Customer Protection, Data PrivacyStockholder Recommendations and
Data SecurityNominations to the Board of DirectorsWe are committedStockholders may submit recommendations for director candidates to protecting the privacynominating and data ofcorporate governance committee by sending the individual’s name and qualifications to our customersChief Legal Officer at Twilio Inc., 101 Spear Street, Fifth Floor, San Francisco, California 94105, who will forward all recommendations to the nominating and users. We have implementedcorporate governance committee. The nominating and corporate governance committee will evaluate any candidates recommended by stockholders against the same criteria and pursuant to the same policies and procedures that facilitate compliance with applicable privacy laws, includingto the California Consumer Privacy Actevaluation of candidates proposed by directors or management.
Under our third amended and the General Data Protection Regulation (“GDPR”restated bylaws (our “bylaws”), and work to use privacy by design in our review and building processes. For example, in 2016, even before GDPR became effective, we startedstockholders may also nominate directors for election at an annual meeting of stockholders. To nominate a director, the process of putting in place our own Binding Corporate Rules (“BCRs”)—considered onestockholder must provide proper written notice that sets forth all of the highest global standards for data protection that a company can have. Our BCRs codifyinformation required by our guiding principles and approach to compliance with data protection laws when processing personal information.
bylaws, as well as the additional information required by Rule 14a-19(b) under the Exchange Act. In addition, to working to maintain data privacy and security, we have proactively taken steps to provide increased visibility to the Twilio community around government requests received for customer information by municipal, state, provincial and federal governments globally. We do this by publishing semi-annual transparency reports. Our transparency reports document the total volume of government requests for information received by us, how we responded to the requests, and how often we notified users of the requests.
Furthermore, we train employees on policies and procedures for secure data handling and use physical and procedural safeguards to help keep our facilities and equipment secure. All of our employees and contractors are required to complete data privacy and cybersecurity training every year.
Diversity, Equity and Inclusion
We remain committed to diversity, equity and inclusion (“DEI”) principles across our business. We publish our gender and ethnic diversity data in our Impact and DEI Report, which is available on the Governance section of our website at https://investors.twilio.com.
In 2022, we successfully expanded our voluntary self-identification campaign so that employees outside of the United States can now share how they identify in various categories, giving us a better understanding of our employees to facilitate our DEI initiatives and to allow us to be more intentional in how we support underrepresented communities. We also continue to support numerous employee resource groups, internal programming opportunities, and events relatedstockholder must give timely notice to our DEI values. Additionally, we focus on pay parity, such that employeesCorporate Secretary in accordance with our bylaws, as described above under the same job and location are paid fairly relativesection titled “Procedural Matters—What is the deadline to one another.propose actions for consideration at next year’s annual meeting of stockholders or to nominate individuals to serve as directors?—Stockholder Proposals.”
Risk ManagementStockholder and Other Interested Party CommunicationsRisk is inherentOur board of directors provides to every stockholder and any other interested parties the ability to communicate with every business, and we face a number of risks, including strategic, financial, business and operational, cybersecurity, legal and compliance, and reputational. We have designed and implemented processes to manage risk in our operations. Management is responsible for the day-to-day oversight and management of risks we face, while our board of directors, as a whole, with our non-management directors as a group, and assisted by its committees, has responsibility forwith individual directors on the oversight of risk management. In addition, every employee is required to complete data privacy, cybersecurity and code of conduct training upon joining the company and each year thereafter. In its risk oversight role, our board of directors hasthrough an established process for stockholder communication. For a stockholder communication directed to the responsibility to satisfy itself that the risk management processes designed and implemented by management are appropriate and functioning as designed. As part of this approach, our board considers both the materiality of a risk and its immediacy in making strategic decisions and helping management to prioritize resources.
Our board of directors believes that openas a whole or to our non-management directors as a group, stockholders and other interested parties may send such communication between management andto our Chief Legal Officer via U.S. Mail or Expedited Delivery Service to: Twilio Inc., 101 Spear Street, Fifth Floor, San Francisco, California 94105, Attn: Chief Legal Officer.
For a stockholder or other interested party communication directed to an individual director, including our non-management directors, in his or her capacity as a member of the board of directors, is essential for effective risk management and oversight. Our board of directors meets with our Chief Executive Officerstockholders and other membersinterested parties may send such communication to the attention of the senior management teamindividual director via U.S. Mail or Expedited Delivery Service to: Twilio Inc., 101 Spear Street, Fifth Floor, San Francisco, California 94105, Attn: [Name of Individual Director].
We encourage stockholders to email any such communications to us at quarterly meetingslegalnotices@twilio.com to help ensure prompt receipt. Our Chief Legal Officer, in consultation with appropriate members of our board of directors where, among other topics, they discuss strategyas necessary, will review all incoming communications and, risks facing our company, as well asif appropriate, all such other times as they deem appropriate.
Whilecommunications will be forwarded to the appropriate member or members of our board of directors, or if none is ultimately responsible for risk oversight,specified, to our board committees assist our board of directors in fulfilling its oversight responsibilities in certain areas of risk. Our audit committee assists with risk oversight in the areas of internal control over financial reporting and disclosure controls and procedures, cybersecurity and information and technology security, legal and regulatory compliance, and discusses with management and the independent auditor guidelines and policies with respect to risk assessment and risk management. On a quarterly basis, members of our management team update the audit committee on the status of key risks impacting our company. Our audit committee also reviews our major financial risk exposures and the steps management has taken to monitor and control these exposures. Our audit committee also monitors certain key risks on a regular basis throughout the year, such as risk associated with internal control over financial reporting and liquidity risk and risks related to privacy, cybersecurity and information and technology security. Our nominating and corporate governance committee assists with risk oversight responsibilities associated with board organization, membership and