Data protection
Autogrill S.p.A. has updated the Data Protection Document for 2011, in consideration of our particular business needs, although it no longer needs to be mentioned in the financial statements in accordance with the “Simplification and Development Decree” (D.L. 5/2012).
This decree has also excluded data on corporate entities from the concept of “personal data.” The Group’s actions during the course of 2011 can be summarized as follows.
PCI DSS certification for credit card payment systems (available in version 2.0 since 2011) was renewed for Autogrill S.p.A. and Nuova Sidap S.r.l. and the certification process began for Alpha Retail Italia S.r.l.
A new intercompany agreement with the subsidiaries Aldeasa S.A., Autogrill Iberia S.L., World Duty Free Group UK Ltd. (formerly Autogrill Retail UK Ltd.), World Duty Free Group International Ltd. (formerly Autogrill International Airports Ltd.), Holding de Participations Autogrill S.a.s., and Autogrill Belux N.V. governs Autogrill S.p.A.’s processing of employee data for the Aconnect portal.
The Disaster Recovery (DR) project was completed for the SAP system, regarding payroll and personnel management. This is in addition to DR for the administrative and financial, store management and supply chain systems.
Physical security improvements were completed and REI 120 fire safety certification obtained at the datacenter in Rozzano.
Four ICT security policies were adopted for all of the European companies (concerning reporting, access and usage management, the security of electronic payments and disaster recovery).
The process of appointing employees in charge of data processing has been completely automated and integrated with the HR management system.
In addition, more stringent criteria have been adopted for:
- the evaluation of system administrators;
- program access control;
- access to the company network by external parties;
- monitoring of online privacy training.
Finally, some updates have been made to the organizational structure and eight external companies have been added to the list of data processors.
Directors’ Report
- The Autogrill Group
- Group performance
- Business segments
- Performance in the fourth quarter of 2011
- Outlook
- Other information
- Corporate Social Responsibility
- Main risks and uncertainties faced by the Autogrill Group
- Corporate Governance
- Management and coordination
- Related party transactions
- Statement pursuant to art. 2.6.2 (12) of the Regulations for Markets Organized and Managed by Borsa Italiana S.p.A.
- Research and development
- Data protection
- Shares held by directors, statutory auditors, general managers and executives with strategic responsibilities
- Treasury shares
- Significant non-recurring events and transactions
- Atypical or unusual transactions
- Reconciliation between parent and consolidated equity
- Definitions and symbols