident response: We monitor the threat landscape 24/7 in coordination with a third-party firm, routinely test our incident response capabilities and preparedness, and maintain proactive relationships with law enforcement
  • Ongoing landscape analysis: Our dedicated legal counsel continually evaluates upcoming and changing data privacy regulations and provides thought leadership for our customers on the operational impacts of these regulations and compliance requirements

 

Learn more about our robust cybersecurity and data privacy practices or to access our security assessments and audits.

Learn about our other ESG priorities