Salterbaxter is the creator of the Innovation Day, the agency’s annual day dedicated to supporting social entrepreneurs. In 2021, this was turned into Innovation Month: around 10 entrepreneurs were offered advice and recommendations by all the teams made available to them, in order to help them achieve more impactful communication. The program was extended from one day to one month in order to have a stronger and faster impact for these social entrepreneurs.
Janus is the Groupe’s Code of Ethics and applies to all managers and their teams. It consists of a code of conduct and detailed operating rules. The code of conduct applies to all employees (see Section 3.1.7 of this document). 61% of the Groupe’s workforce has received training in the Janus Code and its contents. A majority of new employees follow an induction program comprising a presentation of the Groupe and its businesses and a presentation on Janus and its key principles. This includes elements related to team and manager standards of behavior, and the operating rules to be respected in terms of fair trade. One of these elements is the “Zero Tolerance” principle in terms of discrimination, harassment, and violence at work, rules regarding conflicts of interest, fraud, prevention and combating of corruption, data protection, key points of the HR policy, and a reminder of the major principles adhered to by the Groupe, such as the United Nations Global Compact.
In terms of business, one of the Groupe’s historical principles is its refusal to take part in partisan communications campaigns of any kind. The Groupe refuses to work for political parties, cults or ideological propaganda organizations, and refuses any request for funding, contribution or free support.
Several Janus excerpts are available on the Groupe’s website, in the CSR section.
GDPO (Global Data Privacy Office) is a team of specialized lawyers, legal experts and experienced professionals, experts in data protection issues, working under the supervision of the Chief Data Protection Officer (CDPO). The GDPO is part of the Groupe’s Legal Department, which reports to the Secretary General. Its role is to oversee the data protection program, advise agencies on protection issues and help them with risk management. It also participates in various professional bodies or joint initiatives such as IAB EU’s Transparency & Consent Framework, and the IAB, US’ CCPA Framework. From an operational point of view, the GDPO relies on its Global Data Privacy Operations Team (GDPOps) including Privacy Leads and Data Privacy Stewards in the various countries, in charge of implementing and monitoring the compliance program. The GDPO and GDPOps teams work closely with the GSO, the Global Security Office (see below).
The data protection policy is based on the principle Privacy-by-Design and must ensure compliance with applicable laws and best practices. This very early stage approach facilitates cooperation with all teams from the earliest stages of a project, so that data protection is well integrated into systems and solutions, and in close contact with client-side teams. The following principles are applied: i) ensure that each claimant can exercise his or her rights; ii) review data protection policies and procedures; iii) carry out regular assessments to identify any problems and, if necessary, implement rectification plans.
Even if the field of data protection requires a certain expertise, all Publicis Groupe employees must understand and apply the fundamental principles of data protection, and thus have a vision of each person’s obligations and role in the project. Training for all employees takes place every year with reminders on the European GDPR (General Data Protection Regulation) and on other regulations such as the CCPA (California Consumer Privacy Act) as well as on data security. Specific training was delivered also and as needed.
In 2021, for the second year, Publicis Groupe was assessed by Cybervadis and remained in the top 1% of companies in terms of security and protection (score for 2021: 961/1000, an improvement from 2020), thanks to the joint work between the GDPO and the GSO.
The Groupe’s data protection policy is publicly available on the Groupe’s website, in the CSR library. Data protection issues are centralized and each employee can directly contact the GDPO and its teams: privacyofficer@publicisgroupe.com.