Customer privacy

Vast amounts of data are generated when our customers use services and our networks. Customer privacy is increasingly important to manage as customer expectations increase and legislation is strengthened in the EU and elsewhere.

Strategic objective 2018 goals
  • Respect and protect the privacy of our customers.

  • We are regarded as a trusted actor in handling personal data on the customer’s terms.

  • “Privacy by design” is implemented in all relevant project management processes.

  • All employees are aware of the privacy requirements related to their work duties.

  • Clear and easy to understand information about processing personal data readily available to customers.

The challenge

It is highly challenging to establish and uphold “bullet-proof” privacy protection in increasingly sophisticated data environments and in ever-changing technical and threat landscapes. Vast amounts of data are generated when our customers use services and our networks. New ways of connecting and data-heavy business models make it difficult for individuals to retain control over how their data is collected and used. Customer privacy is increasingly important to manage as customer expectations increase and legislation is strengthened in the EU and elsewhere.

Our approach

The work is governed by the Group Policy – Customer Privacy and Group Policy – Security.

We continuously assess risks, build awareness among employees and suppliers, include privacy controls in relevant processes as well as integrate privacy safeguards into our IT infrastructure. The Group Policies – Customer Privacy and Security define principles regarding, for example, collecting, processing and retaining personal data as well as customers’ rights, and measures to safeguard the confidentiality and integrity of customers’ personal data.

We consider “privacy by design” – taking privacy requirements into account at the earliest possible stage – as one of the key principles in our efforts to ensure that customer privacy is respected. Therefore we use an impact assessment method for assessing risks, compliance and impacts on customer privacy in the project management process.

More information, including 2016 outcome on the goals, can be found in our Annual and Sustainability Report

Case: Security health check

“Security Health Check” was launched as a concept to assist countries in identifying gaps in their security measures related to protecting information such as customer personal data, and defining changes in ways of working, processes and technologies used. During 2015, this activity was completed in most of Telia Company majority owned companies, with local action plans agreed.

Security Health Check is a joint effort from technology and security to share best practices and learn about the local business environment to define the most fitting solutions for identified problems. The health check takes a practical and engaging approach: employees are encouraged to openly bring up security issues that trouble them, discuss suggestions for improvement and see how other functions across the group have solved similar problems. As a result of the open collaboration, the health check has started to create a community where employees on all levels can share their experiences.