Privacy

This Policy establishes the general guidelines that Telefónica, as leading company in the industry, and in the development of standards of trust in its commercial relations, must progressively implement not only with a view to compliance of the legal provisions in force in each jurisdiction, but also to set a common general approach for the entire Group in terms of privacy.

In addition, we also approved the Governance Model Rule on Personal Data Protection. This model develops the strategic, organizational and operational framework for the different actions in the area of data protection and encompass the most important aspects to be taken into account for the proper management and protection of personal data.

At Telefónica, the Data Protection Officer of the Telefónica Group is in charge of the Governance Model of Data Protection within the Group and reports directly to the Board of Directors. The DPO leads the Global DPO Office, which performs the functions regulated in article 39 of the General Data Protection Regulations (GDPR), focusing on (a) the design and coordination of the privacy compliance program at the global and corporate levels, in accordance with the corresponding risk analyses, and without prejudice to the specialties of each company and jurisdiction; and (b) the supervision of the implementation of said program. Data subjects may contact the Data Protection Officer (DPO) at the following e-mail address: DPO_telefonicasa@telefonica.com

The Regulation (EU) 2016/679 (General Data Protection Regulation) of the European Parliament and of the Council of of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) forces us to facilitate information about our personal data treatment in European Economic Area. If you want to know more about privacy policy and the exercise your rights in our business units in Germany, Spain and UK you can Access following links:

• Germany
• Spain
• United Kingdom

In cases of security breaches of personal data involving risk to the rights of individuals, the Company will take the necessary measures to remedy the situation and mitigate the possible negative effects that such breach may have caused. Likewise, it will notify customers and the respective competent authority when so required by the applicable data protection regulations.

On the other hand, just as we integrate in our policies and procedures the respect to privacy, we also take into account freedom of expression. Both human rights are often in connection and become relevant in the online world.

As a further step towards transparency, Telefónica has published a report on the requirements we received from the corresponding authorities, covering all countries in which we operates.

In all of these cases, we implement a strict procedure which simultaneously guarantees compliance with our obligations regarding collaboration with the department of justice and the protection of the fundamental rights of the affected parties.

As part of our commitment to Privacy and Freedom of Expression, at Telefónica we do not prioritize, block, or delay certain types of traffic, applications, protocols, or content for reasons assuring quality of service and reliability of the network.

As testament to our commitment to net neutrality as well as to privacy, freedom of expression/information and non-discrimination, we consider the topics of zero-rating, targeted advertising and artificial intelligence/big data in our human rights impact assessments in order to identify and address potential impacts on our customers in relation the issues mentioned above.