At Telefónica, we provide privacy information in an accessible, simple and easy-to-read way. In order to make it easy for people to understand how we collect, use, share and protect their data.


In this section you can learn about our governance model regarding the management of Personal Data Protection, whose guidelines are designed to ensure that sufficient resources and measures are in place to manage and protect personal data correctly.

Binding Corporate Rules (BCRs)

The Binding Corporate Rules (BCRs) represent an adequate guarantee for the international transfer of personal data between companies of the same group, enabling the international transfer of data from Telefónica Group companies located in the European Economic Area to Telefónica Group companies established outside the European Economic Area.

Global Privacy Policy

The Group’s Global Privacy Policy is the benchmark for Telefónica’s commitment in this area. In order to provide the most efficient allocation and distribution of resources and roles, the Personal Data Protection Governance Model acts as the basic standard for ensuring the privacy of the data managed in the Telefónica Group.

Privacy by Design

Telefónica embraces the principles of privacy by design and active responsibility in the development of its products and services so that, from their initial conception, they incorporate the applicable data protection requirements.

Privacy in the supply chain – Supplier engagement

One of the Telefónica Group’s main aims is to ensure that all its suppliers, when they access personal data in the provision of their services, can only process it in accordance with our instructions. In all cases, the necessary technical and organisational security measures are adopted in compliance with the applicable regulations.

Each Data Controller will give priority to the choice of those suppliers acting as Data Processors when they guarantee compliance with the data protection legislation applicable to the processing assigned to them.

The following information is being distributed in phases to suppliers who access personal data under the responsibility of Telefónica

Training and Awareness

Knowledge and compliance with applicable legal regulations, as well as compliance with the Group’s internal regulations, is particularly important for Telefónica. The aim is to comply with and improve the required standards in relation to privacy and personal data protection.

This process includes the deployment of a culture of awareness of privacy regulations and their principles to all those involved in the processing of personal data, from employees to third parties or suppliers.

Telefónica Centenary logo Celebrate with us the Telefónica Centenary