Innovative Eyewear Inc - (LUCY)
10-K Filing Date: March 25, 2024
In the ordinary course of business, we receive, process, use, and store digitally large amounts of data, including customer data as well as confidential, sensitive, proprietary, and personal information. Maintaining the integrity and availability of our information technology systems and this information, as well as appropriate limitations on access and confidentiality of such information, is important to us and our business operations. To this end, we have implemented policies designed to assess, identify, and manage risks from potential unauthorized occurrences on or through our information technology systems that may result in adverse effects on the confidentiality, integrity, and availability of these systems and the data residing in them. While we have taken measures designed to protect the security of the confidential and personal information under our control, we cannot provide absolute assurance that any security measures that we or our third-party service providers have implemented will be effective against current or future security threats.
Our cybersecurity program is managed by our executive management team, including our Chief Executive Officer and Chief Technology Officer, and includes mechanisms, controls, technologies, systems, policies, and other processes designed to prevent or mitigate data loss, theft, misuse, or other security incidents or vulnerabilities affecting the systems and data residing in them. We consult with and received analysis reports from a cybersecurity advisor, and generally rely upon outside advisors and experts to assist us with assessing, identifying, and managing cybersecurity risks.
We consider cybersecurity, along with other significant risks that we face, within our overall enterprise risk management framework. Our Board of Directors has oversight for the most significant risks facing us and for our processes to identify, prioritize, assess, manage, and mitigate those risks. The Company intends to provide the Board of Directors with periodic updates on cybersecurity and information technology matters and related risk exposures from management.
All customer and app user information is stored directly within Shopify, Amazon Seller, and Amazon Web Services platforms, which provide market-leading data security for their centralized servers. On occasion, limited amounts of customer information such as names and emails are exported from these systems solely for the purposes of accounting and filings, and is never shared outside of the Company and its contracted accounting consultants, which are under confidentiality agreements. Highly sensitive customer payment information is generally never revealed to the Company in any capacity and is hidden by payment processors for security purposes, with the sole exception being some wholesale accounts who provide written or digital copies of credit card information for payment processing on agreed upon terms. Such information is secured on locked Company computers and never distributed.