Here is an overview of our frequently asked questions related to privacy.

Telenor’s privacy position 

What is Telenor’s position on personal data privacy?
We put our customers’ need and expectations first when considering using their data. We take pride in protecting our customers’ privacy and we are committed to earning our customers’ trust by demonstrating accountability and a fundamental respect of their privacy. We strive to be as transparent as possible about the people, policies, and processes we have in place to protect privacy. We are committed to only using our customers’ personal information if we think it will benefit our customers directly.  Overall that means that we’ll use data to provide better and more relevant services to our customers.
Is it the same across all your local operations?
Telenor’s position on Privacy applies to all our operations across our 13 markets.

Policy 

Does your company have a privacy policy? Is there board level oversight and/or commitment to privacy?
Yes, the Telenor Code of Conduct, which applies to all employees across the Telenor Group clearly states that we shall respect privacy and rights of each individual we interact with during the course of work. This high level guidance is further supported by company policies and manuals on Privacy.

Privacy Statement and terms and conditions 

Is there a common Privacy statement for the whole Telenor Group or are there local terms and conditions?
Telenor has on Group Privacy notice: link. However, local terms and conditions may apply to specific local services. Our new Global Privacy Notice will be implemented locally during the course of 2015.

Training 

Does the company provide regular training for relevant employees on privacy and Lawful interception/freedom of expression related issues?
Yes, this can be both targeted towards an individual business unit or as part of Group-wide training programs or workshops.

Privacy officer/ executive responsibility 

Is there a privacy officer/network/managerial responsibility?
Yes, there is a network of Privacy officers. On Group Level, our General Counsel and Executive Vice President, Pål Wien Espen, is the owner of the Group Privacy Policy. Our Group Privacy Officer reports to him. Our Group Privacy Officer is Nicholai Pfeiffer. In addition to our Group Privacy Officer, more than 30 Local Privacy Officers are appointed in our affiliated companies.
What is the responsibility of the Group/Local Privacy Officer?
Our Group Privacy Officer is responsible for defining the group-wide internal requirements on processing of personal data, and for an annual Privacy Assessment in Telenor Group. Our Local Privacy Officers ensure that our local operations and the employees have the necessary training in protection of personal data, provide guidance on all relevant matters and monitor proper processing of personal data.

Reporting 

Is there an internal/external process of reporting on privacy and security/freedom of expression issues?
Yes, we have requirements on internal reporting on both privacy, security and freedom of expression issues in our company policies. There are no requirements in our company policies to report externally – except for legal requirements to report to national data protection authorities in case of data breaches.

‘Privacy by design’ 

Are you using “Privacy by design” for the development of new products?
Telenor supports and endorses “Privacy by Design” (PbD). We strive to develop new products and services based on the principles.

Data sharing with governments 

Does the company disclose what customer/user information may be shared with which government entities and why? Does this disclosure include metadata?
Currently Telenor does not disclose information on what customer/user information may be shared with which government entities, but Telenor is currently revisiting whether it is possible to me for transparent on this.

Data sharing with third parties 

Does the company share data with third parties, and what security measures are you taking to maintain the customer’s privacy?
We will only share data with 3rd parties, if it is necessary to provide our customers with our services or if our customer has given us his permission. Also in some situation we may be compelled to share our customer’s information with law enforcement agencies. However, in these situations we will always make sure that there is a legal basis for the authority request for information.

Privacy Audits 

Does the company undertake Privacy audits?
Telenor’s Group Internal Audit is an independent, objective, assurance and advisory unit.  By disciplined and systematic approach they conduct relevant reviews.  Their evaluations are used to improve the effectiveness of the company’s risk management, control, reporting and governance processes, also regarding protection of personal data.

Data collection and retention 

Does the company disclose what PII (Personally Identifiable Information) about the user is collected, why and how long PII about the user is retained?
Telenor is a strong advocate for transparency towards customers on the collection, use and retention of data.Our Group Privacy Notice is available here: [link to “Understanding our Privacy Position”]. The Group Privacy Notice will be implemented locally during the course of 2015.
Does the company allow users to opt in or out of the collection of PII not essential to providing the company’s core services?
Currently, the services Telenor offers are not extremely advanced when it comes to the use of customer data. As such the collection of data is typically closely linked to the delivering of the service. Consequently it is not possible to opt out of data sharing and still use our services. But Telenor supports the principles of Privacy by Design and has the ambition to implement this approach into our service design going forward.

Risk Focus 

Are there operational areas/geographical areas that are a primary focus/challenge for your business?
The main focus is the differences in regulation across the Asian and European jurisdiction. We do however see some of the Asian markets developing their privacy regulation quite considerably. As such we don’t see major challenges in navigating these different markets.

Cooperating with Law Enforcement and Authorities 

How does Telenor handle authority requests to access personal data and other law enforcements?
Authorities access to data and networks continues to be an issue we focus on. We believe this will remain a main challenge in the years to come. You may find more information on this and other law enforcements here: https://www.telenor.com/sustainability/responsible-business/human-rights/mitigate/

Human rights and freedom of expression 

How does Telenor work on Privacy and freedom of expression in a Human rights perspective?
In March 2013 Telenor together with other major telecom operators and vendors launched the Telecommunications Industry Dialogue on Freedom of Expression and Privacy, a two-year collaboration with the Global Network Initiative (GNI) and a set of ten Guiding Principles. For more information, use this link: https://www.telenor.com/sustainability/responsible-business/human-rights/mitigate/telenors-status-on-industry-dialogue-guiding-principles/