XML 65 R31.htm IDEA: XBRL DOCUMENT v3.25.2
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Jun. 29, 2025
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
In the ordinary course of our business, we utilize technology systems to collect, use, store, and transmit information. The confidentiality, integrity, and availability of the information in our systems is important to our operations, business strategy, and maintaining the trust of our customers, employees and partners. As part of our enterprise risk management program, we have processes in place to identify, assess, and manage material risks associated with cybersecurity threats, as such term is defined in Item 106(a) of Regulation S-K.
Our cybersecurity team engages with applicable personnel across the enterprise and utilizes software tools to identify, categorize, and quantify material cybersecurity threat risks. The team meets regularly to consider new, known, and evolving risks and evaluate the measures in place to mitigate these risks.
Our strategy for managing cybersecurity risk is multifaceted and includes, without limitation: (i) robust security policies and procedures, designed in part to comply with the Payment Card Industry Data Security Standard (PCI-DSS), (ii) an incident response plan backed with industry-leading incident response support services, (iii) comprehensive system security vulnerability scanning, and oversight by a 24 hours a day, 7 days a week, 365 days a year Securities Operation Center; (iv) periodic cybersecurity awareness training and testing for employees and certain contractors; (v) risk management of our third-party suppliers, vendors, and other partners, which includes risk-based diligence and contractual provisions that generally allow for periodic auditing, and (vi) security assessments of any businesses that we acquire.
As part of our cybersecurity risk management program, we periodically engage third parties to evaluate and test our systems, run tabletop exercises to test our incident response processes, provide incident response support if needed, and certify our PCI-DSS compliance.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block] As part of our enterprise risk management program, we have processes in place to identify, assess, and manage material risks associated with cybersecurity threats, as such term is defined in Item 106(a) of Regulation S-K.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]
The Board of Directors of the Company (the “Board”), as a whole and through its committees, oversees the Company’s risk management process, including operational, financial, legal, strategic, marketing and brand reputation risks. The Technology and Cybersecurity Committee of the Board (the “Committee”) oversees risk management associated with the Company’s information technology use and protection, including data governance, privacy, compliance, and cybersecurity. The Committee comprises Board members with particular expertise in technology and management, equipping them to oversee cybersecurity risks effectively.
The Committee is responsible for the oversight of the Company’s policies and procedures intended to provide security, confidentiality, availability, and integrity of the Company’s information, including with respect to data privacy and the Company’s compliance with applicable data privacy and cybersecurity laws and regulations. The Committee also oversees the quality and effectiveness of the Company’s policies and procedures with respect to its information technology systems and provides oversight on the Company’s policies and procedures in maintaining preparedness for responding to any material incidents. The Committee also periodically coordinates with the Company’s Audit Committee, which reviews risks related to the Company’s information technology systems, including privacy, network security and data security.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] The Technology and Cybersecurity Committee of the Board (the “Committee”) oversees risk management associated with the Company’s information technology use and protection, including data governance, privacy, compliance, and cybersecurity.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] Our Senior Vice President, IT Operations, who reports to our Chief Executive Officer, meets regularly with the executive leadership team regarding topics related to technology operations, including cybersecurity, and also periodically updates the Board and the Committee regarding the Company’s cybersecurity and data privacy risk mitigation plans.
Cybersecurity Risk Role of Management [Text Block]
The Company’s program to identify, assess, and manage cybersecurity risks is currently led by our Senior Vice President, IT Operations, and leverages the expertise of our Chief Financial Officer and General Counsel. Our Senior Vice President, IT Operations holds a Bachelor of Business Administration in Business Computer Information Systems and has over 20 years of work experience, with more than 5 years in senior executive roles involving managing information systems, including implementing effective information and cybersecurity programs. Our Senior Vice President, IT Operations, who reports to our Chief Executive Officer, meets regularly with the executive leadership team regarding topics related to technology operations, including cybersecurity, and also periodically updates the Board and the Committee regarding the Company’s cybersecurity and data privacy risk mitigation plans.
With respect to the prevention, detection, mitigation, and remediation of cybersecurity incidents, our information security team, under the direction of our Senior Vice President, IT Operations, monitors our information systems, assesses the severity of any incidents it detects or that are otherwise reported, and follows escalation procedures embedded within our incident response plan to inform the Senior Vice President, IT Operations, other members of management, the Committee, and the Board, each as needed.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] The Company’s program to identify, assess, and manage cybersecurity risks is currently led by our Senior Vice President, IT Operations, and leverages the expertise of our Chief Financial Officer and General Counsel.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] Our Senior Vice President, IT Operations holds a Bachelor of Business Administration in Business Computer Information Systems and has over 20 years of work experience, with more than 5 years in senior executive roles involving managing information systems, including implementing effective information and cybersecurity programs.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] Our Senior Vice President, IT Operations, who reports to our Chief Executive Officer, meets regularly with the executive leadership team regarding topics related to technology operations, including cybersecurity, and also periodically updates the Board and the Committee regarding the Company’s cybersecurity and data privacy risk mitigation plans.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true