Compliance practices
double digit communications complies with united nations guiding principles on business
and human rights
Human Rights
Double Digit Communications is committed to respecting human rights in accordance with the United Nations Guiding Principles on Business and Human Rights (UNGPs). We recognize our responsibility to avoid infringing on the rights of others and to address any adverse human rights impacts with which we may be involved. Our commitment extends to our own operations, our employees, and our business relationships.
Due Diligence
In line with Pillar II of the UN Guiding Principles, Double Digit Communications conducts ongoing human rights due diligence to identify, prevent, mitigate, and account for how we address our potential and actual human rights impacts. This process includes assessing risks, integrating findings into internal procedures, tracking performance, and communicating our progress.
Supplier Code of Conduct
Supplier warrants that it respects internationally recognized human rights as set out in the International Bill of Human Rights and the ILO Declaration on Fundamental Principles and Rights at Work, consistent with the UN Guiding Principles on Business and Human Rights. Supplier shall ensure it is not complicit in human rights abuses and will implement due diligence processes to identify, address, and mitigate potential impacts in its own operations and supply chain.
Access to Remedy
Double Digit Communications is committed to providing for, or cooperating in, fair and effective remedy processes if we find that we have caused or contributed to adverse human rights impacts. We maintain accessible grievance mechanisms to receive and address concerns from stakeholders and workers
double digit complies with all relevant data privacy and security regulations
US Data Privacy and Security Laws
Double Digit Communications complies with all U.S. federal, state, and local laws and regulations applicable to the collection, use, storage, processing, transmission, disclosure, retention, and disposal of Personal Data and other data processed or handled in the course of our work, including as applicable: (a) U.S. state comprehensive privacy laws (including the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA/CPRA”), and similar state laws); (b) state data breach notification laws; (c) sector-specific privacy and security laws and regulations (including, as applicable, the Health Insurance Portability and Accountability Act and its implementing regulations (“HIPAA”), the Gramm-Leach-Bliley Act (“GLBA”), the Children’s Online Privacy Protection Act (“COPPA”), the Fair Credit Reporting Act (“FCRA”), and the Telephone Consumer Protection Act (“TCPA”)); and (d) U.S. sanctions or other restrictions applicable to the transfer of data or provision of services.
Double Digit Communications requires clients and partners to implement and maintain appropriate administrative, technical, and physical safeguards designed to: (i) protect the security, confidentiality, and integrity of such data; (ii) protect against anticipated threats or hazards to the security or integrity of such data; and (iii) prevent unauthorized access to, acquisition of, use of, or disclosure of such data.
If Double Digit Communications or a client becomes aware of any actual or reasonably suspected unauthorized access to or acquisition, disclosure, alteration, loss, or destruction of Personal Data processed under this Agreement (a “Security Incident”), that party will: (A) promptly notify the other party without undue delay and, in any event, within 48 hours of confirmation of the Security Incident; (B) provide timely information reasonably requested regarding the nature and scope of the Security Incident, the data affected, and remediation steps taken or planned; (C) take reasonable steps to contain, investigate, and remediate the Security Incident; and (D) cooperate in good faith with the other party regarding any legally required notices to individuals, regulators, or other third parties. Unless required by applicable law or regulator, a party will not issue any public statement regarding a Security Incident that identifies the other party without the other party’s prior written consent.
“Personal Data” is defined as: any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with an identified or identifiable individual, or that otherwise constitutes “personal information,” “personal data,” or similar term under applicable U.S. privacy or data protection laws.
modern slavery
US Data Privacy and Security Laws
Double Digit Communications represents and warrants that it (and its officers, directors, employees, agents, and, to the extent acting in connection with performance of this Agreement, its subcontractors and suppliers) will comply with all applicable laws prohibiting forced labor, human trafficking, slavery, servitude, and child labor, including the U.S. Trafficking Victims Protection Act of 2000 (as amended) and any other applicable federal, state, and local laws and regulations (collectively, “Modern Slavery Laws”).
Double Digit Communications represents and warrants that it does not knowingly use, and will not knowingly use, forced, bonded, prison, indentured, or involuntary labor, or engage in human trafficking, in connection with the performance of this Agreement.
Double Digit Communications requires that all clients maintain policies and procedures designed to support compliance with Modern Slavery Laws, including reasonable due diligence measures for its workforce and, where applicable, its subcontractors and suppliers engaged in performance under this Agreement.