Privacy and Data Protection

Telenor views integrity as a competitive advantage. We realize that in order to succeed with establishment of new services and maintenance of our operations, we need confidence and trust from our customers, employees, authorities and other stakeholders.

Privacy_woman and girl

Data Privacy and protection of personal data is paramount to earn this trust. We take pride in our attempts to safeguard the integrity of the vast volumes of information we process. Even though national requirements vary throughout our operations, we strive to be transparent and informative about how we handle our customers’ and employees’ personal information.

Telenor’s position

All customer data shall be managed with utmost confidentiality, in accordance with strict standards, in order to prevent any unauthorized access or any use that is beyond what we have agreed with the customer. This responsibility also involves respecting human rights such as freedom of expression.

Read more on Telenor and human rights

Our privacy commitments apply to all of Telenor Group’s services, and to all kinds of personal data for which Telenor Group is responsible for processing – data about our customers, employees, website visitors, etc.

Personal data is any collection, alignment, storage, disclosure, transfer or other processing of information or assessments that directly or indirectly, actually or potentially, within reasonably means may be linked to identifiable natural persons.

Telenor Group will continue to improve our common internal framework for how we process personal information in all our business operations. We are committed to ensure that all our business units take action to prevent any unauthorized access to personal data, and to ensure a safe and sound development of new services and applications.

We have an ambition to contribute to the establishment of universal guidelines across the industry that address consumer concerns and foster confidence and trust among users.  Telenor has been contributing to the GSMA’s work for preparing Mobile Privacy Principles and the Privacy Design Guidelines for Mobile Application Development, and we are committed to follow these guidelines for all the development for which we are responsible. The GSMA represents the interests of nearly 800 of the world’s mobile operators and has been working on privacy challenges in the mobile sector with its members and engaging with representatives from across the ecosystem.

Through Telenor’s Brussels office, we follow developments on privacy issues in the EU, and we seek to influence, contribute and prepare for any regulation that will affect Telenor. Telenor also participates in privacy projects in GSMA, and in the ETNO data protection working group.

Privacy is strictly regulated in Europe, and is also widely discussed by governments and the industry in the countries where Telenor operates in Asia. New legislation concerning processing of data is already enacted, and will probably soon enter into force in Malaysia. In India, in May 2011, an amendment to the IT-act resulted in many of the same conditions for our Indian operation as the EU directives regarding privacy have in our European operations.

Our Privacy Principles

Telenor Group covers a wide range of services such as mobile- and fixed line telephony, broadcast-, cable- and satellite-TV, Internet services, financial services and content services.

For all services, Telenor Group only processes personal data for the purposes the data was originally collected, and only for as long as the purpose exists.

The companies in Telenor Group will ensure that:

  • persons we process data about are properly informed when their personal data is being collected
  • all persons we process information about have the right to obtain relevant information on the processing of personal data related to them
  • persons we process and store data about are able to exercise user choice and control and have appropriate rights to correct or delete their personal data
  • personal data are kept in a form which permits identification of persons for no longer than is necessary for the purposes for which the data were collected
  • transfer of personal data does not compromise an adequate level of protection
  • risk based, planned and systematic measures are undertaken to ensure satisfactory information security in connection with the processing of personal data
  • the processing of personal data is properly documented
  • appropriate training is given to relevant personnel involved in the processing of personal data

Organisation and responsibility

Telenor Group Privacy Officer is responsible for group-wide internal requirements on processing of personal data, and for annual Privacy Assessment in Telenor Group. 

The company responsible for processing of personal data is the legal entity with which you have an agreement or a customer relation.

Local Privacy Officers ensure that our companies and the employees have the necessary training in protection of personal data, provide guidance on all relevant matters and monitor proper processing of personal data.

Telenor’s Group Internal Audit is an independent, objective, assurance and advisory unit.  By disciplined and systematic approach they conduct relevant reviews.  Their evaluations are used to improve the effectiveness of the company’s risk management, control, reporting and governance processes, also regarding protection of personal data.