PERNOD-RICARD - URD 2020-21

____ 3. SUSTAINABILITY & RESPONSIBILITY ETHICS & COMPLIANCE

GLOBAL STRATEGY & GOVERNANCE Pernod Ricard has implemented a strong personal data protection strategy and governance. The Group drafted a comprehensive personal data protection roadmap ahead of GDPR enforcement and is implementing it across the Group, in parallel with specific actions to address local requirements where relevant. The Group DPO (Data Protection Officer) and the Group's personal data protection network enable Pernod Ricard to implement personal data protection compliance actions, implement policies and procedures at local level and share best practices. This governance structure involves a wide range of stakeholders, including the Group DPO, personal data protection Champions at regional and local level, along with a Personal Data Protection Steering Committee as well as the various internal As a pillar of the Group’s digital transformation, data personal data protection is a matter that concerns everyone at Pernod Ricard. This is why Pernod Ricard places a particular focus and efforts on legal monitoring, employee training (including with Group-wide MOOCs as well as both mandatory and tailor-made subject-specific trainings), internal awareness campaigns and more generally on change management. CUSTOM TOOLS & PROCEDURES The Group has created various custom, user-friendly tools and procedures to ensure personal data protection compliance, including: a comprehensive overarching documentation to ensure consistent implementation of personal data protection and common standards based on a global personal data protection policy, adapted for local requirements, along with detailed procedures and toolkits; personal data protection by design and by default procedures and processes implemented on new projects, with specific privacy documentation on major projects ( e.g. development of the latest version of the consumer database); audit processes and questionnaires to assess third parties’ maturity and compliance level on personal data protection; checklists and templates on specific topics such as handling data subject requests, or handling potential personal data protection breaches. Prevention of corruption 3.4.1.3 and anti-competitive practices Prevention of corruption Integrity, and a zero-tolerance policy against corruption and all related misconducts have long been part of Pernod Ricard’s core values. business teams (IT, marketing, HR, etc.). EMPLOYEE ENGAGEMENT & UPSKILLING

UNAMBIGUOUS TONE FROM THE TOP The Pernod Ricard Code of Business Conduct, prefaced and endorsed by the Chairman and CEO, applies to all employees of the Group. Pernod Ricard’s General Counsel – Compliance Officer is in charge of structuring and promoting the Group’s comprehensive and robust anti-corruption programme. RULES FOR EMPLOYEES AND OTHER STAKEHOLDERS Pernod Ricard’s Code of Business Conduct : the Code (accessible on the Intranet and Group’s website: https://www.pernod-ricard.com/en/download/file/fid/10234/), includes, in particular, a chapter related to the fight against corruption and business integrity in general. The Code also covers other topics such as compliance with competition law, prevention of insider trading and conflicts of interest. Group anti-bribery policy: in accordance with the French 2016 Sapin 2 law, the Policy specifically details the Group’s rules to prevent, deter and detect public and private corruption and influence peddling ( trafic d’influence ) risks. It also provides employees and stakeholders with clear, pragmatic examples of potentially sensitive situations. Internal Control Principles : they apply to all Group affiliates and specify that all Pernod Ricard affiliates must comply, among other things, with the Pernod Ricard Code of Business Conduct and the Procurement Code of Ethics. Pernod Ricard sends all affiliates a self-assessment questionnaire every year, in which they must state whether they are compliant with Group policies. The reliability of the responses to these questionnaires is confirmed in a letter of representation signed by the Chief Executive Officer and Chief Financial Officer of each entity. In addition, the Legal Department works with the internal audit team to conduct a number of compliance audits each year at certain affiliates. Finally, a further task of the internal audit is to monitor the Group’s compliance with the rules implemented for the fight against corruption and influence peddling. Whistleblowing policy : employees are invited to speak up about, among other things, any potential corruption situation in relation to the Pernod Ricard activities inside or outside the Company. As part of the protection owed to whistleblowers, alerts may be filed anonymously, and the Group promotes a clear non-retaliation policy (see subsection 3.4.2.3 "Whistle-blower system"). Prior verification policy : Pernod Ricard’s Third Parties are subject to a due diligence process to determine their compliance risk profile (low, medium or high), allowing the Group to adjust, as appropriate, contractual and operational relationships to mitigate potential risks. Various levels of verification are set out under the procedure, depending on the initial risk assessment of each relationship category, as identified by Pernod Ricard’s Sapin 2 risk map on corruption and influence peddling. Gifts and Hospitality policy : approval is required from the Line Manager or the affiliate’s designated key contact, prior to receiving or offering any gifts or hospitality above a determined amount set at affiliate level.

133

PERNOD RICARD UNIVERSAL REGISTRATION DOCUMENT 2020-2021