We handle sensitive and personal data, and many of our customers use our products to manage personal information. We have formal governance, training programs, policies and compliance assessments relating to privacy and information security.
Our policies, procedures and standards cover privacy and data protection, information security and acceptable use. Special policies apply to employees handling particularly sensitive data. Incident response procedures are in place for investigating and remediating any potential or actual departure from those policies.