Global Privacy Policy

Telefónica's 'Global Privacy Policy' ensures clear data management guidelines, emphasising lawful processing, transparency, stakeholder rights, limited retention, and stringent security measures.

28/09/2018

The ‘Global Privacy Policy‘ articulates our steadfast commitment to the protection of personal data and privacy. The policy is a set of commitments and obligations assumed by the Telefónica Group with the aim of safeguarding our customers’ data. It covers a multitude of areas, from consent mechanisms to international data transfers. It also aims to provide clarity on how we manage and protect personal information.

The objectives of our Global Privacy Policy

This Policy aims to address the evolving role of electronic communications in society and its impact on data use. The policy aims to uphold the fundamental right to data protection, guided by the company’s Responsible Business Principles. It outlines a unified approach for the entire Telefónica Group, adaptable for specific needs, and emphasises the importance of governance for effective implementation. While focused on individual data, the policy also extends to legal entities.

Principles of our Global Privacy Policy

In the processing of personal information, the Telefónica Group will adopt actions aimed at protecting the following basic principles:

  • Principle of Legality: Telefónica commits to lawful and fair processing of personal data, adhering to all relevant legal frameworks. Consent from data subjects is secured, and data is collected only for legitimate purposes.
  • Principle of Transparency: The policy provides data subjects with easily accessible and understandable information about the types of data collected, how it’s collected, and its intended use.
  • Principle of Commitment to Stakeholders’ Rights: Telefónica offers clear mechanisms for data subjects to exercise their legal rights, such as access, rectification, and deletion. The company commits to responding to requests and complaints promptly, in line with applicable regulations.
  • Principle of Limitation of the Conservation Period: In accordance with jurisdiction-specific legislation, Telefónica does not retain data longer than is legally permitted.
  • Principle of Security: Telefónica applies robust technical and organisational measures to ensure data security. In the event of any security compromise, the company takes swift and responsible action. The policy also emphasises the need for special diligence in high-risk data processing situations.

Under our Global Privacy Policy, Telefónica commits to providing data subjects with clear and transparent information about how their personal data is used and stored.

International transfer of information

In accordance with our Global Privacy Policy, Telefónica may transfer data subjects’ information. This could be done internationally to both group companies and third parties, in compliance with relevant local and international laws. The company ensures the protection of data subjects’ rights during these transfers, adhering to both internal security standards and applicable legislation. In addition, Telefónica is developing Binding Corporate Rules (BCR) to further secure data transfers within the Group.

Privacy of minors, in the supply chain & by design

Telefónica commits to safeguarding the privacy rights of minors. Ensuring the protection of their personal data, and promoting responsible technology use. In relation to the supply chain, Telefónica mandates that suppliers with access to personal data must process it securely and in compliance with applicable laws and internal regulations.

The company also embraces the principles of ‘Privacy by Design,’ incorporating data protection requirements into the initial conception of its products and services. This approach ensures compliance with data protection legislation and aligns with the company’s broader commitment to responsible data management.

Requests by competent authorities

In accordance with national laws, Telefónica may need to provide specific customer or user information to competent authorities. To balance this, the company employs a rigorous global procedure that ensures both compliance with legal obligations and the protection of individual privacy and freedom of expression. Telefónica commits to periodically disclosing the volume and nature of such requests from authorities in its operating countries.

Organisation and responsibilities

In order to guarantee the rights, in terms of data protection of Data Subjects and companies, with which the Telefónica Group relates, as well as the compliance with the applicable laws and this Global Privacy Policy, it is important each operating business dedicates the appropriate resources to the implementation of this policy. The Telefónica Group has established the appropriate organisational framework.

We invite you to read more about the Global Privacy Policy at the following link:


Communication

Contact our communication department or requests additional material.