Protecting the right to data privacy is fundamental to maintaining the trust of Ziff Davis’ customers, readers, subscribers, suppliers and employees. Ziff Davis is committed to implementing leading data protection standards, and we have adopted significant governance measures, corporate policies and operating procedures to do so. We abide by “privacy by default” and “privacy by design,” and we conduct privacy impact assessments for major new products, services and other offerings prior to their public launch. Ziff Davis leverages organization-wide tools to document our data flows, manage data subject access rights and assess data processing activities. We regularly review our data collection and processing activities across Ziff Davis and its businesses to ensure data is collected lawfully and transparently.
Ziff Davis is committed to governance practices that maintain the highest ethical standards and make clear the fair and equitable business practices upheld across the company. We are committed to complying with all applicable wage, labor, and employment laws and regulations. Our governance policies and board committee charters detail Ziff Davis' adherence to practices that serve shareholders’ best interests and meet the requirements of all relevant laws. These include a clear code of business conduct and ethics, charters that clearly define board committees’ respective roles and responsibilities — including board-level responsibility for board diversity and ESG oversight — and a whistleblower program which includes a 24/7 confidential hotline available to all employees through which they can anonymously report concerns. Ziff Davis is involved with trade groups, such as i2 Coalition, that discuss and advocate for issues relevant to the company. The amounts spent on such groups are not material.
Ziff Davis maintains risk management programs consistent with the highest principles of ethics and integrity, to ensure compliance with applicable laws and regulations and to meet our commitments to the highest standards of data privacy and security. Our Corporate Audit Services (CAS) enhances and protects our organizational value by providing risk-based and objective assurance, advice and insight. CAS is staffed by a team of auditors from across the organization with deep experience in information technology, data privacy, finance and operations.
Ziff Davis’ Code of Conduct contains general guidelines for conducting business with the highest standards of ethics and our Whistleblower Policy sets forth how we receive and respond to reports of potential violations. Ziff Davis is committed to fostering business environments in which open, honest communications are the expectation, not the exception. In situations in which employees, vendors, or other partners wish to place an anonymous report in confidence, we encourage them to utilize our anonymous, independent hotlines hosted by our third-party provider, EthicsPoint. To anonymously submit a report online or via phone, click here.
Ziff Davis seeks to work with partners, vendors and suppliers whose values and practices are commensurate with our own, including our sustainability and human rights initiatives. We aim to engage minority-owned vendors and suppliers and to procure products and services from local companies in the communities where we operate. Our corporate policies detail the non-discrimination practices, health and safety standards and rights to collective bargaining and organization we expect from those with whom we do business.
Ziff Davis uses third party providers of educational material to maintain a regular calendar of mandatory employee training sessions for all employees, designed to educate them on sound Information Security and Data Protection practices. These trainings help alert our employees to the many warning signs of potentially malicious activity by bad actors intent on phishing, spear-phishing, deploying ransomware, etc. Employees are also educated on relevant security and privacy regulations, such as GDPR, CCPA, PCI, and HIPAA. Targeted training is given to certain departments or brands to fulfill any compliance obligations. Additionally, we randomly subject individual business units - and the company at large - to unannounced simulated phishing attacks, designed to test the ability of our workforce to use the training they've received to properly react to potential threats.
Our Workplace Safety Policy, encompassing all facilities and operations within Ziff Davis, solidifies our commitment to providing and maintaining a safe, professional work environment for all employees. Our Risk Management and Human Resources teams ensure we have the proper workplace policies in place to protect the occupational health and safety of our employees. All facilities and operations are expected to follow all local and federal guidelines to ensure the safety of Ziff Davis’ employees and customers is never put at risk. As a company, we follow all local and federal reporting and disclosure requirements.