Corporate Governance: Integrity without Compromise

The CARS executive management team and Board of Directors guide the company’s short- and long-term strategic vision for maximizing corporate growth and shareholder value; their leadership creates an environment where empowered employees can deliver on that vision with excellence every day.

Adding ESG oversight by the Environmental, Social and Governance Committee and establishing new DE&I metrics to influence executive compensation, CARS is taking action in the areas that matter most at the highest levels of the organization. Further efforts aimed at increasing diversity and instituting best practices for the Board of Directors have resulted in 90% Board independence and 100% independent committees.

Data Security and Privacy

CARS is dedicated to building and maintaining trust with its employees, customers, communities and partners by communicating openly and clearly about our approach to preserving privacy, ensuring security and using technology responsibly across our channels.

At CARS, we have robust information security and privacy policies that govern all aspects of our business, and are frequently updated to reflect evolving legal and societal obligations and expectations regarding privacy.

Any personally identifiable information is treated with the utmost sensitivity and kept physically and electronically secure, accessible only to authorized personnel. Where our services require credit card information, we use Secure Socket Layer (SSL) encryption, the industry standard for protecting privacy in web transactions, and comply with all applicable PCI (Payment Card Institute) standards.

Information security is not only essential for protecting user data but for the preservation of our business. Ongoing awareness, education and training around our IT security measures ensure enterprise-wide compliance with our data privacy and security framework. Employees participate in required IT security training, and we conduct frequent phishing campaigns to educate and sensitize our employees to this omnipresent threat. We also engage in active and frequent independent monitoring of our data and IT systems.

Our Chief Legal Officer (“CLO”) oversees all data privacy and security issues with ultimate oversight by our Audit Committee of the Board of Directors. Additionally, our CLO chairs our Information Security Steering Committee, which comprises executives from across our organization, including our CFO, CTO and other senior finance and technology leaders, and which reports regularly to the Audit Committee.