Data Breach Policy | Contact Boxer About Data Breaches

About this Data Breach Policy
1. Boxer collects, holds, uses and discloses Personal Information. We recognise that this needs to be carefully protected and that any Data Breach or suspected breach needs to be taken seriously.
2. Boxer has implemented this Data Breach Policy to provide you with information about how we would respond to any incident where a Data Breach has occurred or is suspected. Boxer also has internal policies for staff which outline the procedures we would take if we become aware of, or suspect, a Data Breach. This Data Breach Policy and our procedures have been created to ensure that an effective and consistent approach is taken when dealing with a Data Breach, and to help protect your Personal Information.
3. Please consider this Data Breach Policy alongside our other policies, available in our Legal Library. This includes the Privacy Policy which provides information on how we collect, hold, use and disclose Personal Information and choices you have regarding our use of that Personal Information.
Scan the pointers below to quickly find what you need. To get the full information, be sure to read the whole Data Breach Policy.

What you’ll find in this section
How our Data Breach Policy works and what it aims to achieve. At Boxer, we take care to protect your personal information. Any kind of Data Breach will be responded to quickly and seriously.
Data Breach
1. A Data Breach occurs when there is an incident or breach of security that leads to unauthorised (whether intentional or accidental) destruction, loss, alteration, disclosure of, or access to, Personal Information, or Boxer’s inability to access Personal Information (whether temporarily or permanently).
2. Data Breaches vary significantly. Examples of a Data Breach include where:
  - a device containing customer information is lost or stolen;
  - a database containing Personal Information is hacked;
  - a database containing Personal Information is locked and cannot be accessed by the controller; or
  - a company mistakenly provides Personal Information to the wrong person.
What you’ll find in this section
We outline what a Data Breach is, how it might happen and some examples of what it could look like.
Our approach
1. This section sets out the principles that inform how we would respond to a Data Breach.
  - Prompt reporting and responding
2. It is important that Data Breaches are recognised and responded to quickly. We recognise that actions taken or not taken within the first 24 hours of a Data Breach are crucial. We have clear reporting requirements for staff who become aware of, or suspect, a Data Breach. This includes immediate reporting to the Chief Executive where possible, and clear alternatives in the event that the Chief Executive is unavailable. Clear and prompt reporting requirements help us to ensure that the relevant people know about Data Breaches promptly, and that our Data Breach response can happen quickly.
  - Treating Data Breaches seriously
3. We know that your Personal Information needs to be protected, and we treat all Data Breaches and suspected Data Breaches seriously. That’s why we require reporting directly to our Chief Executive. The Chief Executive then assembles a team to respond to the breach which includes all relevant staff, including legal, operational and tech teams.
  - Consistent approach
4. It is important that all Data Breaches are thoroughly and consistently responded to. While Data Breaches can vary significantly in severity and reach, it is important that we turn our minds to all the possible risks. Our Data Breach procedures for staff have been created to guide staff through all the necessary steps and considerations in the event of a breach.
  - Compliance and reporting to those affected
5. We work to ensure that we comply with the relevant data protection and Data Breach laws in the countries we operate in. We appreciate that you will want to know if your Personal Information is seriously affected by a Data Breach. Some Data Breaches need to be reported to the relevant privacy regulator and those who are affected by the Data Breach.
What you’ll find in this section
How we’ll respond to a Data Breach, including the steps we’ll take to act and report quickly, give consistent and serious attention to any kind of Data Breach, and comply with applicable laws.
When and how to contact us
1. Please contact the Privacy Officer by email at privacy@goboxer.com if you have a query or concern about this Data Breach Policy or a Data Breach.
What you’ll find in this section
How to contact us if you have a Data Breach question or concern.
Definitions
1. Unless the context requires otherwise in this Data Breach Policy, references to:
Boxer, we, us or ours means Boxer Worldwide Limited, its subsidiaries, and other related and associated companies and entities (related entities).

Data Breach has the meaning given to it in section 2.1

Personal Information means any information relating to an identified individual or an individual who is reasonably identifiable, in particular by reference to an identifier such as a name, an identification number, location data, or an online identifier, and includes anything defined as personal information in any applicable privacy-related law.
What you’ll find in this section

A list of key terms and their definitions. You’ll see these terms capitalised throughout the policy.

Effective date: 1 February 2022

Data Breach
Policy

About this Data Breach Policy

Data Breach

Our approach

When and how to contact us

Definitions

The Boxer service

Resources

Help

Go Boxer

Thanks, that helps us look after you.

How would you like your cookies?