Use Data and Technology Respectfully and Ethically
When our customers, associates, and business partners share data and information with us, we understand the importance of keeping it safe and using it—and technology—ethically in ways they expect. We will maintain and grow the trust people have in us by respectfully using technology, respecting individuals’ privacy, and protecting their data.
Integrity in Action
- Respect the trust that people and the business place in us. When dealing with technology and personal or business information, do so in a way that shows you understand and respect its importance to the person and our business.
- Be clear about what information is being collected and why. When we collect information from individuals, make it clear that information is being collected, and tell the person why you need it.
- Tell people how you are using technology and what you are going to do with the information you collect. Be honest, transparent, and up-front about how someone’s information will be used. Only use it in those ways, so we don’t surprise people with unexpected, unexplained, or unwanted uses.
- Be thoughtful about how much data you collect and how long you keep it. We collect information to improve our customer shopping experience and to support our business functions. We must store and protect everything we collect, so make sure you need it before you collect it. Follow your local Records Management Policy for retention and disposal of collected information.
- Protect the information. Safeguard personal and business information from unauthorized access or disclosure. Report any known or suspected unauthorized access or disclosure immediately through your local data incident reporting channel.
- Follow data protection and privacy laws and our policies. Know our data policies, procedures, and controls that apply to your role and follow them when handling data.
- Seek guidance. If you have questions about how to handle data or which laws and policies apply to your project, contact Digital Citizenship, Privacy, or Legal.
I accidentally sent an email containing customer information to the wrong person. What should I do?
Incidents where customer or personal information is sent to an unauthorized person must be immediately reported through your local data incident reporting channel.
I want to use external service providers to process personal information. What steps should I take?
Third parties must be assessed, and contracts must be in place. Follow all local procedures for contracts and due diligence reviews.
Related Policies
