Management Approach Disclosures

  • GRI 103-1 Explanation of the material topic and its boundary
  • GRI 103-2 The management approach and its components
  • GRI 103-3 Evaluation of the management approach

We see product governance, with its central components of data protection and media law, not only as a legal requirement but also as an important competitive factor with a lasting impact on trust in ProSiebenSat.1 Group’s products, offerings and brands and thus also on the economic success of the Group. Data protection and media law provisions are covered by the compliance management system (CMS).

For information on compliance training, please refer to the Anti-Corruption and Antitrust Law section.

ProSiebenSat.1 Group has implemented processes and measures to protect personal data against misuse. The aim is to ensure compliance with data protection on the basis of a risk-oriented data protection management system and to protect personal and other sensitive data from loss, destruction, unauthorized access, or unauthorized use, processing, or disclosure.

DATA PROTECTION PROCESSES AT PROSIEBENSAT.1 GROUP

Data protection compliance

Performance of an initial risk analysis including a compliance check in the context of introducing/changing automated procedures for processing personal data in order to meet the requirements of data protection law (Articles 5, 6 GDPR).

Commissioned processing

Process for legally compliant preparation of agreements under data protection law in order to meet the requirements of Articles 26, 28 GDPR.

Information to public authorities

Process for legally compliant disclosure of personal data to public authorities.

Information to be provided and rights of the data subject

Legally compliant information and processing of data subjects’ requests for the fulfillment of articles:

  • Transparent information (Articles 12 et seq. GDPR)
  • Rights of access (Article 15 GDPR)
  • Right to rectification and erasure (Article 16 GDPR)
  • Right to erasure (Article 17 GDPR)
  • Data portability (Article 20 GDPR)
  • Rights to object (Article 21 GDPR)

Data breach notification

Process for legally compliant reporting of data breaches (= third parties unlawfully obtaining personal data) in accordance with Articles 33, 34 GDPR.

Information Security

The sufficient security of business processes, IT, infrastructure and critical information is a strategic factor for the competitiveness and continued existence of ProSiebenSat.1. The strategic goals of data protection and information security comprise maximizing business continuity and minimizing business losses, complying with laws and regulatory requirements (compliance), preventing and minimizing the effects of security breaches, taking precautions for the authorized use of systems and information, and avoiding damage and unauthorized processing. The Information Security Policy defines our fundamental guidelines for the use of ProSiebenSat.1 Group information. Fulfilling legal requirements and regulations as well as complying with internal security rules are essential for ProSiebenSat.1 Group. Data protection and safeguarding the Company’s assets in the form of information are two of the most important factors for ProSiebenSat.1 Group’s compliance objectives.

The media law provisions of the CMS particularly deal with journalistic independence, the principles of the separation of advertising and programming, the requirements for product placement and protection of young people, and the prevention of surreptitious advertising and broadcasting of legally prohibited advertising. A number of individual topics also form part of the Code of Conduct.

  • ProSiebenSat.1 Group is committed to differentiating between editorial reporting and broadcasts for advertising purposes. At relevant compliance events, the individuals responsible, such as TV editors, receive training on bans and the consequences of violations. In justified individual cases in which the use of surreptitious advertising is suspected, an ad hoc supervisory committee may take action. The Group is also committed to following the provisions of the German Interstate Broadcasting Agreement and the “Common Guidelines of the State Media Authorities for advertising, for ensuring separation of advertising and programming, and for sponsorship on television and radio.” In particular, every employee must make sure that the ban on influencing programming, the ban on surreptitious advertising and the labeling obligations are complied with. In addition, the content and scheduling of a sponsored broadcast may not be influenced by the sponsor such that the responsibility and editorial independence of the broadcaster is impaired.
Advertising Guidelines

The ProSiebenSat.1 advertising guidelines on the separation of advertising and programming also contain specific explanations of placement bans for certain products and services. They provide employees with binding guidelines as part of their employment contract. For the German stations, the guidelines serve the preservation of journalistic credibility and safeguard the independence of the content from third-party influences as the top-level programming guidelines. For the TV stations in Austria and Switzerland, the respective national laws apply.

  • To ensure journalistic independence and comply with fundamental media regulations, the Group formulated guidelines which are binding for all of the Company’s program makers in Germany. The “Guidelines for Ensuring Journalistic Independence” specify the understanding of the journalistic principles set forth in the Press Code of the German Press Council. In accordance with internal guidelines, journalists and editors working for ProSiebenSat.1 Group must follow the International Federation of Journalists’ “Principles on the Conduct of Journalists”. According to these principles, they are essentially free to report as they see fit independently of social, economic or political interest groups. As a media company, political independence is of the utmost importance to us. Cash and non-cash donations to political parties are therefore not permitted unless the donation is approved by the Executive Board of ProSiebenSat.1 Media SE in advance. Generally, the guidelines stipulate that editorial content must not be influenced by private or commercial interests of third parties or by personal or economic interests of employees. Public Value Highlights, Media-Specific Disclosures
  • Youth protection officers at ProSiebenSat.1 Group are tasked with making sure that all TV and online content for which the Group is responsible is offered in an age-appropriate way. The aim is to make it difficult for children and young people to access content that is inappropriate for their age group. The German Interstate Treaty on Youth Protection in the Media defines clear guidelines in this respect. The Group’s Youth Protection Officers work independently of the management and are responsible for ensuring that content that is inappropriate for children and young people is broadcast only at the legally prescribed broadcasting times. At the same time, they are expected to use technical means (e.g. PIN procedures) to ensure the protection of young people from the dissemination of content on the Group’s websites that could potentially harm their development. To this end, the youth protection officers are involved in the production and purchasing of programs at an early stage. They assess scripts in advance, support productions, and prepare expert reports. Within the Company they perform an advisory role, while externally they are available to viewers and users as contact persons for complaints, for example. Independently from the work of the youth protection officers, TV and online editors receive regular training on youth protection regulations. As well as providing employee training and internal guidelines, we support the protection of young people via various organizations, such as the Voluntary Self-Regulation of Television Association (Freiwillige Selbstkontrolle Fernsehen, FSF) and the Voluntary Self-Monitoring of Multimedia Service Providers Association (Freiwillige Selbstkontrolle Multimedia-Diensteanbieter, FSM).

Youth Protection Processes at ProSiebenSat.1 Group

Youth Protection Processes at Prosiebensat.1 Group (Graphic)

Public Policy

  • GRI 415-1 Political contributions

In 2019, as in the previous year, ProSiebenSat.1 Group did not make any monetary donations or donations in kind to political parties.

Customer Health and Safety

  • GRI 416-2 Incidents of non-compliance concerning the health and safety impacts of products and services

For 2019, we recorded a total of eleven violations (previous year: 17) of program principles and journalistic due diligence as well as provisions for the protection of minors and personal rights. No fines or financial penalties were imposed in the reporting period.

ProSiebenSat.1 reports on publicly confirmed incidents of non-compliance concerning media law. No further information (e.g. compensation payments or warnings) is provided.

Marketing and Labeling

  • GRI 417-2 Incidents of non-compliance concerning product and service information and labeling
  • GRI 417-3 Incidents of non-compliance concerning marketing communications

In 2019, we identified five incidents (previous year: 0) of non-compliance with regulations or voluntary codes concerning information on the labeling of products and services. No fines or financial penalties were imposed in the reporting period.

ProSiebenSat.1 reports on publicly confirmed incidents of non-compliance with regulations or voluntary codes concerning information on the labeling of products and services. No further information (e.g. compensation payments or warnings) is provided.

In this respect, we identified a total of 21 incidents (previous year: 27) of integrity, GTC and advertising violations with regard to the advertising of our own products in 2019. No fines or financial penalties were imposed in the reporting period.

In this section, we report on publicly confirmed incidents of non-compliance with statutory regulations, but do not provide any disclosures regarding incidents of non-compliance with voluntary codes.

Customer Privacy

  • GRI 418-1 Substantiated complaints concerning breaches of customer privacy and losses of customer data

In 2019, there were eight cases (previous year: seven) of substantiated complaints regarding the violation of customers’ privacy at companies of ProSiebenSat.1 Group in Germany. Furthermore, there were twelve cases (previous year: seven) of data leaks, data theft, or data loss that had to be reported in accordance with the General Data Protection Regulation (GDPR). No fines or financial penalties were imposed in the reporting period as a result of data protection violations.

Due to the small number of incidents, we are not reporting by complainant.

Socioeconomic Compliance

  • GRI 419-1 Non-compliance with laws and regulations in the social and economic area

In 2019, ProSiebenSat.1 identified a total of eleven violations (previous year: five) with compensation payments of approximately EUR 5,000 for non-compliance with laws and regulations relating to the provision and use of products and services. No fines or financial penalties were imposed in the reporting period.

With regard to socioeconomic compliance, we report on financial penalties but do not provide disclosures on non-financial penalties.