In Sonera we recognize that privacy is important to our customers and we are committed to respect and safeguard our customers’ privacy. Our customers trust us with their private information and we are responsible for living up to this trust placed in us every day.
We have developed this Privacy Notice to:
- Demonstrate Sonera’s commitment and accountability to protect and respect your privacy,
- Explain how we collect, use and safeguard your personal data, and
- Help you to understand how your personal data is collected and used and what rights you have.
When processing your personal data, we comply with the Finnish legislation and the mandatory regulations and instructions issued by the competent authorities.
This Privacy Notice (last updated August 29, 2016) applies when you use our products and services, as well as visit our websites. This Privacy Notice does not apply to any other company’s website or services, even if accessed through Sonera’s network or services.
Before we go into the detail we find it useful to define a few terms used in this Notice.
Anonymized data is information that no longer relates to you as an individual, because all identifying elements have been eliminated from a set of personal data.
Customer is anyone who subscribes, purchases or uses our Services. The customer with whom Sonera has an agreement is responsible for making sure that all users (e.g. family members) under his/her subscription understand and agree to this Notice.
Personal data is any information that can be directly or indirectly related to you as an individual. The types of personal data that we process are described in more detail later in this Notice.
Services refer to all the products and services offered by TeliaSonera whether available online or offline.
Traffic data means any information used or processed for the purpose of the conveyance of a communication on an electronic communications network or for the billing of communication services. When using communication services, data is created which may, for example, convey the subscriptions and terminal devices used by the communicating parties, the start and end times of communications, the duration and routing of communications, the data transfer protocol, the volume of transferred data, the location of a subscription or terminal device in the coverage area of a particular mobile network base station or some other location, the format of the data transferred in the communications network, and other similar information processed in the communications network while transferring, distributing or providing messages. If traffic data is directly or indirectly identifiable to you as an individual, it is also classified as personal data.
How do we collect your personal data?
Sonera provides a broad spectrum of Services. The information we collect about you depends on the Services you use, subscribe or purchase and what details you provide to us when you purchase or register for Services we provide.
We collect personal data, which:
- You provide e.g. when you communicate or do business with us, for example, when you buy our Services or register to our Services, subscribe to our newsletters or contact us requesting information.
- Generates when you use a Service, where permitted by applicable law, for example, when you use our network and other Services (e.g. when you make a phone-call, send an e-mail or visit our websites).
- We obtain from other sources like, other service providers or from publicly available registers e.g. Population Registration Centre, post office registers or marketing ban register maintained by Asiakkuusmarkkinointiliitto (so called Robinson register).
You are not required to provide any personal data to Sonera, but if you decide not to do so, it is possible that we will not be able to provide our Services to you.
What personal data do we collect about you?
We collect personal data belonging to the following categories:
- Basic information, such as name and contact information;
- Demographic information, such as age, date of birth, gender and native language;
- Data related to the customer relationship, such as Service and order details, invoicing, credit and payment details, marketing permissions and prohibitions, customer contacts and related recordings, such as calls to our customer service;
- Data generated in connection with use of communications and other Services, e.g. traffic data related to calls and email messages; information on the parties to communications, time of the connection, data transfer protocol, location data, and terminal-related data;
- Other data on the service use, such as data collected by means of cookies and similar technologies in connection with Internet or mobile browsing;
- Data related to the identification and registration of a customer or user, such as the user IDs and passwords information required in the management of mobile certificates;
- Other data, which is collected based on your consent and defined in more detail when consent is asked from you;
Sonera processes children’s personal data only when appropriate in the given circumstances and allowed under applicable laws. Sonera takes reasonable efforts to ensure and verify that the child’s parent or guardian has consented or authorized processing of personal data taking into consideration available technology and privacy risks connected with processing.
How do we use your personal data?
Sonera collects, processes and uses personal data, which is needed for operational purposes, efficient customer care and relevant commercial activities, including the processing of anonymized data.
We primarily process your personal data based on an agreement concluded with you or under legitimate interests in connection with utilization or provision of our Services. Further we may process your personal data based on other lawful criteria such as consent or when required by applicable law.
Sonera processes your personal data for the purposes listed below:
Provision of Services: We process personal data in order to provide and deliver Services to you. For example, your data is processed related to the provision of the communications services e.g. to transmit a call, text message or e-mail to the recipient. Moreover, the provision of Services requires that we process personal data for identifying customers or users, processing and delivering orders, invoicing for the Services, credit control, debt collection, customer service, and for fixing various faults and incidents or for processing complaints. We process personal data in customer communications, e.g. when sending notifications related to Services, and in order to contact customers in issues related to our Services.
Development and analysis: We process personal data for Sonera’s internal purposes of general development and managing our business and Services and the related processes. We process personal data also for better understanding your needs as a customer. We may process traffic data for the development of a communications service, such as for optimizing the operations of communications networks. We may compile statistics for developing Services or for other analysis needs. We may group our customers based on invoicing, data volumes and duration of the customer relationship or external classifications, e.g. draw up reports on how different user groups use communications services or how a person’s residence and age affect their use of Services.
Sales and marketing: We process and utilize both anonymized data and personal data for marketing purposes and for forming target groups for marketing in accordance with applicable law. We may process personal data for personalizing and targeting Services for instance by giving recommendations and by showing targeted contents in our Services or customer channels. We may use personal data within the limits of the law for marketing, both our own and our cooperation partners’ products and services, for direct marketing and market research, and for customer satisfaction surveys.
Information security and misuse of services: We may process personal and traffic data in order to ensure the information security of all our Services and communications networks. We may also process personal data in order to detect or prevent various types of misuse of Services and fraud, e.g. in such instances where communications services subject to charge have been used for free.
Compliance with laws: We process personal data in order to meet our statutory obligations, e.g. in relation to accounting and to provide data to competent authorities when required by law.
Other purpose(s) you have given your consent to: We may process your personal data to any other purpose you have given your consent to.
In all of the above cases, we process personal and traffic data only to the extent necessary for the purpose, always taking into account the protection of your privacy.
Your personal data will be used by Sonera only in a manner consistent with the purpose for which we obtained it. We may combine data collected in connection with different Services in so far as the data have been collected for the same purpose. We never process personal data in a manner that is inappropriate in view of the defined purpose.
How do we safeguard you data?
Safeguarding your personal data is of the utmost importance to us.
Sonera continuously works to protect our customers’ interests. Our security work embraces protection for personnel, information, IT infrastructure, internal and public networks, as well as office buildings and technical facilities. Special attention is given to information such as your personal data.
Our security work aims to balance risk exposure, business value, available technology, vulnerabilities, and threats in order to comply with applicable laws, regulations as well as with contractual demands.
Information security and ensuring appropriate protection of customer information is vital for us. We strive to implement security measures to set appropriate level of protection of information and to prevent and detect disclosure of personal data to unauthorized parties.
With whom do we share your information?
We may share your information with:
Sonera group companies within the limits of applicable law. Our subsidiaries may use your information for the purposes indicated in this document, including to market their products and services to you.
Subcontractors working for us and processing your data on behalf of Sonera. These third parties may not use the personal data for any other purpose than for providing the service agreed with us. When using subcontractors, we take appropriate care to ensure that also our subcontractors operate in accordance with this Notice.Companies that perform these services may be located outside Finland or the European Union or the European Economic Area. If we transfer your personal data this way, we will take the appropriate steps in line with applicable laws to ensure that your right to privacy is continued to be protected.
Directory services. We disclose your personal data (e.g. name, phone number and address) to be published in public directory services (e.g. on-line directories or phone books) in accordance with law. We respect your right to request to not publish your personal data in directory services.
Other telecommunications operators or service providers that provide or are engaged to perform services to you e.g. for billing or investigation of faults and errors.When you leave our network and use mobile roaming services provided by other operators (e.g. when travelling abroad), these operators may collect and process your personal data as well as obtain data from Sonera. This data processing and collecting will be subject to the terms and conditions of the third party operator – not this Privacy Notice. We encourage you to learn about the privacy practices of those operators.
Other parties with your consent that can be obtained e.g. in connection with a particular service.
We may also share your information:
In response to legal process or authority request in order to comply with applicable law or court order or in connection with judicial proceedings or other legal process. For example personal data may be disclosed for a copyrights’ owner or respective spokesman based on a court decision. We also disclose data to competent authorities (e.g. to the police or emergency services) when required by law and always in accordance with strict predefined processes.
As required or otherwise authorized by law, for example, providing itemised bills to subscribers.
In connection with business transfers such as part of any merger, acquisition, sale of Sonera assets or transition of service to another company.
We may also process anonymized or aggregated data, which does not relate to you as an individual. Such data can be shared for other purposes and parties.
How long do we retain your data?
We will retain your personal data for the period necessary to fulfil the purposes outlined in this Privacy Notice unless a longer retention period is required or permitted by applicable law. Retention of anonymized data is not governed by such limitations or requirements.
We aim not to keep outdated or unnecessary information and to make sure that the personal data and other customer information are up-to-date and correct.
As many other websites, our websites make use of ‘cookies’ technology. Cookies help us to determine the most popular sections of our websites, which pages users visit and for how long. The information is used for, for example, provision, development and analysis of services and targeting website advertisements in services or networks provided by Sonera or its partners.
Cookies may be disabled in the browser settings. We would like to remind you, however, that in some cases this may slow down website browsing or reduce the functionality of or prevent access to certain websites.
We use information collected by means of cookies typically for the following purposes:
Functional cookies and Service provision: Cookies are very important for the operation of our website and electronic Services, and they enable a smooth user experience. For example, if a user so desires, they do not have to enter their username, password and personalization options every time they log in to our Service.
Targeting of marketing: By means of cookies, we may also collect information for providing advertisements or contents targeted at a certain browser by creating different target groups.
We may, within the scope of the law, combine information received by means of cookies with information received on the user in other connections, such as information on the Services used.
Sonera sites may contain links to third-party websites, products, and services as well as social extensions (e.g. Facebook’s social plugins).Third-party services or third-party applications found on Sonera’s websites are subject to the third party’s privacy policies. We encourage you to learn about the privacy practices of those third parties.
What are your choices and rights?
You have the right to:
- check what information we have collected and retained about you, unless applicable laws otherwise stipulate. You can check your information once a year without costs. A request shall be made by a personally signed or otherwise comparably verified document or by appearing personally in Sonera store.
- require that incorrect, unnecessary, defective or outdated personal data are corrected or removed.
- prohibit (opt-out) the use of your personal data for direct marketing or for market research and opinion polls.
- request an unlisted phone number and not include your information in the public directory services.
- withdraw any consent given by you. If you decide to do so, it is possible that we will no longer be able to provide our Services to you.
If you are concerned that Sonera has not complied with this Privacy Notice or applicable privacy laws, you may make a complaint to Sonera or you may decide to make a formal complaint with the Data Ombudsman, a competent authority as regards personal data or with the Finnish Communications Authority, a competent authority as regards traffic data in Finland.
Sonera is committed in conducting responsible and sustainable business. If you have any concerns that this Notice or related laws are being violated, you can also raise those concerns by using our Speak-Up Line, which is a secure and confidential externally hosted web-portal for whistleblowing.
How to find out about changes to this Notice?
We may need to update this Notice as our operations and Services develop, and therefore we encourage you to check for the latest version of this Privacy Notice regularly on our website.
How to contact us?
We encourage you to contact us using the contact information provided below for any questions about this Privacy Notice or processing of your personal data.
For the purposes of the Personal Data Act (523/1999), Sonera (business ID 1475607-9) is the data controller of your personal data.
For reclamations and requests as regards right of access please contact:
TeliaSonera Finland Oyj
For any questions or concerns as regards this Privacy Notice please contact:
TeliaSonera Finland Oyj
Contact Information on supervising authorities:
Ratapihantie 9, 6 krs
Itämerenkatu 3 A
Laws applicable on personal and traffic data