Trust
Our top priority is the privacy and security of Calix products. We are committed to protecting all information entrusted to us from known risks and emerging threats. Our team continuously monitors global regulatory developments and technology industry practices to meet or exceed market requirements wherever Calix does business.
‘Security by Design’ is our product foundation.
Security by Design principles
The principles of Security by Design are an essential component to building, implementing, and maintaining Calix’s Product Security program.
- Security is everyone’s responsibility. Every participant in product development, from Product Line Leaders to Engineers, is responsible for meeting security requirements at every stage of the development lifecycle. Product Security Architects partner with each development team to ensure all threats are understood and mitigated, and Security Champions provide subject matter expertise within each team to scale security knowledge and oversight.
- The secure path is the default. All product configurations should provide the most secure option as the default path.
- Always be cautious. We assume every outside system is malicious, and we expect our customers to make the same assumption of our environment. We should not be dependent on security controls within our customers' or their subscribers' environments to deliver a secure product experience.
- Product security covers the entire product. We review all uses of third-party components, including open-source libraries and development environments.
- Continuous testing, continuous response. We continuously monitor, assess, and improve the security of our products throughout their lifecycle, and we welcome community reports of security issues through our Coordinated Vulnerability Disclosure program.
‘Privacy by Design’ is our product blueprint.
Privacy by Design principles
The principles of Privacy by Design are essential to building, implementing, and maintaining Calix products.
- Privacy is proactive, not reactive. We anticipate and address privacy risks in advance so we don’t have to address them after they have become a real threat.
- Privacy as the default setting. We limit data collection and retention to the minimum necessary to accomplish the intended purpose.
- Privacy embedded into design. We embed privacy protections into product design and configure our infrastructure with privacy considerations in mind.
- End-to-End Protection. We secure data throughout its lifecycle—from collection and creation to destruction.
- Visibility and transparency. We handle data according to our stated purpose and keep all relevant stakeholders aware of what we are doing with it.
- Respect for user privacy. We keep individual users at the forefront and strive to give them more control over what happens with their personal information.
How we build responsible management and governance of data into our solutions
Protecting customer data is a guiding force in creating the user experience, taking the same level of importance as functionality. We incorporate a risk-based approach to product development, which means we holistically evaluate potential risks and then implement privacy measures and controls designed to minimize them. Underpinning this approach is our concern for data ethics, which often requires us to go beyond minimal requirements in protecting individual rights.
Concretely, our efforts at protecting customer data are reflected in many aspects of product development including:
- System designs
- Organizational policies
- Standards and protocols
- Business practices
We also focus on creating customer value through active concern for personal information and adhering to data ethics principles of transparency, fairness, consent, avoidance of harm and respect. To that end, Calix will:
- never sell or share customer data
- minimize the use of customer data
Privacy Center for Customers
Click "Learn More" to explore our Privacy Center where you can access the following:
- Data Processing Agreement FAQs
- Transparency Report
- Product Data Inventories
- Sub-Processor List
- Data Privacy resources
- ExperienceIQ: Disclosures to Children Regarding UK Parental Controls
- Calix Cloud Implementation Guide and Processing Instructions
- Product-specific FAQs
*requires MyCalix login
