GDPR and Telia Company
The European Union’s General Data Protection Regulation (GDPR) which sets a new standard for how personal data may be processed, will be applied as of 25 May 2018. Telia Company is prepared for GDPR and is implementing measures ensuring the company complies with the new regulation. “All of our employees receive GDPR training and we will follow new ways of working in order to fulfill GDPR requirements. We are renegotiating contracts with suppliers and partners to secure compliance with GDPR, as well as carrying out many other measures”, says Hele Jonsson, Group Chief Privacy Officer at Telia Company.
The purpose of the new EU regulation is to strengthen the individual’s privacy rights by ensuring more control of personal data such as rights to: access to personal data, correct incorrect personal data, delete certain personal data, have certain data transmitted to another company, object to processing of certain personal data and to restrict processing of personal data.
Personal data is data that can identify an individual directly or indirectly, for instance name, address, age, gender, position, location, social security number, IP address, telephone number and traffic data.
Telia Company’s GDPR program covers its majority owned European subsidiaries and will affect the entire European business, for instance the interaction with customers and the design of offers and applications.
Preparations have been ongoing in Telia Company well before GDPR was approved by the EU in April 2016 since the company takes privacy compliance very seriously. “It is a challenge for an organisation such as Telia Company with a vast number of customer relations, a cross-border organization and a larger number of systems. But I’m positive to our progress at this point of time. Compliance with GDPR is very important for us to meet customers’ expectations and stay a steady and trustworthy business partner,” says Hele Jonsson, Group Chief Privacy Officer at Telia Company.
All Telia Company employees receive customer privacy and GDRP-training, selected resources also receive additional training. The company has for years had a robust process for handling traffic data breaches. Now that process is updated to cover all potential data breaches. Telia Company has also established additional security controls to systems that process personal data to ensure that it is protected.