54 Social product responsibility The observance of human rights is a basic requirement in connection with all of the products and services we offer. Specifically, we do not finance transactions that have anything to do with slave or child labor or are in violation of the European Convention on Human Rights, obligations under the labor and social law of the respective country, applicable regulations issued by international organizations (including the relevant UN conventions) or the rights of local populations or indigenous people. The RZB Group is not involved in business with products which can serve to suppress demonstrations or political unrest or infringe on human rights in some other way. This is especially true for businesses involved in countries in which political unrest, military conflicts or other violations of human rights are taking place or expected. Considering the requirements and concerns of our customers also plays an important role for our company in the shaping, sale and use of products and services. The security of our products and the security of our customers are both of central concern to us. Along with access to relevant information regarding products and services, this includes the verifiability of claims, explanations of the possible risks associated with products or services and appropriate information on risk reduction. Where possible, we inform customers about the sustainability aspects of our products. Any complaints which are brought to us are checked carefully and answered as soon as possible. We also strive to provide comprehensively barrier-free access to our financial services for disabled persons. Protection of customer data The RZB Group views comprehensive protection for all data provided to or made available to the group (concerning customers as well as employees) to be an important part of its business activities. Strict organizational rules apply throughout the RZB Group for the collecting, storage, processing and sharing of such information (insofar as permissible and/or necessary for the business activities), and compliance with these rules is regularly monitored by Group Auditing. In addition, all data protection measures implemented and employed throughout the RZB Group are aligned to the most current technical security standards. The most important principles of the data protection measures applied within the RZB Group are: • Classification of all data/information according to a four-level system, with appropriate (technical) authorization required for read and/or write access even in the “standard” category 2 protection class. • All read or write accesses are continuously logged electronically, and this logging is even centralized in the case of particularly sensitive classified data/information. • Regular backup routines (on a daily basis for business-critical data/information). • Technical security measures (such as network security and segmentation) to additionally regulate access to data. Instances of complaints relating to violations of customer privacy and the loss of customer data are monitored in all units. The reasons for the complaint or data protection violation are investigated, and necessary measures are taken. In financial year 2016, there were no substantiated complaints within the RZB Group in Austria regarding violations of customer privacy or the loss of customer data. Within our network, a total of 39 such complaints occurred in three subsidiary banks and two of our subsidiary banks experienced instances of data loss. All incidents were investigated immediately, and appropriate countermeasures were introduced. The technical and organizational measures that have been in place since last year for implementation of the General Data Protection Regulation of the EU, which will enter into force in 2018, are well underway and on schedule.
ebook_RBI_NHBericht2016_EN
To see the actual publication please follow the link above