Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Dec. 26, 2025

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Cybersecurity risk management and strategy

Our Board recognizes the increasing significance that cybersecurity has on our operations and business and is responsible for overseeing our cybersecurity plan and risks to the Company from cybersecurity threat actors. From farm to table our operations rely on various information systems and technologies, including those provided by third party suppliers. These systems collect, process, transmit and retain information that may require both mandatory and voluntary data protection regimens.

Our cybersecurity policies, standards, processes, and practices are designed to provide reasonable information security given the integrated nature of our organization, our third-party relationships, and the geographic regions we operate in. With this multi-layered approach, we aim to mitigate cybersecurity vulnerabilities across all aspects of our operations. Our approach to cybersecurity is grounded in the NIST Cybersecurity Framework v2.0, a nationally recognized and adaptable model that aligns with our goals, and addresses the following key areas:

◦Cross-Functional Approach and Disclosure Committee: We have implemented a cross-functional approach to identifying, preventing and mitigating cybersecurity threats and incidents, while also implementing controls and procedures that provide for the prompt escalation of cybersecurity incidents so that decisions regarding the disclosure and reporting of such material incidents may be made by management in a timely manner. Cybersecurity incidents are reported to the Company's Management Disclosure Committee to review and assess the materiality of the cybersecurity incident.

◦Identify, Protect and Detect: We have designed and implemented an industry standard security architecture, policies and procedures applying least privilege, and third-party monitoring of security controls of our core enterprise systems.

◦Response and Recovery: Working with our third-party security operations center, we maintain an incident response plan to timely, consistently and compliantly address any cyber event that may occur and have a designated Incident Response Team consisting of representatives from select business functions which is led by our Vice President of Information Technology ("VP of IT"), who is also in charge of information security, and our Chief Global Privacy Officer ("CPO"). We regularly test our incident response plan, conduct compliance audits, annual tabletop exercises, vulnerability assessments, and where necessary engage third parties to assist with these audits and assessments, as well as mitigation and remediation options and plans.

◦Third-Party Risk Management: We rely on the representations and certifications of key partnerships with suppliers recognizing these third-party relationships introduce additional cybersecurity risks. To address these third-party risks, we have established strict criteria for technology supplier selection and implemented systems to perform ongoing detection and remediation of vendor risk across our supplier ecosystem.

◦Education and Awareness: We provide regular, mandatory training for personnel regarding cybersecurity threats to educate and empower our workforce to be vigilant against threat actors and actively participate in cybersecurity efforts.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

Our cybersecurity policies, standards, processes, and practices are designed to provide reasonable information security given the integrated nature of our organization, our third-party relationships, and the geographic regions we operate in. With this multi-layered approach, we aim to mitigate cybersecurity vulnerabilities across all aspects of our operations.

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Board of Directors Oversight [Text Block]

Board Oversight

Our Board believes a strong cybersecurity strategy is vital to protect our business operations, sustain our control environment and honor our data protection obligations. Our Board has delegated to its Governance Committee the responsibility for monitoring the effectiveness of the Company's internal cybersecurity program and coordinates its findings with the company Audit Committee. The VP of IT and various members of the Incident Response Team report on cybersecurity threats, incidents, plans and responses to the Governance Committee and/or the entire Board on at least a quarterly basis, and more often as needed.

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

Our Board believes a strong cybersecurity strategy is vital to protect our business operations, sustain our control environment and honor our data protection obligations. Our Board has delegated to its Governance Committee the responsibility for monitoring the effectiveness of the Company's internal cybersecurity program and coordinates its findings with the company Audit Committee. The VP of IT and various members of the Incident Response Team report on cybersecurity threats, incidents, plans and responses to the Governance Committee and/or the entire Board on at least a quarterly basis, and more often as needed.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

The VP of IT and various members of the Incident Response Team report on cybersecurity threats, incidents, plans and responses to the Governance Committee and/or the entire Board on at least a quarterly basis, and more often as needed.

Cybersecurity Risk Role of Management [Text Block]

Management Oversight

Our Chief Operating Officer ("COO"), Chief Financial Officer ("CFO"), VP of IT, CPO, General Counsel ("GC") and various members of the Incident Response Team play an important role in managing the Company's cybersecurity-related risks and maintaining an ongoing dialogue with our Board, the Governance Committee and the Company's Disclosure Committee. Potential cybersecurity incidents come to the attention of the Incident Response Team, which then responds to such incidents in accordance with our incident response plan. Cybersecurity incidents are reported to the Company's Management Disclosure Committee to review and assess the materiality of the cybersecurity incident. The members of the Disclosure Committee, which is responsible for addressing the Company's public disclosures and internal controls, include the GC, VP of IT, CPO, CFO, COO, certain members of the Incident Response Team, and other members of senior management from legal, finance, risk management, internal audit and communications.

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

Chief Operating Officer ("COO")

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

Education and Awareness: We provide regular, mandatory training for personnel regarding cybersecurity threats to educate and empower our workforce to be vigilant against threat actors and actively participate in cybersecurity efforts.

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

Cybersecurity incidents are reported to the Company's Management Disclosure Committee to review and assess the materiality of the cybersecurity incident.

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true