XML 44 R22.htm IDEA: XBRL DOCUMENT v3.25.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
We have established procedures for evaluating, recognizing, and handling significant risks stemming from potential unauthorized events occurring on or through our electronic information systems, which could negatively impact the confidentiality, integrity, or accessibility of our information systems or the data stored within them. These procedures encompass a diverse range of mechanisms, controls, technologies, systems, and other processes aimed at preventing, detecting, or mitigating data breaches, theft, misuse, unauthorized access, or any other security incidents or vulnerabilities affecting digitally stored data. This data comprises confidential, business, and personal information that we gather, process, store, and transmit as part of our operations, including on behalf of third parties. Furthermore, we utilize systems and procedures intended to minimize the repercussions of a security incident involving a third-party vendor or customer. Additionally, we employ procedures to supervise and identify significant risks arising from cybersecurity threats linked to our utilization of third-party technology and systems, such as encryption and authentication systems, employee email services, back-office support systems, and other operational functions.
We adhere to a risk management framework based on applicable laws and regulations, incorporating industry standards and recognized practices to handle cybersecurity risks across our products, services, infrastructure and corporate assets. To evaluate and address cybersecurity threats, we analyze factors such as threat intelligence, first- and third-party vulnerabilities, changing regulatory requirements and observed incidents. We regularly conduct risk assessments to gauge the effectiveness and maturity of our systems, identifying areas for improvement. We also engage third-party security experts and consultants to assist with assessment and enhancement of our cybersecurity risk management processes, as well as benchmarking against industry practices. We also maintain a privacy risk management program to assess risks related to user data collection, with an independent third-party privacy assessor to ensure compliance. These processes enable us to make informed, risk-based decisions and prioritize cybersecurity measures and risk mitigation strategies. Our risk mitigation efforts encompass a range of technical and operational actions, alongside annual cybersecurity and privacy training for all staff members.
Our cybersecurity risks and associated mitigations are evaluated by our IT team, including our VP of Technology Operations and Information Security, as part of our enterprise risk assessments that are reviewed by our management team. Our VP of Technology Operations and Information Security serves as the Company’s designated Chief Information Security Officer and is responsible for developing and implementing the cybersecurity risk management program, including reporting on cybersecurity matters to the Board of Directors. The VP of Technology Operations and Information Security has more than 19 years of experience leading cybersecurity oversight.

Our management team supervises efforts to prevent, detect, mitigate and remediate cybersecurity risks and incidents, which include: internal briefings from relevant personnel; threat intelligence and other information obtained from governmental, public or private sources, including external cybersecurity consultants; and alerts and reports produced by security tools deployed in our IT environment. In addition, the Board of Directors oversees the Company’s cybersecurity risk exposures and the steps taken by management and the Chief Information Security Officer to monitor and mitigate cybersecurity risks. However, we cannot guarantee that our efforts will prevent any cybersecurity incident from occurring.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block]
We have established procedures for evaluating, recognizing, and handling significant risks stemming from potential unauthorized events occurring on or through our electronic information systems, which could negatively impact the confidentiality, integrity, or accessibility of our information systems or the data stored within them. These procedures encompass a diverse range of mechanisms, controls, technologies, systems, and other processes aimed at preventing, detecting, or mitigating data breaches, theft, misuse, unauthorized access, or any other security incidents or vulnerabilities affecting digitally stored data. This data comprises confidential, business, and personal information that we gather, process, store, and transmit as part of our operations, including on behalf of third parties. Furthermore, we utilize systems and procedures intended to minimize the repercussions of a security incident involving a third-party vendor or customer. Additionally, we employ procedures to supervise and identify significant risks arising from cybersecurity threats linked to our utilization of third-party technology and systems, such as encryption and authentication systems, employee email services, back-office support systems, and other operational functions.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block] In addition, the Board of Directors oversees the Company’s cybersecurity risk exposures and the steps taken by management and the Chief Information Security Officer to monitor and mitigate cybersecurity risks
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]
Our cybersecurity risks and associated mitigations are evaluated by our IT team, including our VP of Technology Operations and Information Security, as part of our enterprise risk assessments that are reviewed by our management team. Our VP of Technology Operations and Information Security serves as the Company’s designated Chief Information Security Officer and is responsible for developing and implementing the cybersecurity risk management program, including reporting on cybersecurity matters to the Board of Directors. The VP of Technology Operations and Information Security has more than 19 years of experience leading cybersecurity oversight.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] Our management team supervises efforts to prevent, detect, mitigate and remediate cybersecurity risks and incidents, which include: internal briefings from relevant personnel; threat intelligence and other information obtained from governmental, public or private sources, including external cybersecurity consultants; and alerts and reports produced by security tools deployed in our IT environment. In addition, the Board of Directors oversees the Company’s cybersecurity risk exposures and the steps taken by management and the Chief Information Security Officer to monitor and mitigate cybersecurity risks.
Cybersecurity Risk Role of Management [Text Block]
Our cybersecurity risks and associated mitigations are evaluated by our IT team, including our VP of Technology Operations and Information Security, as part of our enterprise risk assessments that are reviewed by our management team. Our VP of Technology Operations and Information Security serves as the Company’s designated Chief Information Security Officer and is responsible for developing and implementing the cybersecurity risk management program, including reporting on cybersecurity matters to the Board of Directors. The VP of Technology Operations and Information Security has more than 19 years of experience leading cybersecurity oversight.

Our management team supervises efforts to prevent, detect, mitigate and remediate cybersecurity risks and incidents, which include: internal briefings from relevant personnel; threat intelligence and other information obtained from governmental, public or private sources, including external cybersecurity consultants; and alerts and reports produced by security tools deployed in our IT environment. In addition, the Board of Directors oversees the Company’s cybersecurity risk exposures and the steps taken by management and the Chief Information Security Officer to monitor and mitigate cybersecurity risks. However, we cannot guarantee that our efforts will prevent any cybersecurity incident from occurring.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]
Our cybersecurity risks and associated mitigations are evaluated by our IT team, including our VP of Technology Operations and Information Security, as part of our enterprise risk assessments that are reviewed by our management team. Our VP of Technology Operations and Information Security serves as the Company’s designated Chief Information Security Officer and is responsible for developing and implementing the cybersecurity risk management program, including reporting on cybersecurity matters to the Board of Directors. The VP of Technology Operations and Information Security has more than 19 years of experience leading cybersecurity oversight.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] The VP of Technology Operations and Information Security has more than 19 years of experience leading cybersecurity oversight.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]
Our cybersecurity risks and associated mitigations are evaluated by our IT team, including our VP of Technology Operations and Information Security, as part of our enterprise risk assessments that are reviewed by our management team. Our VP of Technology Operations and Information Security serves as the Company’s designated Chief Information Security Officer and is responsible for developing and implementing the cybersecurity risk management program, including reporting on cybersecurity matters to the Board of Directors. The VP of Technology Operations and Information Security has more than 19 years of experience leading cybersecurity oversight.

Our management team supervises efforts to prevent, detect, mitigate and remediate cybersecurity risks and incidents, which include: internal briefings from relevant personnel; threat intelligence and other information obtained from governmental, public or private sources, including external cybersecurity consultants; and alerts and reports produced by security tools deployed in our IT environment. In addition, the Board of Directors oversees the Company’s cybersecurity risk exposures and the steps taken by management and the Chief Information Security Officer to monitor and mitigate cybersecurity risks. However, we cannot guarantee that our efforts will prevent any cybersecurity incident from occurring.