As a responsible operator, Tele2 IoT (hereinafter “Tele2 IoT”, “we” or “our”) is committed to ensuring compliance with the General Data Protection Regulation (the GDPR)
Tele2 IoT considers it to be an important part of its DNA to work proactively with regard to individuals’ rights and its obligations for collecting and processing personal information. We commit to respecting the personal data of individuals in the same manner as we respect individuals themselves, be they our employees, customers, vendors, or any other party with which we interact.
In executing on our own GDPR compliance strategy and program, Tele2 IoT has the full support both from local and group management.
What we do
We have outlined important steps of Tele2 IoT’s compliance program below:
- Compliance process run by legal but in cooperation with all relevant stakeholders, in particular operations, sales, marketing, and product development
- Understand differences between IoT and traditional telecommunications business in order to devise GDPR strategy suited for IoT
- Data mapping according to plan
- Development and update of standards and processes around how we work with personal data for the purposes of ensuring data transparency, accuracy, accessibility, completeness, security, and consistency
- Implementation of privacy impact assessments in product and service development
- Data breach incident process designed and implemented
- Review of organizational and technical measures to ensure safety and integrity of data processed and stored
- Supplier dialogue and check
- Complete overhaul of applicable policies, including privacy notices and cookie policy
- Company-wide rollout of GDPR awareness training for all employees.