Assystem - 2018 Register document

NON-FINANCIAL INFORMATION STATEMENT CSR-BUSINESS ETHICS GOVERNANCE AND STRATEGY

We have implemented procedures and processes to ensure full compliance with the General Data Protection Regulation (GDPR). The identified risks mainly concern the processing of employees’ personal data. Since our business is primarily BtoB, the protection of these clients’ personal data is not an issue. However, we have appointed a Data Protection Officer for our only BtoC business (Insiema). The results of a 2018 audit carried out in France by outside consultants were used to map the nature of data affected by the GDPR and identify any non-compliant practices. The audit is being extended this year to our subsidiaries outside France. We have appointed a GDPR project manager who reports on her activities at the monthly meetings of a steering Committee made up of members of the Energy & Infrastructure Executive Committee. Around fifteen correspondents have been given responsibility for rolling down the procedures and processes to the corporate departments and operating units. Legal advisors have been appointed in each subsidiary to help speed the project’s deployment. Action plans are being deployed to raise awareness of GDPR issues among the employees who are most directly concerned (employees responsible for hiring and departments responsible for mobility programmes). Specific information notices or consent requests have been added to mobility files and are systematically used during the candidate hiring process, as well as being posted on the Group’s website. Training is an integral part of the GDPR compliance process, with live chats, on-site workshops and e-learning sessions planned for 2019. Be a responsible employer Assystem’s 5,600 employees are the Group’s lifeblood and its most valuable resource. Our future success and growth depend on our ability to attract and retain talent, offer bespoke induction programmes and nurture diverse profiles, experiences and personalities. In 2018, we put this belief into words through our new communication campaign with the slogan “Incredible Engineers”. We are convinced that our teams’ enthusiasm, creativeness and perseverance make a critical contribution to our competitiveness. Create value for clients through sustainable and innovative solutions Technological innovation and innovative ways of using these technologies are a key asset when it comes to winning new contracts. The objective of the “Imagine” collaborative programme launched in 2018 is to catalyse our Group’s innovation capabilities by leveraging the strengths of our own teams and those of our external partners. Imagine enables the Group to benefit from the opportunities offered by our partners, whether they are clients, start-ups, schools or universities. Manage the Group’s environmental footprint Sustainable mobility is a core focus of the strategy to reduce the Group’s carbon footprint, given that business travel by employees currently accounts for over 90% of our CO 2 emissions. One of the solutions deployed in France in 2018 was the gradual transition of the car fleet towards green vehicles.

RESPECTING HUMAN RIGHTS In 2011, Assystem pledged to uphold the UN Global Compact which sets out ten universal principles covering human rights, labour, the environment and anti-corruption measures. In 2018, we went further by pledging to uphold the UN Women’s Empowerment Principles (WEPs), a set of seven principles offering guidance on how to empower women in the workplace, marketplace and community. By upholding these principles, we intend to promote the hiring and professional advancement of women in our host countries (see Section 3.3.2 below) . The Group applies the conventions of the International Labour Organisation (ILO). We have affirmed our commitment to complying and to ensuring that our employees and stakeholders comply with the ILO’s Declaration on Fundamental Principles and Rights at Work and its fundamental conventions on freedom of association and collective bargaining, the elimination of discrimination in respect of employment and occupation, the elimination of forced or compulsory labour and the effective abolition of child labour. Policies and procedures have been issued describing each employee’s rights and obligations. In France, compliance with these policies and procedures is overseen by the Human Resources & Quality Department and the Health, Safety & Environment unit, through: ● collective agreements on gender equality and the employment of people with disabilities; ● a process to protect the personal data of employees and clients; ● training in the prevention of discrimination. These policies and procedures are discussed in more detail in the Section – A responsible employer. IMPROVING INFORMATION SYSTEMS AND DATA SECURITY Information systems security is a strategic challenge for Assystem. At the dawn of the fourth industrial revolution, companies are becoming increasingly vulnerable to the risks of cyberattacks and data theft. We have responded to changes in the engineering professions, expansion of our international footprint and our growing reliance on information systems as a critical business asset by stepping up our systems security management strategy. An IT security audit and a risk mapping exercise were conducted in the Connect BU in 2018, and a specific team was set up, reporting directly to the Chief Operating Officer. Action plans will be implemented in 2019 covering three areas: ● health and safety policies and procedures;

3

● building and site security improvements; ● information systems security improvements;

● security culture training and awareness raising programmes for employees. These plans will leverage the skills and expertise of our industrial cybersecurity specialists.

39

ASSYSTEM

REGISTRATION DOCUMENT 2018