As part of our jobs, many of us have access to personal data about our clients, colleagues, and other third-party relationships. In providing this information, individuals trust us to keep it safe from unauthorized use and disclosure. We have an obligation to maintain that trust. We follow the law and our policies to preserve privacy.
Be aware of the personal information you handle.
We use our clients’ personal information to help them choose the best services and to make informed decisions for their organizations. We use our colleagues’ personal information in ways that support their employment at FIS. And we use third parties’ personal information to facilitate our working relationship. In every case, for every individual, we honor, respect, and protect their personal data.
Personal data is any information that can directly or indirectly identify a person, including:
- - A phone number
- - An employee ID number
- - A bank account number
- - A credit card number
- - An email or IP address
Protect it the right way.
Personal data is confidential information, so treat it with the same high standard of care. Make sure you collect, access, use, share, store, retain, and delete personal data in accordance with all applicable data privacy laws, regulations, and FIS policies.
Identify and report privacy incidents.
Privacy incidents occur when personal data has been either:
- Used for an unauthorized purpose, or
- Accessed by an unauthorized person
They lead to accidental or unlawful destruction, loss, alteration, or disclosure of personal data.
Additional Resources Available:
Acceptable Use Policy
Data Protection Policy
Environmental, Social, and Governance (ESG) Policy
Information Classification Policy
Records Management Policy
Records Retention and Management Standard
Records Retention Schedule
Personal data is any information that can directly or indirectly identify a person, including:
- - A phone number
- - An employee ID number
- - A bank account number
- - A credit card number
- - An email or IP address
Our Core Values In Action
Q: I received an email that wasn’t meant for me. It includes a list of colleague names and salary information. I don’t want to get anyone in trouble, but I know this is personal data that was sent to the wrong person. What should I do?
A: Don’t read it or share it with anyone else. Let the sender know that the email was not sent to the intended recipient and delete the email. You should also immediately report it (and any actual or potential privacy incident you become aware of) to the Privacy Incident Response Team (PIRT). To do so, click the Quick Links tab on our home page, and then select “Report a Privacy Incident.” If you have any technical issues or any other privacy-related question, you may contact PIRT directly via email.