Management Approach Disclosures

  • GRI 103-1 Explanation of the material topic and its Boundary
  • GRI 103-2 The management approach and its components
  • GRI 103-3 Evaluation of the management approach

For us, product responsibility is not just a legal requirement – it is also an important competitive factor that has a lasting impact in particular on the trust placed in ProSiebenSat.1’s products, offers and brands and therefore on the financial success of the Group. The issues of data protection and media law in this regard are covered by the compliance management system (CMS). Compliance management system (CMS)

ProSiebenSat.1 Group has implemented processes and measures to protect personal data against misuse. Data protection compliance is to be ensured by means of a risk-oriented data protection management system. Furthermore, we take security precautions to prevent personal data and other sensitive data from being lost, destroyed, accessed or used, processed or disclosed without authorization.

DATA PROTECTION PROCESSES AT PROSIEBENSAT.1 GROUP

Data protection compliance

Performance of an initial risk analysis including a compliance check in the context of introducing/changing automated procedures for processing personal data in order to meet the requirements of data protection law (Articles 5, 6 GDPR).

Commissioned processing

Process for legally compliant preparation of agreements under data protection law in order to meet the requirements of Articles 26, 28 GDPR.

Information to public authorities

Process for legally compliant disclosure of personal data to public authorities.

Information to be provided and rights of the data subject

Legally compliant information and processing of data subjects’ requests for the fulfillment of articles:

  • Transparent information (Articles 12 et seq. GDPR)
  • Rights of access (Article 15 GDPR)
  • Right to rectification and erasure (Article 16 GDPR)
  • Right to erasure (Article 17 GDPR)
  • Data portability (Article 20 GDPR)
  • Rights to object (Article 21 GDPR)

Data breach notification

Process for legally compliant reporting of data breaches (= third parties unlawfully obtaining personal data) in accordance with Articles 33, 34 GDPR.

The requirements of the compliance management system (CMS) according to media law primarily concern journalistic independence, the separation of advertising and programming, requirements for product placement, requirements for youth protection and the prevention of surreptitious advertising or the broadcast of illegal advertising. A number of individual topics also form part of the Code of Conduct. Code of Conduct

ProSiebenSat.1 Group is committed to maintaining a distinction between editorial reporting and publications made for promotional purposes. At relevant compliance events, the individuals responsible, such as TV editors, receive training on bans and the consequences of violations. In justified individual cases in which the use of surreptitious advertising is suspected, an ad hoc supervisory committee may take action. The Group is also committed to complying with the provisions of the German Interstate Broadcasting Agreement and the Joint Guidelines of the State Media Authorities for Advertising, for the Separation of Advertising and Programme Services, and for Sponsoring on Television and Radio. The ProSiebenSat.1 advertising guidelines on the separation of advertising and programming contain specific explanations of placement bans for certain products and services. Advertising guidelines

In order to preserve journalistic independence and fundamental provisions, the Group has formulated guidelines to which all program makers in the company in Germany are committed. The Guidelines for Ensuring Journalistic Independence specify the understanding of the journalistic principles set forth in the Press Code of the German Press Council. In accordance with the internal guidelines, journalists and editors working for ProSiebenSat.1 Group are required to comply with the Principles on the Conduct of Journalists issued by the International Federation of Journalists. Accordingly, they are free to report as they see fit independently of social, economic or political interest groups. As a media company, political independence is of the utmost important to us. Monetary donations and donations in kind to political parties are therefore not permitted, unless the donation has been approved in advance by the Executive Committee of ProSiebenSat.1 Media SE. In general, editorial contributions must not be influenced by the private or business interests of third parties or by the personal or financial interests of employees. Product responsibility

ProSiebenSat.1 Group’s Youth Protection Officers make sure that all content for which the Group is responsible is made available on TV and online in an age-appropriate manner. The aim is to make it difficult for children and young people to access content that is inappropriate for their age group. The German Interstate Treaty on the Protection of Minors defines clear guidelines in this respect. The Group’s Youth Protection Officers work independently of the management and are responsible for ensuring that content that is inappropriate for children and young people is broadcast only at the legally prescribed broadcasting times. They also ensure that technical methods of protection are used on the Group’s websites in relation to the distribution of content that has the potential to impair development. As well as providing employee training and internal guidelines, we support the protection of young people via various organizations. Youth protection processes

Public Policy

  • GRI 415-1 Political contributions

In 2018, as in the previous year, ProSiebenSat.1 Group did not make any monetary donations or donations in kind to political parties.

Customer Health and Safety

  • GRI 416-2 Incidents of non-compliance concerning the health and safety impacts of products and services

We identified a total of 17 incidents of non-compliance (previous year: 11) with programming principles and journalistic duties of care and with statutory regulations governing the protection of young people in 2018.

ProSiebenSat.1 reports on publicly confirmed incidents of non-compliance concerning media law. No further information (e.g. financial penalties or warnings) is provided.

Marketing and Labeling

  • GRI 417-2 Incidents of non-compliance concerning product and service information and labeling
  • GRI 417-3 Incidents of non-compliance concerning marketing communications

In 2018, we identified no incidents (previous year: 50) of non-compliance with regulations or voluntary codes concerning information on the labeling of products and services.

ProSiebenSat.1 reports on publicly confirmed incidents of non-compliance with regulations or voluntary codes concerning information on the labeling of products and services. No further information (e.g. financial penalties or warnings) is provided.

In this respect, we identified a total of 27 incidents (previous year: 29) of integrity, GTC and advertising violations with regard to the advertising of our own products in 2018.

In this section, we report on publicly confirmed incidents of non-compliance with statutory regulations, but do not provide any disclosures regarding incidents of non-compliance with voluntary codes.

Customer Privacy

  • GRI 418-1 Substantiated complaints concerning breaches of customer privacy and losses of customer data

In 2018, there were seven (previous year: five) substantiated complaints concerning breaches of customer privacy. In two cases, we made payments to third parties totaling approximately EUR 1,000. Furthermore, there were 13 cases (previous year: two) of data leaks and of data theft or loss at ProSiebenSat.1 Group companies in Germany; however, only seven of these cases were reportable.

Due to the small number of incidents, we are not reporting by complainant.

Socioeconomic Compliance

  • GRI 419-1 Non-compliance with laws and regulations in the social and economic area

In 2018, ProSiebenSat.1 identified a total of five violations and fines/compensation payments of approximately EUR 4,000 for non-compliance with laws and regulations relating to the provision and use of products and services.

With regard to socioeconomic compliance, we report on financial penalties but do not provide disclosures on non-financial penalties.