Trust & Privacy

We understand that trust is the foundation of our business and we value our customers’ confidence in our ability to keep their data secure.

At PayPal, we continuously evaluate our approach to privacy and identify ways we can best serve our customers and further protect their data. Our Global Privacy Program is based on an ever expanding set of data management principles that serve as the basis for enterprise-wide standards for the collection, use and sharing of personal data. We also have dedicated teams integrated throughout our business and a Global Privacy team and Data Management team, led by our Chief Privacy Officer and Global Head of Data Management, who work toward instilling a culture of “Data Hygiene by Default” and “Privacy by Design.” Through role-based privacy training, the Global Privacy team is responsible for helping encourage and cultivate PayPal’s privacy-centric culture throughout the Company, from the Board of Directors to newly acquired companies and their employees.

We are constantly adapting to a rapidly changing environment, while pursuing and supporting innovation to strengthen PayPal’s security posture and sustain our entire ecosystem. We are at the forefront of a number of innovative industry initiatives to eliminate traditional passwords, reduce phishing attacks, protect against emerging malware on mobile devices and many others to protect consumers and merchants.

Our Chief Information Security Officer oversees information security across our global enterprise. As part of our Enterprise Risk & Compliance Management Program, our Information Security Program is designed to support the company in identifying, protecting, detecting, responding to and recovering from cybersecurity threats. Our program is informed by relevant industry guidance such as the NIST Cybersecurity Framework (CSF) and has been ISO 27001 certified for information security management since 2019.