Vast amounts of data are generated when our customers use services and our networks. Customer privacy is increasingly important to manage as customer expectations increase and legislation is strengthened in the EU and elsewhere.
|Ambition||2017 progress||2018 goals|
Respect and protect our customers’ privacy
We are regarded as a trusted actor in handling personal data on the customer’s terms
Established group-wide EU General Data Protection Regulation (GDPR) compliance program and ran local projects in relevant markets
Carried out detailed data mapping according to GDPR requirements in core markets
Developed detailed legal interpretations for all key GDPR areas to ensure harmonized implementation of legal obligations across core markets
Meet the GDPR requirements to a sufficient level, including:
It is highly challenging to establish and uphold bullet-proof privacy protection in increasingly sophisticated data environments and in ever-changing technical and threat landscapes. New ways of connecting and using data makes it difficult for individuals to retain control over how their data is collected and used. It is vital to not only understand and meet legal requirements but also understand and manage expectations regarding the ethical use of customer data.
This focus area is governed by the Group Policy – Customer Privacy.
We continuously assess risks, build awareness among employees and suppliers, include privacy controls in relevant processes as well as integrate privacy safeguards into our IT infrastructure. Policies define principles regarding, for example, collecting, processing and retaining personal data as well as customers’ rights, and measures to safeguard the confidentiality and integrity of customers’ personal data. “Privacy by design” – taking privacy requirements into account at the earliest possible stage – is one of the key principles in our efforts to ensure that customer privacy is respected.
EU General Data Protection Regulation (GDPR) compliance governance is handled within a program that addresses all aspects of GDPR. The program covers core markets as well as group functions.
More information can be found in our Annual and Sustainability Report