Digita – responsible operations throughout Finland

Responsibility at Digita

Social responsibility is an integral part of business at Digita. Our entire core business is based on the unbiased transmission of radio and TV programmes to all Finns in the entire country on every day of the year. In addition, it is the primary task of every Digita employee to support the business of our customers as an enabler of diverse experiences and as a creator of digital society.

We have three overreaching principles:

• we keep the promises given to our customers and each other;
• the attitude of every single Digita employee is crucial; and
• we know that we can perform miracles through co-operation and encouragement.

Our responsible business operations are based on the way Digita employees think and act. Responsibility is a mindset that permeates through the entire Digita organisation. As a socially responsible company, we take into account not only the economic responsibility but also the social and environmental responsibility.

We are also involved in the domestic, Nordic and international standardisation in the field, and the development of standardisation. We want to enable a functioning digital society through our operations. These things lay the foundation for the Digita way of operating in our entire organisation.

The principles of responsibility

Economic responsibility

Digita’s responsibility as a company is to operate profitably and develop its operations in the long term. Profitable operations guarantee a solid financial standing, which will affect the employees, customers and the various stakeholders. Digita is a reliable partner and supplier for its customers, a financially sound company and a stable employer. Through the long-term development of our operations, we generate added value for both our customers and owners. The economic responsibility is seamlessly integrated with social responsibility and environmental responsibility.

Social responsibility

For us at Digita, the most important aspects of social responsibility are customer satisfaction, competent personnel, employee well-being and enterprise safety. The valuable feedback from our customers and partners plays a key role in the development of our operations.

The development, comfort, health and occupational safety of our employees are vital for long-term operation. Systematic investments in the development of our personnel is one of the key focus areas of Digita’s HR policy. New development ideas and initiatives also support development and reform. The occupational safety of Digita employees is of the utmost importance to our owners.

Enterprise safety supports the achievement of the company’s strategic objectives and business continuity by ensuring that safety risks are identified, assessed and managed.

Environmental responsibility

Significant environmental aspects of our operations include energy efficiency, logistics, and waste management and recycling. We want to develop our operations actively in the long term in order to minimise our environmental impact and carbon footprint. The key principles are the principle of sustainable development and an environmentally friendly life cycle model, supported by our process-like operating model and management system.

Digita is also involved in the Green ICT project coordinated by the Finnish Federation for Communications and Teleinformatics FiCom, which challenges all ICT companies operating in Finland to join an environmental cause with the theme, “More ICT but lower emissions”.

Reporting of deviations from our principles of responsibility

Digita is known for quality, reliability and availability. We keep our promises and see things through as agreed. We hold a position of trust in the society and intend to remain worthy of that trust. This forms the basis of the high quality of Digita’s operations.

As a way of thinking, responsibility is in the core of the whole Digita organization. We follow the laws and regulations and act according to our own values and principles of responsibility in every situation.

Following our principles of responsibility and abiding to the laws and regulations guiding Digita’s business concerns all of us. It is a duty of every Digita employee and stakeholder to report any observed or suspected wrongdoings or offenses, whether they are against the law or our own principles.

Digita’s whistleblowing channel is an important part of the continuous monitoring of how our principles of responsibility are being fulfilled. Furthermore, through the whistleblowing channel it is possible to report about matters that are included in the forthcoming EU whistleblowing directive and legislation, which will come into effect in 2022. Through the whistleblowing channel, our employees and stakeholders can report on any observed or suspected acts against our principles of responsibility, laws and regulations anonymously and confidentially. The channel can be used even if it is not certain whether any misconduct has happened. It is enough if the whistleblower has a valid reason to believe that misconduct has taken place.

All messages sent through the whistleblowing channel are dealt with seriously. When sending a message, the whistleblower should assess, whether the matter could only be handled through the anonymous whistleblowing channel, or could it be sufficient that the matter would be handled with their superior or another Digita representative. If this is not possible, the whistleblowing channel can be used to report of any observations or suspicions.

Digita will not retaliate in any way or target any such actions depicted in the whistleblowing law against a report made under the Digita whistleblowing principles and will not try to prevent any employee or stakeholder from reporting or providing information about a wrongdoing of offense. Digita is following a pre-determined process for handling and investigating any sent messages and for carrying out possible additional measures.

The whistleblowing channel can be reached through the following link: https://report.whistleb.com/en/digita

Quality policy

Quality is a value we all share and an important factor in our success. Quality is the way we ensure our customers are satisfied with our company’s activities. Turning quality policy into practice is what we do every day. For our Quality Policy to succeed, both management and staff need to commit to actions and objectives that improve quality.

Our mission is to be the backbone of reliable communication of information and thus ensure functional connections and the availability of diverse modes of communication to all Finns. Our unique countrywide television and radio networks reach the entire nation and are built to operate reliably in all circumstances. We are also an enabler of the digital era and a developer of tomorrow’s intelligent society, smart cities and homes. We provide safe, high-quality digital infrastructure services for our customers. We keep our promises and see things through as agreed. Our operations are based on the ITIL framework and select ISO standards. We hold a position of trust in society and we want to be worthy of that trust. This forms the basis of the high quality of Digita’s operations.

Digita’s risk management supports leadership and decision-making, with the effectiveness of risk management monitored and developed through management functions designed to support continuous development. Our requirements for high-quality operations also extend to our partners and subcontractors.

Our high-quality operations ensure the satisfaction of our customers and other stakeholders, as well as the growth of our business activities. We identify our customers’ expectations so we can exceed them and recognise their requirements so we can fulfil them. We regularly ask our customers for feedback and use it to develop our operations. Customer satisfaction in Digita has grown significantly over the past few years. We develop our services with a positive attitude together with our customers and work wonders through cooperation. We ensure that our operations meet the requirements set by industry standards and our customers and partners.

We want to continuously improve our services in order to minimise our environmental impact and carbon footprint in the long term. Digita’s goal is to be carbon neutral by 2030. We want to be the best workplace in our industry for everyone, and we pursue this goal by providing a safe working environment and by treating all our staff equally and fairly.

We continuously assess and improve the effectiveness and efficiency of our management system. Good results come from high-quality operations, and continuous development will net us ever better results.

Communications policy

The purpose of Digita’s communications is to promote the business activities of Digita and its partners by proactively sharing information about the company’s objectives and operations. In our communications, we strive for transparency and two-way interaction. We engage in an ongoing dialogue with our various stakeholders and develop our operations accordingly. We operate in a systematic and goal-oriented manner, following the indicators set for our activities. 

Digita has two main business areas: Broadcasting and Telecom. Since the beginning of 2020, Digita has also been a pay-TV provider for the consumer market. Digita’s consumer brand is called AntenniTV. We use a myriad of communication channels to interact with our corporate customers, consumers and stakeholders. We also keep the consumer market up to date on what is happening with our television and radio networks as well as the availability of the networks.

We use the optimal channels appropriate for each situation in our communications and monitor their effectiveness. In media communications, we use a news distribution service that has a wide reach among Finnish media. The main channels that we use for our external communications are our website digita.fi, as well as our social media profiles on LinkedIn, Twitter and Facebook. Our most important communication channel towards consumers is antennitv.fi, where our customers can manage their subscriptions themselves. To communicate with our internal stakeholders – Digita’s staff – we mostly use our intranet.  

Digita Communications coordinates all media contacts and locates the best expert on the topic for the media. Company-wide policies and major news are communicated by the company CEO or a representative appointed by him. We do not comment on any company-confidential or pending business transactions or our competitors’ affairs. Our image bank provides the media with images related to our operations and towers, which can be freely published.  

Digita has a whistleblowing channel that provides a way to report suspected cases of wrongdoing that could potentially lead to serious harm to individuals, our organisation, society as a whole, or the environment.

Digita has defined crisis communication guidelines that are applied in situations where enhanced communication is needed, such as unexpected and sudden events. Through prompt and open crisis communication, we seek to calm the situation and minimise any negative impact of the event on the company, its stakeholders and the environment.  Digita has guidelines for the use of social media, which can be found on our intranet. Digita generally encourages its staff to use social media in their work with attention to data-secure practices.

Occupational Health and Safety Policy

Occupational safety and a safe work environment are a primary concern for Digita. Digita requires that its staff and stakeholders, regardless of their duties or job description, to follow safe practices at all times and to also consider the safety of others. We constantly improve occupational safety through an approved action plan, guidelines and continuous development. Our organisation is certified under the ISO45001:2018 Occupational Health and Safety standard. In this way, we ensure that our operations are in line with the latest safety standards. Our goal is to continuously improve safety. Ensuring occupational safety and the well-being of our employees is part of being a responsible corporate citizen. 

Our operations meet all the requirements set by the law, public authorities, industry standards, and our customers and partners.

We have a nationwide occupational health and safety organisation that:

• communicates transparently on occupational health and safety matters 
• ensures that the necessary operational models, guidelines and results are openly available 
• processes all occupational injuries and safety observations and shares their findings and lessons
• carries out regular on-site safety inspections
• ensures that all personnel possess the competencies required to safely perform their duties
• ensures that our induction process for new personnel works as intended when launching new services

We identify occupational health and safety risks as part of our comprehensive risk management. Risk management helps us to ensure the continuity of our business and to prevent injuries, occupational diseases, pandemics and other risks. Risk management also allows us to measure the success of the steps that we have taken to prepare for the aforementioned kinds of risks. We work in active cooperation with occupational health services to promote preventive measures. We pay special attention to safety in our own premises and those of other parties. Digita’s managers are responsible for the day-to-day safety of their own organisation. Each employee is responsible for his or her own safety as well as for the safety of their co-workers. We require our employees to report any safety shortcomings they notice via the safety observation system. We also facilitate our stakeholders’ safety observations by instructing them on the use of the safety observation system. We have a number of indicators that we use to continuously monitor the level of safety and well-being.

Responsible management, staff involvement and cooperation between experts are the cornerstones of our occupational health and safety activities. By listening to one another and learning from our colleagues, we can build a safe and healthy Digita together.

Information Security Policy

Information security is an essential part of our corporate security and risk management. Our services are significant both nationally and for the security of supply. Therefore, information security and the continuity of the operations are essential for Digita.

Information security refers to maintaining the availability, confidentiality, and integrity of information.

This information security policy is expanded by topic-specific policies to ensure efficient implementation of information security at Digita.

The key objectives for our information security are:

• To maintain and continuously evolve the security, continuity, and quality of the services we provide
• To fulfill the requirements set by authorities, customers, and partners, and to comply with them
• To follow the best practices for information security and continuously improve our security postures.

Our senior management is committed to achieving the information security requirements. To support this goal, it has defined the roles and responsibilities for information security and for implementation and development of our information security management system, which adheres to the ISO/IEC27001:2013 standard.

The policies for information security management are reviewed by the management on a regular basis. CEO ensures that the policies and related guidelines are followed throughout the organization. The Chief Information Security Manager (CISO) is responsible for the implementation, development, and maintenance of the information security management system. CISO provides support to businesses so that they may implement the information security management system and also follow the best practices for information security. The management, the business units and the internal support functions all ensure the information security of their own services and processes.

Employees must act in accordance with policies and guidelines related to information security, participate in general and topical training related to their work role, and report threats, vulnerabilities, breaches, and other security-related findings according to the instructions.

We advance the security of our operations and information according to the ISO27001:2013 Information Security Management System and the best practices for information security.

The vulnerabilities and threats related to our operations are identified and managed by using our consistent risk and asset management procedures.

We ensure that our partners and suppliers take information security requirements into account in their operations. We collaborate with them to develop our joint information security postures further.

We collaborate closely also with authorities, customers, and other stakeholders to meet the requirements set for us by the law, and by them.

We draw plans that ensure the continuity and recovery of our operations and the restoration of services. We plan incident management processes to support the operations efficiently. This verifies the security, privacy, and quality of operations. We inform about security incidents on our website and various social media channels.

The personnel are familiarized with the key requirements of information security, and we organize targeted training on the topics of information security and privacy, aligned with the employee roles. Training is planned to achieve the competence required by our strategy and the requirements for information security.

The information security and privacy of data our operations are assessed by, among other things, reviewing the effectiveness of training, analyzing the incidents and disruptions related to security, and assessing the successfulness of risk management.

External and internal auditors assess the functionality and efficiency of Digita’s certified ISO/IEC 27001 information management security system, focusing on the scope of the certificate.

Internal auditors carry out periodical audits on the whole organization and its information security. We also conduct external, technical audits based on risk analyses.

Our management assesses the state of information security in its periodical reviews. Information security status is reported to the company’s Board of Directors periodically.

Intentional violations on information security policies and guidelines are managed in accordance with the disciplinary process.

Our privacy principles are described in the Privacy Policy.

Vesa Tykkyläinen
CEO

OHS Policy

Occupational safety and providing a safe working environment are of paramount importance to Digita. Digita expects its staff and stakeholders, regardless of their duties or job description, to follow safe practices at all times and to also consider the safety of others. We are always looking to raise the standard of occupational safety through a company-wide action plan, guidelines and continuous improvement. Our occupational health and safety management system is ISO 45001:2018 certified. ISO certification ensures that our procedures comply with the latest safety standards and that we keep looking for new ways to improve safety. Ensuring occupational safety and the well-being of our employees is part of being a responsible corporate citizen.

It is important to us that we satisfy all the requirements set by the law, government authorities and industry standards, as well as our customers, partners and sites.

We have a nationwide occupational health and safety organisation that:

• communicates transparently on occupational health and safety matters
• ensures that the necessary operational models, guidelines and results are openly available
• processes all occupational injuries and safety observations as well as shares their findings and lessons
• carries out regular on-site safety inspections
• ensures that all personnel possess the competencies required to safely perform their duties
• ensures that launching new services and our induction process for new personnel work as intended

Identifying occupational health and safety risks is part of our comprehensive risk management process. Risk management helps us to ensure the continuity of our business and to prevent injuries, occupational diseases, pandemic-related and other risks. Risk management also allows us to actively monitor the success of the steps that we have taken to prepare for the aforementioned kinds of risks. We work in close cooperation with our occupational health care provider to promote preventive measures against the risks. We pay special attention to safety in our own premises and those of other parties, and we are committed to complying with the safety regulations imposed by the site and the customer. Digita’s managers are responsible for the day-to-day safety and safety-related communications of their respective teams. Each employee is responsible for his or her own safety as well as for the safety of their co-workers. We have a safety observation system that we expect our employees to use to report any safety issues that they notice at work. We have also made the safety observation system accessible to our stakeholders so that they, too, can report potential issues. We have a number of indicators that we use to continuously monitor the level of safety and well-being.

Responsible management, staff involvement and cooperation with consultants are the cornerstones of our occupational health and safety system. By listening to one another and learning from each other, we can build a safer and healthier Digita together.

30.3.2023

Vesa Tykkyläinen

CEO