The telecommunications sector is also heavily regulated, either through various kinds of legislation or operating licenses, in all the countries where Telenor is present.
We are committed to creating and maintaining secure and privacy-friendly services that you can use without having to worry about having your integrity and personal sphere compromised. This is a basic human right.
What rules apply?
The Code of Conduct is the foundation of our corporate culture and sets out high standards of integrity on how we do business. Everyone in Telenor must follow these standards. The Code Principles set out the core requirements for our conduct in Telenor, and it applies to all employees and everyone acting on behalf of Telenor, including the Board of Directors. The Code has specific requirements and guidance also in the area of privacy, including on legitimate access and sharing of personal data, transparency about personal data processing and security.
Among the requirements are:
- The formal allocation of responsibility and resources for privacy management
- Implementation of effective internal controls that verify the privacy compliance,
- Maintenance of up-to-date processing activity inventories and documentation of legal basis for processing activities
- Transparency towards data subjects
- Performance of privacy impact assessments for high-risk processing activities
- Maintaining an overview of cross-border transfers and their legal basis
- Third party privacy management
- Provision of general and role-based privacy training to employees
- Detection, prevention and mitigation of privacy incidents
How do we ensure compliance?
Firstly, all managers throughout Telenor are accountable for the privacy compliance of their operations. We have implemented general and mandatory privacy training for all Telenor employees, and those that work more directly with personal data are also provided with more role-based training.
We also have an active community of excellent privacy professionals that share experiences and support each other on difficult tasks. Each subsidiary has a dedicated Data Protection Officer that advises and supports the business to ensure we maintain a high standard on privacy. The bigger companies also have larger teams of privacy advisors and coordinators. The Data Protection Officers are tasked to monitor privacy compliance and report on any issues so they may be managed.
In addition to the monitoring conducted by our Group Privacy Compliance team, Telenor also has a Group Internal Audit team that performs privacy audits in our subsidiaries on a regular basis. The Group Internal Audit team is an independent function that reports directly to the Telenor Group Board of Directors.
Where can you find out more about how we process your personal data?
Because we operate in several jurisdictions and have different services on offer in our various subsidiaries, you will need to consult the website of the Telenor company where you are a customer in order to get more detailed information about the processing activities they perform using your personal data. All of Telenor’s subsidiaries have their own privacy notices posted on their websites, and you will also find local contact information there should you have any further questions or inquiries.