Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Apr. 30, 2026
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	We rely on information technology systems, digital platforms, networks, cloud services, third-party vendors, and other service providers to support our operations, customer service, financial reporting, supply chain, and administrative functions. As a result, cybersecurity threats present risks to the confidentiality, integrity, and availability of our systems and information, as well as to business continuity, regulatory compliance, and stakeholder trust. Cybersecurity Risk Management Program We have developed and maintain a cybersecurity risk management program designed to assess, identify, and manage risks from cybersecurity threats. The program is informed by and aligned with industry-recognized frameworks, including the National Institute of Standards and Technology Cybersecurity Framework and the Payment Card Industry Data Security Standard. The program is supported by policies, standards, and procedures establishing expectations for cybersecurity governance, risk management, incident response, and the protection of our systems and information. Cybersecurity risks are considered as part of our Enterprise Risk Management process and may inform risk mitigation plans, resource allocation, strategic initiatives, and reporting to management, executive leadership, and, as appropriate, the Board or its Audit Committee. Risk Assessments We conduct cybersecurity risk assessments periodically and in connection with significant changes to our technology environment, business processes, or risk profile, as appropriate. These assessments are designed to identify and evaluate cybersecurity risks that could affect the confidentiality, integrity, or availability of our systems and information, including risks associated with critical systems, sensitive information, third-party vendors and service providers, regulatory requirements, and emerging technologies. Results from these assessments are used, as appropriate, to inform risk mitigation plans, control enhancements, resource prioritization, and reporting to management, executive leadership, and, as appropriate, the Board or its Audit Committee.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	We conduct cybersecurity risk assessments periodically and in connection with significant changes to our technology environment, business processes, or risk profile, as appropriate. T
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	Governance The Board oversees risks from cybersecurity threats directly and through its Audit Committee. The Audit Committee has primary responsibility for oversight of cybersecurity risk management and receives reports from management at least annually and more frequently as appropriate. The Board also receives updates on cybersecurity matters, including significant cybersecurity risks, program maturity, incident trends, and significant cybersecurity incidents, as appropriate. Management's Role Management is responsible for assessing and managing material risks from cybersecurity threats. Our information security organization is led by the Senior Vice President, Technology Operations Support and Security, who oversees our information security strategy, security operations, and governance, risk, and compliance program. The Senior Vice President, Technology Operations Support and Security has over 30 years of experience in information technology, cybersecurity, infrastructure, risk management, and related disciplines. The Senior Vice President, Technology Operations Support and Security is supported by the Director, Information Security Risk and Compliance and the Director, Information Security Operations and Engineering. The Director, Information Security Risk and Compliance is responsible for governance, risk, and compliance, cybersecurity policy governance, security awareness, vulnerability management, and third-party cybersecurity risk management, and has 14 years of experience in information technology, cybersecurity, auditing, risk management, compliance, security awareness, and vulnerability management. The Director, Information Security Operations and Engineering is responsible for security operations, engineering, monitoring, incident response, threat intelligence, security tooling, and technical security controls, and has 35 years of experience in information technology, cybersecurity operations, engineering, incident response, threat monitoring, and related disciplines. Information security leadership meets at least monthly, or more frequently as needed, to discuss the threat landscape, key risks, and associated mitigation strategies. Management monitors cybersecurity risks through established security processes, reporting channels, assessment activities, and escalation procedures, and the Senior Vice President, Technology Operations Support and Security reports cybersecurity matters to executive leadership and, as appropriate, the Board or its Audit Committee. Processes for Monitoring and Reporting The Company has established escalation procedures designed to ensure that cybersecurity incidents meeting defined severity or reporting thresholds are communicated to appropriate members of management, executive leadership, and, where appropriate, to the Board or its Audit Committee. These procedures are intended to support timely assessment of potential business impact, materiality, and disclosure obligations. Management is informed about the prevention, detection, mitigation, and remediation of cybersecurity incidents through multiple channels, including continuous monitoring tools and alerts, threat intelligence feeds, regular reports from our Security Operations Center (“SOC”), third-party SOC services, and the escalation procedures established in our IRP. When a potential incident is identified, our Cybersecurity Incident Response Team (“CSIRT”) is activated. Based upon the IRP’s established escalation processes and thresholds, the CSIRT’s Incident Response Commander, in coordination with General Counsel and other relevant stakeholders, evaluates the incident's severity, potential materiality, and any associated reporting obligations.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Board oversees risks from cybersecurity threats directly and through its Audit Committee. The Audit Committee has primary responsibility for oversight of cybersecurity risk management and receives reports from management at least annually and more frequently as appropriate. The Board also receives updates on cybersecurity matters, including significant cybersecurity risks, program maturity, incident trends, and significant cybersecurity incidents, as appropriate.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Board oversees risks from cybersecurity threats directly and through its Audit Committee. The Audit Committee has primary responsibility for oversight of cybersecurity risk management and receives reports from management at least annually and more frequently as appropriate. The Board also receives updates on cybersecurity matters, including significant cybersecurity risks, program maturity, incident trends, and significant cybersecurity incidents, as appropriate.
Cybersecurity Risk Role of Management [Text Block]	Management's Role Management is responsible for assessing and managing material risks from cybersecurity threats. Our information security organization is led by the Senior Vice President, Technology Operations Support and Security, who oversees our information security strategy, security operations, and governance, risk, and compliance program. The Senior Vice President, Technology Operations Support and Security has over 30 years of experience in information technology, cybersecurity, infrastructure, risk management, and related disciplines. The Senior Vice President, Technology Operations Support and Security is supported by the Director, Information Security Risk and Compliance and the Director, Information Security Operations and Engineering. The Director, Information Security Risk and Compliance is responsible for governance, risk, and compliance, cybersecurity policy governance, security awareness, vulnerability management, and third-party cybersecurity risk management, and has 14 years of experience in information technology, cybersecurity, auditing, risk management, compliance, security awareness, and vulnerability management. The Director, Information Security Operations and Engineering is responsible for security operations, engineering, monitoring, incident response, threat intelligence, security tooling, and technical security controls, and has 35 years of experience in information technology, cybersecurity operations, engineering, incident response, threat monitoring, and related disciplines. Information security leadership meets at least monthly, or more frequently as needed, to discuss the threat landscape, key risks, and associated mitigation strategies. Management monitors cybersecurity risks through established security processes, reporting channels, assessment activities, and escalation procedures, and the Senior Vice President, Technology Operations Support and Security reports cybersecurity matters to executive leadership and, as appropriate, the Board or its Audit Committee.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	. The Senior Vice President, Technology Operations Support and Security has over 30 years of experience in information technology, cybersecurity, infrastructure, risk management, and related disciplines.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	The Senior Vice President, Technology Operations Support and Security has over 30 years of experience in information technology, cybersecurity, infrastructure, risk management, and related disciplines. The Senior Vice President, Technology Operations Support and Security is supported by the Director, Information Security Risk and Compliance and the Director, Information Security Operations and Engineering. The Director, Information Security Risk and Compliance is responsible for governance, risk, and compliance, cybersecurity policy governance, security awareness, vulnerability management, and third-party cybersecurity risk management, and has 14 years of experience in information technology, cybersecurity, auditing, risk management, compliance, security awareness, and vulnerability management. The Director, Information Security Operations and Engineering is responsible for security operations, engineering, monitoring, incident response, threat intelligence, security tooling, and technical security controls, and has 35 years of experience in information technology, cybersecurity operations, engineering, incident response, threat monitoring, and related disciplines. Information security leadership meets at least monthly, or more frequently as needed, to discuss the threat landscape, key risks, and associated mitigation strategies. Management monitors cybersecurity risks through established security processes, reporting channels, assessment activities, and escalation procedures, and the Senior Vice President, Technology Operations Support and Security reports cybersecurity matters to executive leadership and, as appropriate, the Board or its Audit Committee.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	The Company has established escalation procedures designed to ensure that cybersecurity incidents meeting defined severity or reporting thresholds are communicated to appropriate members of management, executive leadership, and, where appropriate, to the Board or its Audit Committee. These procedures are intended to support timely assessment of potential business impact, materiality, and disclosure obligations.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

We rely on information technology systems, digital platforms, networks, cloud services, third-party vendors, and other service providers to support our operations, customer service, financial reporting, supply chain, and administrative functions. As a result, cybersecurity threats present risks to the confidentiality, integrity, and availability of our systems and information, as well as to business continuity, regulatory compliance, and stakeholder trust.

Cybersecurity Risk Management Program

We have developed and maintain a cybersecurity risk management program designed to assess, identify, and manage risks from cybersecurity threats. The program is informed by and aligned with industry-recognized frameworks, including the National Institute of Standards and Technology Cybersecurity Framework and the Payment Card Industry Data Security Standard. The program is supported by policies, standards, and procedures establishing expectations for cybersecurity governance, risk management, incident response, and the protection of our systems and information.

Cybersecurity risks are considered as part of our Enterprise Risk Management process and may inform risk mitigation plans, resource allocation, strategic initiatives, and reporting to management, executive leadership, and, as appropriate, the Board or its Audit Committee.

Risk Assessments

We conduct cybersecurity risk assessments periodically and in connection with significant changes to our technology environment, business processes, or risk profile, as appropriate. These assessments are designed to identify and evaluate cybersecurity risks that could affect the confidentiality, integrity, or availability of our systems and information, including risks associated with critical systems, sensitive information, third-party vendors and service providers, regulatory requirements, and emerging technologies. Results from these assessments are used, as appropriate, to inform risk mitigation plans, control enhancements, resource prioritization, and reporting to management, executive leadership, and, as appropriate, the Board or its Audit Committee.

Cybersecurity Risk Management Processes Integrated [Text Block]

We conduct cybersecurity risk assessments periodically and in connection with significant changes to our technology environment, business processes, or risk profile, as appropriate. T

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Board of Directors Oversight [Text Block]

Governance

The Board oversees risks from cybersecurity threats directly and through its Audit Committee. The Audit Committee has primary responsibility for oversight of cybersecurity risk management and receives reports from management at least annually and more frequently as appropriate. The Board also receives updates on cybersecurity matters, including significant cybersecurity risks, program maturity, incident trends, and significant cybersecurity incidents, as appropriate.

Management's Role

Management is responsible for assessing and managing material risks from cybersecurity threats. Our information security organization is led by the Senior Vice President, Technology Operations Support and Security, who oversees our information security strategy, security operations, and governance, risk, and compliance program. The Senior Vice President, Technology Operations Support and Security has over 30 years of experience in information technology, cybersecurity, infrastructure, risk management, and related disciplines.

The Senior Vice President, Technology Operations Support and Security is supported by the Director, Information Security Risk and Compliance and the Director, Information Security Operations and Engineering. The Director, Information Security Risk and Compliance is responsible for governance, risk, and compliance, cybersecurity policy governance, security awareness, vulnerability management, and third-party cybersecurity risk management, and has 14 years of experience in information technology, cybersecurity, auditing, risk management, compliance, security awareness, and vulnerability management. The Director, Information Security Operations and Engineering is responsible for security

operations, engineering, monitoring, incident response, threat intelligence, security tooling, and technical security controls, and has 35 years of experience in information technology, cybersecurity operations, engineering, incident response, threat monitoring, and related disciplines.

Information security leadership meets at least monthly, or more frequently as needed, to discuss the threat landscape, key risks, and associated mitigation strategies. Management monitors cybersecurity risks through established security processes, reporting channels, assessment activities, and escalation procedures, and the Senior Vice President, Technology Operations Support and Security reports cybersecurity matters to executive leadership and, as appropriate, the Board or its Audit Committee.

Processes for Monitoring and Reporting

The Company has established escalation procedures designed to ensure that cybersecurity incidents meeting defined severity or reporting thresholds are communicated to appropriate members of management, executive leadership, and, where appropriate, to the Board or its Audit Committee. These procedures are intended to support timely assessment of potential business impact, materiality, and disclosure obligations.

Management is informed about the prevention, detection, mitigation, and remediation of cybersecurity incidents through multiple channels, including continuous monitoring tools and alerts, threat intelligence feeds, regular reports from our Security Operations Center (“SOC”), third-party SOC services, and the escalation procedures established in our IRP. When a potential incident is identified, our Cybersecurity Incident Response Team (“CSIRT”) is activated. Based upon the IRP’s established escalation processes and thresholds, the CSIRT’s Incident Response Commander, in coordination with General Counsel and other relevant stakeholders, evaluates the incident's severity, potential materiality, and any associated reporting obligations.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

The Board oversees risks from cybersecurity threats directly and through its Audit Committee. The Audit Committee has primary responsibility for oversight of cybersecurity risk management and receives reports from management at least annually and more frequently as appropriate. The Board also receives updates on cybersecurity matters, including significant cybersecurity risks, program maturity, incident trends, and significant cybersecurity incidents, as appropriate.

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

The Senior Vice President, Technology Operations Support and Security has over 30 years of experience in information technology, cybersecurity, infrastructure, risk management, and related disciplines.

The Senior Vice President, Technology Operations Support and Security is supported by the Director, Information Security Risk and Compliance and the Director, Information Security Operations and Engineering. The Director, Information Security Risk and Compliance is responsible for governance, risk, and compliance, cybersecurity policy governance, security awareness, vulnerability management, and third-party cybersecurity risk management, and has 14 years of experience in information technology, cybersecurity, auditing, risk management, compliance, security awareness, and vulnerability management. The Director, Information Security Operations and Engineering is responsible for security

operations, engineering, monitoring, incident response, threat intelligence, security tooling, and technical security controls, and has 35 years of experience in information technology, cybersecurity operations, engineering, incident response, threat monitoring, and related disciplines.

Information security leadership meets at least monthly, or more frequently as needed, to discuss the threat landscape, key risks, and associated mitigation strategies. Management monitors cybersecurity risks through established security processes, reporting channels, assessment activities, and escalation procedures, and the Senior Vice President, Technology Operations Support and Security reports cybersecurity matters to executive leadership and, as appropriate, the Board or its Audit Committee.

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true