Data Security and Privacy

Data security and privacy is a growing risk to businesses and society in general. It is imperative for companies to responsibly manage personal data, such as personally identifiable information, payment information, device information and browsing history while accessing websites.

Mohawk uses the information we collect for business purposes, including authenticating a customer’s identity, delivering promotional material and improving our websites and products.

Data Security Governance

Mohawk’s comprehensive Privacy Policy explains the privacy and security practices required for any website, application, mobile browser, social media account or service that we operate. The policy applies to our corporate operations and businesses headquartered in the U.S., while our global businesses have policies aligned with local regulations.

We have a team, led by our chief information officer, that is responsible for implementing information security controls appropriate for the nature of the data involved. We prioritize the protection of personally identifiable information on Mohawk websites by adhering to applicable laws and employing organizational, technical, administrative and physical security measures. A dedicated team, led by our chief information officer, implements information security controls based on the nature of the data involved. We perform regular reviews and updates to our information security procedures to maintain their effectiveness.

Data Security Training

New employees undergo mandatory online cybersecurity training upon joining the Company, and we provide annual training to all employees, covering various topics such as avoiding malicious attachments and links, phishing prevention, email security, ransomware protection, URL awareness and defense against social engineering tactics. While we strive to minimize the likelihood of security issues based on the sensitivity of the data, we cannot guarantee the absolute security of personal information. We respect users’ rights under applicable data protection laws in each country.