1. Purpose The purpose of this Prevention of Electronic Fraud Policy is to establish guidelines and procedures for Pizza Hut, LLC (“Company”) in Aruba to prevent and mitigate the risks associated with electronic fraud. This policy aims to protect the Company, its customers, and its stakeholders from fraudulent activities carried out through electronic means.

2. Definitions 2.1. Electronic Fraud: Any fraudulent activity conducted through electronic channels, including but not limited to unauthorized access, theft, alteration, or misuse of electronic data, personal information, financial information, or payment systems.

3. Security Measures 3.1. Secure Network Infrastructure: The Company shall maintain a secure network infrastructure, including firewalls, encryption mechanisms, and intrusion detection systems, to protect against unauthorized access and data breaches.

3.2. Secure Payment Systems: The Company shall implement secure payment systems that comply with industry standards and regulations to ensure the confidentiality, integrity, and authenticity of customer payment information.

3.3. User Authentication: The Company shall enforce strong user authentication mechanisms, such as complex passwords, multi-factor authentication, or biometric authentication, to prevent unauthorized access to systems, applications, and sensitive data.

3.4. Data Encryption: The Company shall utilize encryption technologies to protect sensitive data during transmission and storage, including customer payment information, personal data, and financial records.

3.5. Employee Training and Awareness: The Company shall provide regular training and awareness programs to employees regarding electronic fraud prevention, including best practices for secure online transactions, identifying phishing attempts, and reporting suspicious activities.

4. Fraud Detection and Monitoring 4.1. Transaction Monitoring: The Company shall implement automated systems and tools to monitor transactions for any irregularities, including unusual patterns, high-risk activities, or suspicious behavior, and promptly investigate and address any identified anomalies.

4.2. Fraud Reporting: Employees and customers shall be encouraged to report any suspected or actual instances of electronic fraud to designated authorities within the Company promptly.

4.3. Incident Response: The Company shall establish an incident response plan to address and mitigate the impact of electronic fraud incidents promptly. The plan shall include procedures for investigation, containment, recovery, and reporting of incidents to relevant stakeholders.

5. Customer Education 5.1. The Company shall provide educational resources and information to customers to raise awareness about common electronic fraud schemes, prevention techniques, and guidance on secure online practices.

5.2. Clear Policies and Disclosures: The Company shall maintain clear and easily accessible policies and disclosures regarding customer data protection, privacy, and electronic fraud prevention measures.

6. Compliance and Auditing 6.1. The Company shall regularly assess and review its electronic fraud prevention measures to ensure compliance with applicable laws, regulations, and industry standards. Internal or external audits may be conducted to evaluate the effectiveness of controls and identify areas for improvement.

6.2. Compliance with Payment Card Industry Data Security Standard (PCI DSS): If applicable, the Company shall adhere to the PCI DSS requirements for secure handling, processing, and storage of payment card information.

7. Consequences of Non-Compliance 7.1. Failure to comply with this Prevention of Electronic Fraud Policy may result in disciplinary action, up to and including termination of employment or contract, as well as legal consequences in accordance with applicable laws and regulations.

8. Policy Review and Updates 8.1. This Prevention of Electronic Fraud Policy shall be reviewed periodically and updated as needed to address emerging threats, technological advancements, or changes in regulatory requirements.

9. Policy Acknowledgment 9.1. All employees, contractors, and authorized users shall acknowledge their understanding and compliance with this Prevention of Electronic Fraud Policy, and receive appropriate training, before accessing Company systems, networks, or handling customer data.