Note: the below does not apply to Moody’s Ratings.
At Moody’s, we are deeply committed to transparency and accountability in all aspects of our data management practices. We understand the importance of knowing where and how your data is stored and processed, and we strive to provide this information clearly and openly.
Our data hosting locations are strategically chosen to facilitate optimal performance and robust security. We understand that our customers want to know where their data is hosted, and we seek to provide this information in a transparent manner.
We engage trusted sub-processors to deliver some aspects of our services, including cloud hosting. These sub-processors are carefully selected based on their commitment to data protection, security, and compliance with global regulations.
At Moody’s, we understand the importance of transparency and accountability, especially when it comes to the handling of personal data by our vendors.
Our vendors play a crucial role in providing services to our organization, and in some instances, they process personal data of our customers.
We are committed to working with our vendors to uphold the high standards of data protection that we do. We carefully select vendors, with particular attention to their data protection policies and practices. We require our vendors to comply with applicable data protection laws and regulations.
Moody’s maintains a comprehensive Third-Party Risk Management (TPRM) approach that includes:
We are committed to data privacy and protection. We understand the importance of complying with applicable data privacy laws in our data transfers.
Click here to download a copy of our customer-facing EU Standard Contractual Clauses + UK + Swiss addenda.
Moody’s customers only: to request copies of product-specific data transfer impact assessments, please contact your usual Moody’s representative, who will be happy to provide you with copies for the contracted Moody’s products and services.