Focus on data protection
So far, the key focus of compliance was on the topics of antitrust legislation, corruption, product liability, environment/occupational safety and fundamental employee rights. The introduction of the GDPR in the EU on 25 May 2018 heralded a significant tightening of the legal requirements placed on the data protection concepts of companies. Comprehensive measures for implementation of the GDPR were carried out in the reporting year under the leadership of the Group’s legal department. An external data protection officer was appointed for the entire Group, who has already conducted initial audits at the companies in Switzerland, Austria, Poland, the Benelux Countries, the UK and Sweden. In-house data protection coordinators have been appointed and trained at all Geberit companies. In addition, all processes have been documented in which personal data is processed. Furthermore, a Data Protection Guideline has been passed that in turn serves as the basis for privacy policies for various applications such as websites or mobile apps. Finally, technical and organisational measures concerning compliance with data protection regulations and a concept for reporting data breaches have been drawn up.
Product liability: Nozzle cleaner damage case
The older shower toilet models Geberit AquaClean 8000plus and Geberit Balena 8000 were liable to develop a leakage if a certain nozzle cleaner was used over a prolonged period. In the worst case, this could have led to a smouldering fire. Three such cases of smouldering fires occurred in 2017 that caused only material damage. Comprehensive measures were implemented in 2018 to rule out this risk for all other owners of the corresponding shower toilet models. Sales of the nozzle cleaner that caused the problem were discontinued immediately. In addition, appropriate market information was promptly drawn up and sent to all wholesalers, plumbers and, to the extent known, potentially affected end users. Owing to the large number of devices concerned, not only the local Geberit companies and their service providers but also external service providers had to be called on for the required service assignments. The assignments were largely concluded by the end of 2018. Apart from the aforementioned incidents, there were no further damage cases.
Legal advice and reporting
Regular antitrust legislation audits were carried out in the Adriatic sales region as well as in Finland, Norway and Switzerland as part of the ordinary internal audit, but did not reveal any significant breaches. Furthermore, the Group’s legal department dealt with the usual enquiries from Geberit markets concerning the permissibility of marketing and sales campaigns.