Guidelines for People Dept.

The purpose of People Dept. is as simple as its name: we're all about our people. We want to ensure that an employee's journey with Mozilla is as seamless, unique, and fulfilling as possible. In order for this to happen we must gain the trust of our employees and one way of doing this is by assuring them that we are doing everything we can to keep their information secure. We commit to following principals to establish a secure foundation for all information.

Mozilla Privacy Principles

No Surprises

Always keep in mind that our main purpose for collecting any employee data is solely for the employee’s benefit. If it doesn’t benefit the employee in some capacity, then data should not be collected. Employees should also be informed that data will be collected at certain points of their onboarding process and throughout their career with Mozilla.

Real Choices

Whenever data is collected, communication should go out prior explaining what we need to collect, why we are collecting it, and assurance that they’re information will be protected. Employees should also be given the option of opting out or providing alternate information when applicable.

Sensible Settings

In our department we use systems to be more efficient with our workflow. We want to ensure that we set-up default security settings on all devices and all systems we use. This includes things, such as:

• Password protecting all cell phones that receive company emails
• Ensuring strong password strength on all accounts and programs that store employee data
• Setting up password protected lock-outs on computers and employee stored programs when idle for a reasonable amount of time
• Checking security permissions for accounts of employee stored programs

Limited Data

Only collect necessary data to input into our HR systems; remember sometimes less is more! Be cautious when supplying employee data and limit the amount you’re supplying when possible.

User Control

Advocate for solutions that will allow employees to have control over their information. One way this will be done in the future is by allowing employee self service within the Workday HRIS.

Trusted Third Parties

Understand that when selecting and interacting with partners and vendors, it is our responsibility to ensure the following:

• Employee data is only collected when necessary
• Employee data is in a controlled setting
• Our employees’ data is owned by Mozilla and should always be stored in-house

Privacy always should be a key factor in selecting partners and vendors.