25
Non-Financial Indicators Handbook -
2013
-
VIVENDI
Societal Indicators
4
Fair Business Practices
Existence of a Data Protection Officer (“correspondant
informatique et libertés”) (DPO), or a department in charge
of issues related to the collection, treatment and storage
of customers’ personal data
GRI
UNGC
OECD
DMA PR Consumer
privacy aspect,
DMA HR MSS
1, 2
VIII.6
Canal+ Group, UMG, SFR and Maroc Telecom have a Data Protection
Officer (DPO), or entity department in charge of issues related to the
collection, treatment and storage of customer’s personal data.
Some of the mechanisms set up by the Group’s subsidiaries that
illustrate application of the commitments to protect personal data are
listed below:
UMG’s websites display mandatory legal announcements on respect
for privacy, and clearly explain to consumers the Company’s policies
on personal data;
GVT is continuing its information and awareness training programs
aimed at its employees and customers, in particular the program
“GVT Inspira: for responsible Internet use”. This program provides a
whole range of tools (guides and brochures, a website, blog, mobile
application and talks in schools) with the aim of giving participants
the essential tools to safe online behavior;
SFR has maintained different devices: technical tools for parental
control on fixed and mobile lines, recommendations for safe Internet
use by children, devices flagging illegal content (Internet site to
report illegal content, PC application to facilitate reporting of illegal
content and customer service contact information). In 2013, the
devices for protecting and assisting customers against phishing
(attempting to steal passwords through fraudulent e-mails) were
strengthened.
In addition, the SFR Business Team supplemented its cloud security
solutions with the Cloud Storage Suite, which reinforces protection
when exchanging and securing business information;
among the commitments made by Maroc Telecom in the area of
personal data protection (ISO 27001) and compliance with Law 09/08
on protecting the data of physical persons, in 2013, Maroc Telecom
implemented the following measures: offering customers the option
of limiting commercial messages, information on precautions to
take to protect personal data on their mobile phones before sending
them for repair, and making the Group’s employees aware of issues
surrounding protection of their personal data.
Maroc Telecom has also reviewed all the personal data it holds and
its treatment of this data in order to report on this to the National
Control Commission for the Protection of Personal Data (CNDP),
which is in charge of verifying that the treatment of personal
data is lawful and legal and does not violate privacy, freedom, or
fundamental human rights.
Moreover, in 2013, 24 internal auditing engagements were
completed to verify compliance by Maroc Telecom’s business
activities with the standards of ISO 27001/2005 certification.
Special attention paid to informing young audiences
Description of initiatives to raise the awareness of users,
particularly young audiences, regarding personal data and
information related to online privacy
GRI
UNGC
OECD
DMA PR Respect
for privacy aspect,
DMA HR MSS, TSS
PA7, PA11
1, 2
II.A.14, II.B.1, IV,
VIII.5 and 8
The Vivendi Group is particularly focused on raising the awareness of
users, particularly young audiences, regarding issues of personal data
protection and management of their private lives online.
The CSR department brought together the Group’s subsidiaries to discuss
the topic “Young Internet users and the digital lifestyle: the issue of
personal data” together with representatives of the EU Council, French
Defender of Rights, and the CNIL. The objective was to raise awareness
of regulatory changes related to the protection of privacy and changes
in uses with regard to the placing of online personal information by
young people. The CSR department also focused on gaining a better
understanding of the treatment methods used for personal data of
children and teenagers on the websites of the Group’s subsidiaries
offering media content to that audience, in order to anticipate the
measures that will be implemented within the framework of future
European regulations.
In February 2013, Vivendi also launched its first webradio, on the
occasion of Safer Internet Day 2013, which is the European day
dedicated to promoting a more responsible and safer Internet for young
people. The webradio Vivoice is a specialized media for interacting with
the Group’s stakeholders to discuss its CSR issues. At a special morning
session, Vivendi invited approximately thirty speakers (politicians,
professionals, scientists, experts and high school students) to exchange
views on issues of online reputation and online critical thinking.
The Group’s subsidiaries implemented several initiatives to assist in
raising the awareness of young audiences on personal data issues:
in July 2013, Canal+ launched a “Kids” section on Canalplay, its
on-demand video service. This is a space devoted to children with
age-appropriate programs and simplified browsing, all in a secure
space. Parents configure access to programs based on the ages of
their children, and entering and exiting the Kids program are secured
by means of password authentication.
UMG demands parental or guardian consent when 13-16 year-old
Internet users subscribe to its online music websites. The websites
owned or managed by UMG have a “Safe Surfing Guide” accessible
from the homepage.
in 2013, GVT rolled out a new channel for young people under 23,
based on the website
ffers free
advice, guidelines and information on how to use the Internet in a
manner devoid of ambiguity or danger. The psychologists featured
online are trained in relations with Internet users;
In February 2013, GVT sponsored the “Safer Internet Day” and held
a video contest on online rights and duties;
