Overview

Ribbon maintains an active data protection program which continuously monitors compliance to applicable data protection laws and the evolving data protection landscape. Our program focuses on compliance with the EU General Data Protection Regulation (GDPR) through robust data protection policies and practices. We apply these policies and practices across the company, beyond the specific compliance needs in Europe, in order to create a common standard of privacy across the company.  This has a pull-through effect of supporting Ribbon’s compliance with applicable data protection laws around the globe – including compliance with evolving privacy regulation in the United States, India, Canada, Australia and elsewhere.

We pay particular attention to the processing of customer and employee data in order to maintain appropriate privacy practices and safeguards within the scope of Ribbon services.  This includes maintenance of an active vendor risk management program and designing Ribbon’s products and services with Privacy by Design (PbD) principles in mind.

Overall executive direction of our data protection program resides with Ribbon’s Chief Legal Officer who also serves as the Data Protection Officer (DPO) for certain Ribbon entities. Ribbon was not subject to sanctions by data protection enforcement agencies in 2024.

In 2024, we were active in advancing data protection measures in the following ways:

  • 90 data protection assessments executed
  • 135 customer data protection related engagements
  • 92 supplier data protection related engagements
  • 4101 data protection training units completed by Ribbon employees
  • Maintained self-certification to the EU/UK/Swiss-US Data Privacy Framework (DPF)

Data Protection Lifecycle

Ribbon’s data-protection cycle is supported by industry-leading privacy operations platforms and expert toolsets.

Associations and Certifications

Ribbon is a corporate member of the International Association of Privacy Professionals (IAPP), the largest and most comprehensive global information privacy community and resource. Ribbon counsel and personnel attached to the privacy program are trained in data protection matters including maintenance of certain IAPP privacy professional certifications.  Ribbon and several of its affiliated U.S. companies are self-certified under the EU/UK/Swiss-US Data Privacy Framework (DPF) program. For more insight regarding Ribbon’s approach to data protection and the personal data processed by Ribbon, please see our Privacy Policy.

Our Approach to Data Protection directly supports UN Sustainable Development Goal (SDG) 9 which calls to build resilient infrastructure, promote inclusive and sustainable industrialization and foster innovation. 

Disclosure

The Ribbon Privacy Policy provides public transparency regarding Ribbon’s processing of personal data.  In addition, we report transparently to our stakeholders regarding our data protection posture in our Sustainability Report, available on our website.