As a responsible operator, Tele2 IoT AB (hereinafter “Tele2 IoT”, “we” or “our”) has invested significant resources in working towards and ensuring compliance with the General Data Protection Regulation (EU) 2016/679 upon its entry into force on 25 May 2018.

Tele2 IoT considers it to be an important part of its company DNA to work proactively with regard to individuals’ rights and its obligations for collecting and processing personal information. We commit to respect the personal data of individuals in the same manner as we respect the individuals themselves, be they our employees, customers, vendors or any other party that we interact with.

In executing on our own GDPR compliance strategy and program, Tele2 IoT has the full support both from local and group management.


What we do

We have outlined important steps of Tele2 IoT’s compliance program below:

  • Compliance process run by legal but in cooperation with all relevant stakeholders, in particular operations, sales, marketing and product development.
  • Understand differences between IoT and traditional telecommunications business in order to devise GDPR strategy suited for IoT.
  • Data mapping according to plan.
  • Development and update of standards and processes of how we work with personal data for the purposes of ensuring data transparency, accuracy, accessibility, completeness, security, and consistency.
  • Implementation of privacy impact assessments in product and service development.
  • Data breach incident process designed and implemented.
  • Review of organizational and technical measures to ensure safety and integrity of data processed and stored.
  • Supplier dialogue and check.
  • Complete overhaul of applicable policies, including privacy notices and cookie policy.
  • Company wide roll-out of GDPR awareness training for all employees.

For further information please contact David Nilsson (