Customer privacy

Vast amounts of data are generated when our customers use services and our networks. Customer privacy is increasingly important to manage as customer expectations increase and legislation is strengthened in the EU and elsewhere.

Ambition 2017 progress 2018 goals
  • Respect and protect our customers’ privacy
  • We are regarded as a trusted actor in handling personal data on the customer’s terms
  • Established group-wide EU General Data Protection Regulation (GDPR) compliance program and ran local projects in relevant markets
  • Carried out detailed data mapping according to GDPR requirements in core markets
  • Developed detailed legal interpretations for all key GDPR areas to ensure harmonized implementation of legal obligations across core markets

Meet the GDPR requirements to a sufficient level, including:

  • Implement sufficient “privacy by design” processes
  • Implement sufficient processes for handling users’ rights such as consent, objections and right to access
  • Provide user-friendly means to ensure users have control of how personal data is processed
  • Provide clear and easy to understand information about processing of personal data

Challenges

It is highly challenging to establish and uphold bullet-proof privacy protection in increasingly sophisticated data environments and in ever-changing technical and threat landscapes. New ways of connecting and using data makes it difficult for individuals to retain control over how their data is collected and used. It is vital to not only understand and meet legal requirements but also understand and manage expectations regarding the ethical use of customer data. 

Our approach

This focus area is governed by the Group Policy – Customer Privacy.

We continuously assess risks, build awareness among employees and suppliers, include privacy controls in relevant processes as well as integrate privacy safeguards into our IT infrastructure. Policies define principles regarding, for example, collecting, processing and retaining personal data as well as customers’ rights, and measures to safeguard the confidentiality and integrity of customers’ personal data. “Privacy by design” – taking privacy requirements into account at the earliest possible stage – is one of the key principles in our efforts to ensure that customer privacy is respected.

EU General Data Protection Regulation (GDPR) compliance governance is handled within a program that addresses all aspects of GDPR. The program covers core markets as well as group functions. 

More information can be found in our Annual and Sustainability Report