2
69
Annual Report -
2013
-
Vivendi
Societal
, Social and Environmental Information
Societal Indicators
Personal data protection systems at the level
of the subsidiaries
Existence of a formal commitment to protecting personal data
GRI
UNGC
OECD
DMA PR Consumer
privacy aspect,
DMA HR MSS
1, 2
VIII.6
Existence of a Data Protection Officer (“correspondant
informatique et libertés”) (DPO), or a department in charge
of issues related to the collection, treatment and storage of
customers’ personal data
GRI
UNGC
OECD
DMA PR Consumer
privacy aspect,
DMA HR MSS
1, 2
VIII.6
Canal+ Group, UMG, SFR and Maroc Telecom have a Data Protection
Officer (DPO), or entity department in charge of issues related to the
collection, treatment and storage of customer’s personal data.
Some of the mechanisms set up by the Group’s subsidiaries that
illustrate application of the commitments to protect personal data are
listed below:
UMG’s websites display mandatory legal announcements on respect
for privacy, and clearly explain to consumers the Company’s policies
on personal data;
GVT is continuing its information and awareness training programs
aimed at its employees and customers, in particular the program
“GVT Inspira: for responsible Internet use”. This program provides a
whole range of tools (guides and brochures, a website, blog, mobile
application and talks in schools) with the aim of giving participants
the essential tools to safe online behavior;
SFR has maintained different devices: technical tools for parental
control on fixed and mobile lines, recommendations for safe
Internet use by children, devices flagging illegal content (Internet
site to report illegal content, PC application to facilitate reporting of
illegal content and customer service contact information). In 2013,
the devices for protecting and assisting customers against phishing
(attempting to steal passwords through fraudulent e-mails) were
strengthened.
In addition, the SFR Business Team supplemented its cloud security
solutions with the Cloud Storage Suite, which reinforces protection
when exchanging and securing business information;
among the commitments made by Maroc Telecom in the area
of personal data protection (ISO 27001) and compliance with
Law 09/08 on protecting the data of physical persons, in 2013,
Maroc Telecom implemented the following measures: offering
customers the option of limiting commercial messages, information
on precautions to take to protect personal data on their mobile
phones before sending them for repair, and making the Group’s
employees aware of issues surrounding protection of their personal
data.
Maroc Telecom has also reviewed all the personal data it holds and
its treatment of this data in order to report on this to the National
Control Commission for the Protection of Personal Data (CNDP),
which is in charge of verifying that the treatment of personal
data is lawful and legal and does not violate privacy, freedom, or
fundamental human rights.
Moreover, in 2013, 24 internal auditing engagements were
completed to verify compliance by Maroc Telecom’s business
activities with the standards of ISO 27001/2005 certification.
Special attention paid to informing young audiences
Description of initiatives to raise the awareness of users,
particularly young audiences, regarding personal data and
information related to online privacy
GRI
UNGC
OECD
DMA PR Respect
for privacy aspect,
DMA HR MSS, TSS
PA7, PA11
1, 2
II.A.14, II.B.1, IV,
VIII.5 and 8
The Vivendi Group is particularly focused on raising the awareness of
users, particularly young audiences, regarding issues of personal data
protection and management of their private lives online.
The CSR department brought together the Group’s subsidiaries to
discuss the topic “Young Internet users and the digital lifestyle: the
issue of personal data” together with representatives of the EU Council,
French Defender of Rights, and the CNIL. The objective was to raise
awareness of regulatory changes related to the protection of privacy
and changes in uses with regard to the placing of online personal
information by young people. The CSR department also focused on
gaining a better understanding of the treatment methods used for
personal data of children and teenagers on the websites of the Group’s
subsidiaries offering media content to that audience, in order to
anticipate the measures that will be implemented within the framework
of future European regulations.
In February 2013, Vivendi also launched its first webradio, on the
occasion of Safer Internet Day 2013, which is the European day
dedicated to promoting a more responsible and safer Internet for young
people. The webradio Vivoice is a specialized media for interacting with
the Group’s stakeholders to discuss its CSR issues. At a special morning
session, Vivendi invited approximately thirty speakers (politicians,
professionals, scientists, experts and high school students) to exchange
views on issues of online reputation and online critical thinking.
