Our commitment: Be a leader in the secure and responsible use of consumer data.

How we use data

is what differentiates Alliance Data from its peers.

Every day, we capture, analyze, and leverage consumer data on behalf of our clients to deliver relevant loyalty programs and marketing campaigns. We also take every precaution to safeguard that data, embedding information security and privacy into our technology, tools, platforms, and training. We know our approach to data is both our competitive advantage and one of our biggest risks — and we dedicate ourselves to getting it right.

Leading the Way

In a world of increasingly sophisticated cyberthreats and risks, our business, and our clients, depend on us to take all necessary precautions to safeguard our operations. They trust that when they choose us, they’ve confidently made a secure and reliable choice.

Bryan Kennedy Executive Vice President, President and CEO, Epsilon/Conversant

Spotlight: Using Data for Good

In addition to helping our clients, our powerful data capabilities can also benefit our communities. Here’s how we’re partnering with TexProtects and UT Dallas to help end child abuse and neglect.

2016 Highlights

  • Using our brands’ technology, helped issue 800 million AMBER Alerts since 2011 and over 10 million tornado warnings since 2012

  • Made substantial financial investments to monitor and prevent data breaches, resulting in no breaches in 2016

  • Named to 2016 Online Trust Alliance Honor Roll for 5th consecutive year

  • Built new security operations center for real-time detection and tracking of cyberthreats

  • Rolled out significant privacy training so associates can better educate clients and incorporate privacy into the design of our solutions

Be a leader in the secure and responsible use of data.

Educate and provide transparency to consumers, lawmakers, and regulators about how we use and safeguard personal information.
  • Developed “keeping you secure” online content about identity theft for our private-label card holders.
  • Updated the Epsilon consumer preference center to include more information and resources related to consumer privacy and protection as well as our own marketing practices.
  • Our Fair and Responsible Banking team provided education to military consumers on service member benefits and access.
Collaborate and exchange information with industry peers and regulators about ongoing opportunities for privacy and security improvements.
  • Joined as a founding member of the Board of Directors of the National Technology Security Coalition.
  • Provided leadership support and expertise in the redrafting of the Data & Marketing Association’s self-regulation principles.
  • Co-chaired the Canadian Institute’s annual Advertising and Marketing Law Conference and participated as a panelist at the Conference Board of Canada’s inaugural Canadian Privacy Summit.
Understand and address the international regulatory landscape: what are the evolving issues and how they might impact our business and consumers.
  • Initiated process of interpreting and assessing ramifications of the European Union General Data Privacy Regulation (GDPR).
  • Modified our information security standards to proactively address the dynamically changing information security landscape.
  • Collaborated with clients to ensure the latest information security and privacy measures are proactively incorporated into everything we do.
Conduct rigorous, ongoing associate training to continuously improve associate knowledge and minimize risks due to human error.
  • Rolled out extensive training on privacy laws and concepts so associates can better educate clients and incorporate privacy into design of solutions.
  • 100% of Card Services’ privacy compliance associates are certified by the International Association of Privacy Professionals.
  • Conducted associate awareness and education campaigns highlighting phishing and social engineering.
  • Held inaugural enterprise-wide security summit for internal security practitioners.
Assess new evolving technologies/protocols to continually drive improvement and proactively protect our systems and information.
  • Made substantial financial investments in proactive measures to monitor and prevent data breaches.
  • Built a new security operations center, staffed with security analysts and engineers, for real-time detection and tracking of cyber threats.
  • Received third-party assurance that our management, collection, and security procedures for the privacy of consumer data met the requirements of the Privacy SysTrust principles.
  • Instituted an enterprise-wide incident response policy and conducted a comprehensive tabletop computer incident response exercise to assess and enhance our response plans and procedures.
  • Make ongoing, substantial investments in proactive measures to monitor cyberthreats and prevent data breaches.
  • Collaborate with industry peers and policy makers globally to monitor emerging legislation, inform regulation, and help shape the industry.
  • Integrate and apply best practice privacy and information security practices across our people, processes, and technology.

Some Progress Made

Good Progress Made

Excellent Progress Made