Daily CSR
Daily CSR

Daily CSR
Daily news about corporate social responsibility, ethics and sustainability

GoDaddy 2022 Sustainability Report: Environmental, Social, and Governance (ESG) Strategies and Progress



06/16/2023


We prioritize the security and privacy of our customers' data, enabling entrepreneurs to pursue their online aspirations with confidence. Our unwavering commitment to data protection is reflected in our proactive measures to uphold privacy and security standards in the face of a complex cybersecurity landscape. Maintaining transparency and adapting to evolving regulations are core principles that guide our operations.
 
At GoDaddy, we adopt a comprehensive, risk-based approach that encompasses both user privacy and web security. This approach involves key stakeholders who fulfill vital roles:
 
The Audit and Finance Committee assumes primary oversight responsibilities for cybersecurity risks, as well as data privacy and security matters. Regular updates on these topics are provided to the Board of Directors by the Chief Information Security Officer, who collaborates closely with the committee.
 
The Chief Information Security Officer (CISO) oversees GoDaddy's Information Security organization, which is responsible for tasks such as security risk assessment, threat intelligence, incident response, and ensuring security measures across our products, enterprise, and customer operations. The CISO engages with the Audit and Finance Committee on a quarterly basis and provides annual updates to the entire Board. These updates encompass a review of cybersecurity programs, risk evaluation, priority setting, mitigation strategies, staffing, and resource allocation.
 
Our Data Protection Office, led by our Privacy Officer, manages GoDaddy's Global Privacy program. This program undergoes an independent assessment annually to maintain a high level of privacy focus. The Audit and Finance Committee reviews the Global Privacy program as part of our Enterprise Risk Management program, ensuring its effectiveness.
 
GoDaddy's Trust Center Site serves as a centralized hub, offering our customers easy access to data protection, security, and privacy resources. This platform empowers them to safeguard their information, as well as their customers' data, in a compliant and secure manner.
 

Ensuring Data Security
 
In the face of a growing and ever-changing cyberthreat landscape, we prioritize the security of data, striving to prevent breaches and mitigate threats. Our efforts span across various areas:
 
Proactive Monitoring: We maintain continuous vigilance by regularly scanning for vulnerabilities. To anticipate new and emerging cybersecurity attack vectors, we conduct industry research and monitor potential threats that may impact both GoDaddy and our customers.
 
Training and Internal Communications: We prioritize maintaining high standards by providing annual customer privacy and security training to all GoDaddy employees. Additionally, we keep our employees updated on the latest security and privacy initiatives through regular and timely alerts, as well as industry best practices.
 
Intentional Development: Collaboration within GoDaddy's information security organization ensures that security considerations are intentionally integrated into the development of new products and services.
 
Security Frameworks: By adhering to leading security frameworks such as the National Institute of Standards and Technology (NIST) cybersecurity framework, Payment Card Industry Data Security Standards (PCI DSS), WebTrust, International Organization for Standardization (ISO) 27001, and System and Organization Controls (SOC) 2, we align ourselves with best practices in the industry.
 

Prioritizing Data Privacy
 
Trust and integrity are foundational elements of our customer relationships. To uphold these values, we offer core privacy features to all our customers, and we never sell customer information to third parties.
 
Our Privacy Policy outlines our approach to safeguarding the personal data we collect, use, store, and share. We prioritize the privacy of our global customers and employees by applying a consistent approach to privacy and adhering to stringent privacy requirements, regardless of their geographic location. We remain committed to staying abreast of evolving international regulations.
 

Data Privacy Certification
 
In 2022, we renewed our annual independent TRUSTe LLC General Data Protection Regulation (GDPR) privacy program management validation for GoDaddy.
 
Privacy is an integral aspect of all our products and services. We embrace the Privacy by Design approach, ensuring that privacy principles are embedded during process design and throughout the entire engineering lifecycle. We continuously explore opportunities to enhance data protection and provide additional education to our employees.
 

Introduction to this Report
 
The GoDaddy 2022 Sustainability Report provides a comprehensive overview of our environmental, social, and governance (ESG) strategies, activities, progress, metrics, and performance for the fiscal year ending on December 31, 2022, unless stated otherwise. This report adheres to the Global Reporting Initiative (GRI) Standards and incorporates relevant metrics from the Sustainability Accounting Standards Board (SASB) Standards specifically for the Internet Media and Services sector.
 
We are dedicated to maintaining regular and transparent communication regarding our sustainability progress. As part of this commitment, we will continuously share updates through our website and consistently publish an annual Sustainability Report.
 
If you would like to know more click here.