Privacy Policy

The Tele2 IoT Privacy Policy

Tele2 IoT (hereinafter “Tele2 IoT”) values your privacy and personal data and works with appropriate technical and organizational security measures to ensure that your personal data is handled fairly, lawfully, and with transparency. We therefore have implemented this policy informing on how your personal data will be processed and protected.  

This privacy policy is applicable to all business partners and customers, including current, former, and potential business partners/customers, as well as visitors to our official website and other digital channels we operate.  

If you submit personal data relating to other people, to us, or to service providers we work with through or in connection with our digital channels, you are responsible to forward the relevant part of this policy to them.  

What is personal data?

Personal data is any kind of information that can be directly or indirectly linked to you, for example your name, e-mail address, telephone number, IP address, etc. 

Who is responsible for processing your personal data?

Tele2 Sverige AB, Torshamnsgatan 17, 164 40 Kista, Sweden, (hereinafter “we” “us” or “Tele2”) is responsible (controller) of your personal data under the General Data Protection Regulation (the GDPR). 

When can Tele2 process your personal data?  

Tele2 is not allowed to collect, process, use, or store personal data without a valid lawful basis. Lawfulness may be derived from one of the following bases:  

Fulfilment of contract: When processing personal data is necessary for fulfilment of a contract and to fulfil any obligations derived from that contract 

Legitimate interest: When personal data processing is necessary for Tele2’s legitimate interests and when these interests do not outweigh your rights and interests  

Legal obligation: Whenever the processing of your personal data is necessary for Tele2 to fulfil our legal obligations 

Consent: When you give us your consent, we will process your personal data for the specific purpose to which you have consented 

For each specific purpose of processing of personal data listed below, we will inform you which of the above lawful basis apply. 

How do we process your personal data and why?  

We will process your personal data for the following purposes: 

Business Relations 

Purpose of processing

  • To manage existing business relations, including communication, procurement, contract signing, and financial transactions. 
  • To fulfil the purpose of a contract and provide business partners with access to IoT services and products. 
  • To evaluate potential business partners, collaborations, and partnerships.  
  • To handle any legal issues or disputes. 

Personal data type

  • Contact details, such as name, email, phone number 
  • Work related information, such as work role/title 
  • Username 
  • Publicly available social media information 
  • Date of birth 
  • Nationality 
  • Photo, audio, video 

Lawful basis: When concluding a contract, Tele2 IoT will process personal data necessary to fulfil any obligations derived from that contract. The lawful basis for processing is “fulfilment of contract”.  
All other purposes mentioned above are based on Tele2 IoT’s legitimate interest as a business.

Storage time: Tele2 IoT will process your personal data no longer than necessary for fulfilling the purposes of procurement and business partnership, perform any contractual duties and to handle potential legal claims or fulfil any legal obligations. 

Media and Communication

Purpose of processing

  • To be able to create media content such as articles, interviews, videos, or audio material for any digital channels, if you appear in such content. We also may use personal data to prepare or facilitate follow up on interviews and media coverage. 
  • To manage different types of media and press events. Some events may be recorded and transcribed. 

Personal data type

  • Contact details such as name, e-mail, phone number 
  • Work related information, such as work role/title 
  • Photo, video and audio recordings 

Lawful basis: Processing of your personal data for media and communication purposes are based on our legitimate interest as a business.  

Storage time: Tele2 IoT will process your personal data no longer than necessary for fulfilling the purposes of media and communication.

Marketing and Promotions 

Purpose of processing

  • To generate and distribute marketing materials and content, such as newsletters and whitepapers. 
  • To provide you with a personalized online experience, such as recommendations, customized services, event invitations, and relevant advertising based on your interests.  

Personal data type

  • Contact information such as name, e-mail, phone number 
  • Role/Title 
  • Country 
  • IP-address 
  • Device id 
  • Account id 
  • Engagement history 
  • Campaign history 

Additional information: When you use our digital channels, you may share information on social media, through an implemented social plug-in. If you choose to share information via a social plug-in, your browser will transfer the following personal data to the social media provider: 

  • Date and time of your visit 
  • URL for the address you are temporarily visiting 
  • IP address 
  • The information for which you have used this specific plug-in 

With respect to such information, we refer to the terms and conditions for the relevant social media provider (we have no influence over the information that the social media providers collect using plug-ins). You can block social plug-ins in your browser settings. 

Advertising partners: We use advertising partners to make our marketing effective and we work with companies that provide solutions for search engines, social media and ad network providers (“Ad Partners”). We cooperate with advertising partners such as Meta and LinkedIn for advertising in social networks and with Google for online advertising and search engine advertising. 

These advertising partners use information that we provide and that is collected through cookies and other tracking technologies. Ads you see may be random, but also personalized based on your interactions with us through analysis of your customer behaviour on our websites, such as click and browsing history. Through this, we can suggest products and services in advertisements that we think you may be interested in also on other websites and in social media. This is called retargeting and remarketing. Through retargeting, we can, for example, carry out advertising campaigns that are relevant to you, carry out segment analysis and measure the effectiveness, results and reach of the advertising material. 

Our advertising partners use cookies and similar technologies to track your use of our websites and services by accessing data stored on your device or in apps. This enables us to identify and communicate with the right audience and show you relevant content when you visit websites, apps and social media. 

We may combine information that we received from you when you, for example made a purchase with us (for example, email address) with other information compiled via cookies and other tracking technologies (for example, IP address and device ID). We do this to select content that matches your interests and improve our interaction with our customers and includes analyzing customer behaviour and creating user profiles and segments. Advertising partners match this information with their own user profiles. If a match is found, relevant advertising content is displayed on the advertising partner’s platform, such as in your social media feed and in your search engine. If there is no match, your data will be securely destroyed. Your personal data is handled securely using a cryptographic security method known as hashing. This means that your data is encrypted in such a way that it cannot be read by anyone other than the recipient for the purpose expressly stated. 

Each advertising partner is responsible for personal data for its own part of the processing, including any transfer of personal data to countries outside the EEA. If you want more information about how advertisers use your data, we recommend that you read the respective advertiser’s privacy policy. 

Lawful basis: We will obtain your consent regarding marketing activities that are based on cookie data. We will also ask for your consent to send marketing e-mails to you. For all other activities mentioned above we rely on our legitimate interest to promote our marketing to you.

Storage time: We will process your data no longer than necessary to be able to fulfil the purposes mentioned above. 

IT and Security

Purpose of processing

  • To manage, register and resolve IT and information security incidents.  
  • To investigate a breach or non-compliance with regulations or Tele2 IoT’s policies or requirements or in the event of whistleblowing. 
  • To prevent, limit, and investigate various types of abuse of our policies, regulations and digital channels, such as false profiles, spamming, harassment, attempts to log into other users’ accounts, as well as other unlawful behaviour.

Personal data type

  • Contact information, such as name, email, phone number 
  • Work information, such as role 
  • IP number 
  • Information provided to us in an incident report 

Lawful basis: Processing of your personal data for IT and Security purposes are based on our legitimate interest as a business. 

Storage time: Tele2 IoT will process your personal data no longer than necessary for fulfilling the purposes listed above. 

Compliance with laws 

Purpose of processing

  • To comply with local legal obligations, such as tax, accounting, bookkeeping we may need to process personal data 

Personal data type

  • Stipulated by applicable law. 

Lawful basis: The processing of personal data for the purposes of compliance with laws is necessary to Tele2 IoT to fulfil our legal obligations of the country of operation. 

Storage time: The storage time will vary depending on the purpose, context and specific local legal requirements. 

Support 

Purpose of processing

  • To manage your questions and to provide technical support as well as to improve customer experience. 
  • To contact you if needed through email, social media, or any other means in response to your enquiries regarding order and delivery questions or to request your participation in a customer survey.  

Personal data type

  • Contact information such as name, e-mail, phone number 
  • User generated content such as emails and chat transcripts 
  • Transaction data, such as order, payment and delivery information 

To support training and development of our staff, we may occasionally co-listen your calls when you are in contact with our customer.

Lawful basis: The processing of personal data to provide you with support is based on our legitimate interest.  

Storage time: We will keep your data for as long as we need to be able to support you regarding your case and, to be able to handle potential legal claims. We may continue to keep and use your data if we have outstanding obligations to you or by any other reasons are prevented from erasure.

Competitions and Events 

Purpose of processing

  • To administrate and follow up on competitions and events, such as confirming participation, prize deliveries, reach out to you with relevant information about the competition or event and grant you access to the event venue. 
  • To market our events and improve our marketing and attendee experience. 

Personal data type

  • Contact information such as name, e-mail, phone number 
  • Information submitted in the applicable contest 

We sometimes film and photograph during an event and the content may be used for commercial and/or internal purposes. You will be notified if we intend to photograph or film during an event and there will always be photo free zones for your convenience.

Lawful basis: The processing of personal data to be able to provide you with competitions and events is based on our legitimate interest.  

Storage time: We will keep your data for as long as we need to be able to fulfil the purposes mentioned above and to fulfil any legal obligations connected 

Development and Improvement 

Purpose of processing

  • To evaluate, develop, and improve our products and services, including supply chain. This includes analysis to provide you with more user-friendly services. 
  • To analyze and improve our marketing and offers, including market trends. 
  • To contact you to garner response to enquiries and surveys. In such cases, any personal data used and obtained from you will only be used for the specific purposes listed in the section above.  

Personal data type

  • Contact information such as name, e-mail, phone number 
  • Delivery and procurement details, including history 
  • User generated data (click and browsing history) 
  • we may obtain information about you from external sources, such as public databases, joint marketing partners, social media platforms, as well as from other third parties. 

Lawful basis: The processing of personal data for the purposes of development and improvement is based on our legitimate interest.  

Storage time: We will process your data no longer than necessary to be able to fulfil the purposes mentioned above. 

Where do we store your data?  

The data that we collect from you is stored within the European Economic Area (“EEA”) but may also be transferred to and processed in a country outside of the EEA. Any such transfer of your personal data will be carried out in compliance with applicable laws.  

For transfers outside the EEA, Tele2 will use Standard Contractual Clauses and supplementary safety measures as safeguards for countries without adequacy decision from the European Commission.  

How does Tele2 IoT secure personal data? 

We have implemented organizational, technical, and administrative measures to protect personal data within our organization, including security controls to prevent unauthorized access to our systems.  

Who do we share your personal data with?  

Your personal data is available and accessible only by those who need the data to accomplish the intended processing purpose.  

We reserve the right to transfer any personal data we have about you in the event that we merge with or are acquired by a third party, undergo other business transactions such as a reorganization, or should any such transaction be proposed.  

Companies that process personal data on our behalf 

Whenever necessary to fulfil the intended processing purpose we share your personal information with companies that act as so-called personal data processors. A personal data processor is a company that processes the information on our behalf and according to our instructions. We have written agreements with all personal data processors through which they guarantee the security of the personal data processed.  

We have personal data processors who help us with:  

  • Logistics (postal services, logistics and shipping suppliers).  
  • Customer service (externally operated call centres)  
  • Order fulfilment and payment processing (banks and other payment service providers).  
  • Ads & Promotions (print and distribution, social media platforms, media agencies or advertising agencies, data analytics companies).
  • Customer events (e.g., PR agencies).
  • IT services (companies that handle necessary operations, technical support, maintenance of our IT solutions and other IT services and solutions). 
  • Security & Safety (companies that help us detect and prevent potential fraud and thefts).  
  • Insurance companies for claim handling 

Companies that are independently responsible for personal data

We may also share your personal data with third parties that are independently responsible for processing your personal data.  

When your personal data is shared with a party that is independently responsible for personal data, that organization’s privacy policy and personal data management apply instead of Tele2’s. 

Independent personal data controllers with whom we may share your personal data are:  

  • Companies that handle general goods transport (logistics companies and freight forwarders). 
  • Companies that offer payment solutions (card redeeming companies, banks and other payment service providers).
  • Social media platforms that you interact with.  
  • Public authorities (the police, tax agencies or other authorities) if we are obliged to do so by law or in case of suspicion of crime. 

What are your rights?  

Data protection is a fundamental right, and you have several rights in accordance with the GDPR. These rights are: 

Right to access: You have the right to request information about the personal data we hold on you at any time.  

Right to portability: Whenever Tele2 process your personal data by automated means based on your consent or based on an agreement, you have the right to get a copy of your data in a structured, commonly used, and machine-readable format transferred to you or to another party. This only includes the personal data you have submitted to us.  

Right to rectification: You have the right to request rectification of your personal data if they are incorrect, including the right to have incomplete personal data completed.  

Right to erasure: You have the right to erase any personal data processed by Tele2 at any time except when Tele2 needs to keep it to comply with a legal obligation, for the establishment, exercise, or defense of legal claims. 

Right to object to processing based on Tele2’s legitimate interest: You have the right to object to processing of your personal data that is based on Tele2’s legitimate interest. We will not continue to process the personal data unless we can demonstrate a legitimate ground for the process which overrides your interest and rights or due to legal claims.  

Right to restriction: You have the right to request that Tele2 restricts the process of your personal data under the following circumstances: 

  • if you object to a processing based Tele2’s legitimate interest, Tele2 shall restrict all processing of such data pending the verification of the legitimate interest.  
  • if you have claim that your personal data is incorrect, Tele2 must restrict all processing of such data pending the verification of the accuracy of the personal data.  
  • if the processing is unlawful, you can oppose the erasure of personal data and instead request the restriction of the use of your personal data. 
  • if Tele2 no longer needs the personal data but it is required for you to make of defending legal claims.  

How can you exercise your rights?  

You can send in your request via email at info@tele2iot.com, please write “Privacy Request” in the subject header. 

If you consider Tele2 to process your personal data in an incorrect way, we expect you to contact us immediately. First, check whether you can use any of your rights according to above, e.g. such as the right to rectification or erasure.  

If you have comments about how we handle your personal data and rights, you can contact our Data Protection Officer at dposweden@tele2.com, and we will investigate your complaint. 

You also have the right to turn in a complaint to the competent supervisory authority, Integritetsskyddsmyndigheten/Swedish Authority for Privacy Protection by e-mail: imy@imy.se  

Updates to this Privacy Notice

We may need to update this Privacy Notice. We will communicate any material changes.  

Latest Update: May 2023

Get in touch