Our approach.

Customers’ and stakeholders’ trust is important for Telia Company. We want everyone who shares their personal data with us to feel secure that their data is used according to their expectations.

As soon as the General Data Protection Regulation (GDPR ), the EU legislation governing how personal data should be handled, entered into force in 2016, Telia Company started its group-wide GDPR program. Since numerous principles of GDPR already existed under the old Data Protection Directive, we were able to build on previous experience and best practices while implementing new GDPR principles. 

In case you have any questions about the way Telia Company takes care of your privacy or how to exercise your rights, our Data Protection Officers (DPOs) will be happy to assist with your questions.

Responsibilities of DPOs

The main task of DPOs is to facilitate Telia Company’s and its’ subsidiaries compliance with GDPR obligations across the relevant markets. DPOs continuously monitor privacy compliance internally and communicate on privacy matters, GDPR and local data protection provisions.

We have designed different tools and processes to ensure that we work in a correct manner with personal data across the company. These tools and processes are used and monitored by DPOs to both verify compliance as well as to continuously ensure effective and legitimate ways of working with privacy and data processing and to improve our practices.

Telia Company has carried out privacy training for our employees for several years. DPOs continue to facilitate privacy-awareness inside the company and continuously improve training materials to fulfil the GDPR needs as interpreted today and tomorrow. All Telia Company employees receive privacy training.

Privacy and data protection is a focus area for Telia Company and it is therefore governed by a Group Policy; Customer Privacy Policy.

Data Privacy Officers

If you have any Telia Company privacy questions please  email To provide you with quick and adequate assistance please specify what your matter concern as well as what country or countries your question cover.


What is GDPR?

GDPR is an abbreviation of General Data Protection Regulation. It regulates rights connected with personal data, i.e. all individuals have control of their own personal data in all relations with companies, regardless if they are a customer or an employee. GDPR is an EU regulation, which means that it will directly apply in all EU countries as of 25 May 2018 and in due course also in EEA countries. It covers Telia Company’s footprint in the Nordics and Baltics. There may be some local variations, for example, on employee data processing, public health, public sector, archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, etc.

What is personal data?

It is all information that could identify an individual directly or indirectly, for instance:

  • name, address, age, gender and position
  • location
  • social security number
  • IP address
  • telephone number
  • subscription details
  • traffic data (technical data generated when an individual uses telecommunication services)

What has Telia Company done to be compliant with GDPR?

Since early 2016 we’ve been working on carrying out needed changes. Today a Telia Company GDPR Program coordinates and controls the full scope to ensure our customers’ and employees’ rights.
There are also local projects running in all countries as well as in all group units. We have been reviewing our internal processes, privacy policies and security measures, training our staff, as well as making necessary changes in our IT systems to enable our customers to be in control of their personal data, for example, to access or delete certain data on request.
We work on implementing privacy by design in all our products and services and making sure that we are transparent to our customers and employees about how we use their personal data.
This work does not stop on 25 May 2018. We will continue to grow a privacy orientated mindset in all our future activities, to make sure that we are the most trusted partner to our customers in the Nordics and Baltics.

What will GDPR mean for Telia Company’s customers, both B2C and B2B?

The new regulation strengthens individuals’ rights to control their own data.

GDPR allows our customers and end users to

  • access their personal data processed by Telia Company
  • correct personal data (if faulty)
  • delete personal data under certain conditions (right to be forgotten)
  • restrict and object certain processing of personal data (under certain conditions)
  • have certain data transmitted to another company (data portability)
  • receive compensation for the damage suffered as result of an infringement of the regulation
  • receive privacy information and information on serious data breaches

Our customers may have been asked to give new consents for us to continue to process their personal data for certain purposes. We have also updated and provided more detailed privacy information, first, in our websites and My Telia pages. We continue working to provide high level of transparency to our customers and easy ways to implement their rights as data subjects. Privacy will be embedded in all our products and services that we provide to our customers and end-users.

Telia Company Privacy Policy

The Telia Company customer privacy policy is to strengthen processes for careful protection of customer privacy and network integrity. The primary objective is to ensure that customers feel confident that Telia Company respects and safeguards their privacy. We expect every Telia Company employee to follow the policy in day-to-day operations as our way of conducting the business.

Group Policy - Customer privacy

Related material

Read the article about Telia Company and GDPR

To the article