Telenor Linx Privacy Notice
We value your privacy and take protection of personal information very seriously. Therefore, it is important for us that you understand how we collect data and process personal information.
This privacy notice will provide information about what kind of personal information we process, and how and when we gather such information. It should also preferably be read in connection to the service conditions from your operator for the applicable service you use.
Key Privacy Principles
Our position on privacy can be summarized as follows:
- We are open about how we collect and use your personal data.
- We are committed to using personal data to provide you with good quality services.
- We always take steps to ensure that we keep personal information safe and secure.
- We believe that all users of our services should enjoy the same standards of privacy protection.
This is why we apply our key privacy principles in every country in which we operate. No matter where in the world we collect personal information about you, we will process it in accordance with the following key principles:
- We will process personal information in accordance with this privacy notice and any applicable laws.
- We will be transparent about what personal information we collect, as well as why and how we collect and process it.
- We will only process personal information if we have a legal basis for doing so, and only for as long as it is necessary to achieve the relevant purposes or for as long as we are otherwise required by applicable law to retain it.
- We will respect the privacy rights under applicable law.
- We will implement appropriate security measures to keep personal information safe and secure.
Data Controller and Data Processor
To deliver our services, Telenor Linx step into one of two roles: Data controller or data processor.
- As data controller we determine why and how personal data is processed. In this case, we are your primary partner when it comes to your privacy rights. You can read more about your rights and how to exercise them below.
- As data processor we deliver technology or services to another company (usually your mobile operator). In this case, the other company acts as the data controller and makes decisions regarding data processing, while we are legally obligated to follow their instructions. Any questions or objections regarding privacy in these cases should be directed to the data controller.
Telenor Linx is the data controller for the services for which you have entered into an end-user agreement with us. This controllership extends to support services for those contracted services like Customer Care, Permissions Management, and Analytics. Telenor Linx is also the controller for our e-com services like international voice, messaging and data transfers and roaming services.
As a data processor, Telenor Linx’ contribution is a background support activity which only exists to enable services offered by another company, usually your mobile operator. In this case, the other party is the data controller and will respond to your privacy concerns.
Information we collect, countries of transfer, and legal basis for processing
The personal data we collect, the purpose we process them for and for how long we retain the various data vary according to the kind of service or product. Countries where we process data, or transfer data to, and the legal basis for processing also vary depending on service and product Please see the relevant service or product for details.
In addition to what you will find under each service as a purpose for processing, there will be a few use cases in which we are obligated to process personal data by applicable law.
International voice and SMS
Purpose
Personal Data processed and retention periods
When you make an international call or SMS a record is generated from the signalling data based on the use of the service. This record is called a Call Detail Record (CDR). Telenor processes CDRs for invoicing, and they are retained for a maximum of 12 months depending on the interval for invoicing between the various operators involved in the international calls.
Categories of data processed for voice services
Personal Data | Retention policy | Reasons for retention | |
Call details | A-number MSISDN (i.e phone number) of calling party) | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | B-number MSISDN (i.e phone number) of receiving party) | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Redirecting number | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Generic number/additional calling number | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Calling line identity presentation | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Original called number | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Call date | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Call time | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Originating carrier/country | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Terminating carrier | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Duration of call | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Type of service (voice, ISDN or video telephony) | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Source and destination IP-address | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Release cause of the call | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Fate of the call | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Call detail record (CDR) | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Categories of data processed for text-services/SMS
Personal Data | Retention policy | Reasons for retention | |
Call details | A-number MSISDN (i.e phone number) of calling party) | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | B-number MSISDN (i.e phone number) of receiving party) | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Call date | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Call time (started sent and end) | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | IMSI (International mobile subscriber identity) | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Calling global title (GT) (Operator’s short message service centre, SMSC) | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Called global title (GT) (which Mobile Switching Centre (MSC) registered to) | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Source SMS HUB operator ID | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Destination SMS HUB Operator ID | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Source SMS Hub ID | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Transactional message flag/value | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Registered flag/value | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Receipt message flag/value | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Blocked message flag/value | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Message result ID | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Call detail record (CDR) | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Legal basis
Roaming
Purpose
- Sending and receiving calls
- Sending and receiving SMS text messages whilst roaming abroad is called SMS roaming
- Data roaming refers to the use of mobile data services whilst abroad
Personal Data processed and retention periods
When you roam, we generate a record based on the use of the service. This record is called a Call Detail Record (CDR). Telenor processes CDRs for invoicing, and they are retained for a maximum of 12 months depending on the interval for invoicing between the various operators involved in the roaming calls.
Categories of data processed when roaming
Personal Data | Retention policy | Reasons for retention | |
Call details | Call date | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Call time | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | A-number MSISDN (i.e phone number) of calling party) | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | B-number MSISDN (i.e phone number) of receiving party) | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | IMSI (international mobile subscriber identity) | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Visited-PLMN-id (in which mobile network the subscriber is roaming) | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Origin-Realm (in which mobile network the subscriber is roaming (for incoming messages)) | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Origin-Host: Same as Origin Realm if visited network is configured according to best practice. If not, this may include which Mobility Management Entity (MME) the subscriber is connected to and thereby the rough location in the country) | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Destination-Host (same as Origin Realm if visited network is configured according to best practice. If not, this may include which MME the subscriber is connected to and thereby the rough location in the country) | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Call details | Call detail record (CDR) | Maximum 12 months, depending on the interval for invoicing between operators. | Needed for invoicing and settlement between various international mobile operators. |
Legal basis
DCB – Direct Carrier Billing
Purpose
Processing Purpose | Details |
Service Provision | Providing the service requested by the user to the user. These include authentication of the user, the processing of payment transactions and refunding of transactions where necessary. |
Customer Support | Assisting users with demands and requests that they may have and helping them to solve potential issues. |
Maintain Confidentiality and Security of User Data | Taking measures to protect user data against data loss, unauthorised access/alteration, etc. |
Maintain Confidentiality and Security of Non-User Data, Systems and Services | Taking measures to protect data other than user data, as well as infrastructure, against data loss, unauthorised access/alteration, etc. |
Maintain Integrity of User Data | Taking measures to protect user data against inaccuracy. |
Product Performance Improvement | Improving the performance of the product, such as caching data. |
Transferring Data within Telenor Group for Administrative Purposes | Intra-Group data exchange across Telenor, i.e. for the provision of the service or for the purpose of reconciliation of different databases. |
Personal Data processed and retention periods
- your mobile operator in order to provide your bill
- our partners, i.e., the stores or services from which you make a purchase
Personal data categories for DCB
Personal Data | Retention policy | Reasons for retention | |
Account identifier | MSISDN (i.e phone number) | 1 year – deleted 1 year after transaction date the date of the most current transaction | We retain this to support you with any queries or refunds regarding transactions |
Account identifier | End-user profile (post-paid, pre-paid etc) | 1 year – deleted 1 year after transaction date |
We retain this to support you with any queries or refunds regarding transactions. In some cases, however, this information is not passed to us by the operator. |
General user data | ACR (encrypted unique customer identifier) | 1 year – deleted 1 year after transaction date | Not every transaction has an ACR. If it does, we retain this to support you with any queries or refunds regarding transactions. |
General user data | Operator ID | 1 year – deleted 1 year after transaction date | We retain this to support you with any queries or refunds regarding transactions. |
Purchase information | Amount – purchase value | 1 year – deleted 1 year after transaction date | We retain this to support you with any queries or refunds regarding transactions |
Purchase information | Description of purchase | 1 year – deleted 1 year after transaction date | We retain this to support you with any queries or refunds regarding transactions |
Purchase information | Transaction ID | 1 year – deleted 1 year after transaction date | We retain this to support you with any queries or refunds regarding transactions |
Purchase information | Name of the partner purchased from | 1 year – deleted 1 year after transaction date | We retain this to support you with any queries or refunds regarding transactions |
Time stamp | Time of purchase | 1 year – deleted 1 year after transaction date | We retain this to support you with any queries or refunds regarding transactions |
DCB SMS | SMS service messages in relation to the DCB service | 1 year – deleted 1 year after communication takes place | We retain this to support you with any queries about the transaction eg. PIN delivery, receipts, etc… |
Legal basis
Some supporting data processing is beneficial to the provision of our services, while not an integral part of it, such as developing new features or measuring the performance of existing features to further improve the product. In that case, that data processing serves the legitimate interests of Telenor Linx:
Details | |
To improve our customer service. | We are committed to providing you with quick, effective, and convenient assistance, should you encounter an issue with one of our services. Quality assurance of our customer service is essential to improving our processes and meeting your needs. |
To maintain security. | We are committed to maintain both the integrity and confidentiality of your data and the reliability of our services. Therefore, we take measures to recognise events that indicate an attack on our systems or fraudulent attempts to access or alter data. We also keep log-files, accessible only to few of our colleagues and only on documented exceptional circumstances, which allow us to investigate security incidents and learn from them. |
To improve customer experience. | We need to understand how you access our services to ensure an effective presentation of our websites and apps on your devices. This includes troubleshooting and preventive measures to maintain the stability of our services. |
To improve our performance. |
This includes understanding how our products are used across different markets and over time to optimise them accordingly. In many cases, this data will be aggregated, and such aggregated statistics do not include information that can directly identify you. In other cases, numeric indexes are used to distinguish between different users without directly identifying them. We use this information for research to provide a better customer experience and to create new services. |
To integrate and interlink our services within the Telenor Group. | Telenor Linx provides centralised services to other members of Telenor Group, which is why your mobile service provider will exchange information with us for various administrative purposes. This includes information on the performance of our services to improve integration or supporting internal reporting. Where we process data for this purpose, this is performed at an aggregate, depersonalised level. |
For some specific data processing Telenor Linx will ask your prior explicit consent.
Millom
Purpose
Personal Data processed and retention periods
Categories of data processed:
Personal Data | Retention policy | Reasons for retention | |
Identity token | userKey | 5- 10 years, or deleted if service is no longer delivered to MNO | Part of core customer information, required to provide the service. |
Account Identifier | MSISDN | 0 – 1 day (no retention) | Not retained. In certain limited cases used as an identifier between Telenor Linx and MNO. |
Technical data |
IP-Address – end user UserAgent |
1 day – 1 month | Information sent from the client when obtaining the AccountIdentifier |
Account Identifier | Carrier Provided ID (CPID) | 5-10 years or deleted if service is no longer delivered to MNO |
Part of core customer information, required to provide the service. CPID let operators mask data before sharing it with service providers, so the service providers cannot identify the users of the service directly. |
Time And Location | Timestamp | 5-10 years or deleted if service is no longer delivered to MNO |
The time of the day when an event occurred. Retained to identify temporary issues and track statistics evolution over time. |
User base data – all | Notifications, Plan and account information, block/allow-list | 5-10 years or deleted if service is no longer delivered to MNO | Part of core customer information, required to provide the service. Product improvements to e.g. reduce user spam and be more relevant when user interacts with the service. |
Service usage metadata | AppID | 5-10 years or deleted if service is no longer delivered to MNO | Part of core customer information, required to provide the service. Product improvements to e.g. reduce user spam and be more relevant when user interacts with the service. |
Payment wallets | Whether or not user has payment options available | 5-10 years, or deleted if service is no longer delivered to MNO | Part of core customer information, required to provide the service. Product improvements to be more relevant when the user interacts with the service. |
Purchase Fact / Transaction data | Successful/failed purchase, error codes | 5-10 years, or deleted if service is no longer delivered to MNO | Required to provide the service. Product improvements to be more relevant when the user interacts with the service, for reconciliation and to support MNOs with potential customer queries. |
Legal basis
Details | |
To improve our customer service. | We provide the customer (MNO) the insight into their subscribers’ purchasing history on the platform to allow handling of possible complaints from their subscribers. |
To maintain security. | We are committed to maintain both the integrity and confidentiality of your data and the reliability of our services. Therefore, we take measures to recognise events that indicate an attack on our systems or fraudulent attempts to access or alter data. We also keep log-files, accessible only to a few of our colleagues and only on documented exceptional circumstances, which allow us to investigate security incidents and learn from them. |
To improve customer experience. | We need to understand how you use our services to ensure we present you with the best possible customer experience where you interact with the services we provide. This includes troubleshooting and preventive measures to maintain the stability of our services. |
To improve our performance. |
This includes understanding how our products are used across different markets and over time in order to optimise them accordingly. In many cases, this data will be aggregated, and such aggregated statistics do not include information that can directly identify you. In other cases, numeric indexes are used to distinguish between different users without directly identifying them. We use this information for research to provide a better customer experience and to create new services. |
To integrate and interlink our services within the Telenor Group. | Telenor Linx provides centralised services to other members of Telenor Group, which is why your mobile service provider will exchange information with us for various administrative purposes. This includes information on the performance of our services to improve integration or supporting internal reporting. Where we process data for this purpose, this is performed at an aggregate, depersonalised level. |
Telenor ID / Connect ID
Purpose
Telenor Linx’ authentication service is designed to protect end-users of digital services from Telenor by providing a safe and convenient login solution. Telenor Linx will for this service act as a controller, often in cooperation with other controllers.
Categories of data processed for ID
Personal Data | Retention policy | Reasons for retention | |
Data Subject Identifier | Full Name |
End user provides this by own choice Deleted when account is deactivated |
Part of core customer information, required to provide the service. |
Logic Account Identifier | Email Address |
Entered on signup or when requested by a service (if not already present) Deleted when account is deactivated |
Part of core customer information, required to provide the service. Used as username by the end-user. |
(End-)User Account ID |
Generated on signup Deleted when account is deactivated |
An unique identifier that is used internally by the system to identify each user. | |
Identity Token |
0 to 1 hour Deleted immediately when token is invalid |
The identity token generated by ConnectID and passed to confirm an end-user’s identity. | |
IP-Address — End-User |
1 month to 2 years Retained in basic logs for investigation of bugs and other incidents for 30 days. Retained in security logs for 2 years for investigation of security incidents |
Security logs are accessible only to few individuals, and only in defined, exceptional circumstances, where the access is required for the investigation of security incidents. | |
MSISDN |
Entered on signup or when requested by a service (if not already present) Deleted when account is deactivated |
Part of core customer information, required to provide the service. Used as username by the end-user. | |
One-time PIN |
30 mins Invalidated after 30 minutes or 3 wrong attempts |
A one-time pin that you may receive during sign-up and sign-in, depending on the chosen method. | |
Password |
Entered on signup Deleted when account is deactivated |
Password for your account | |
Geolocation |
1 month to 2 years Retained in basic logs for investigation of bugs and other incidents for 30 days. Retained in security logs for 21 years for investigation of security incidents |
The geolocation of the end-user (based on geolocation of IP). Used to identify operational issues related to specific locations, and in security investigations. | |
Technical Data — B2B | API Credentials |
Generated when partner is integrating Deleted when account is deactivated |
Used by our partner services to configure the integration. Not related to end-users. |
Technical Data — User | Hardware Environment |
1 month to 2 years Same policy as other log data (see IP address) |
Information on the end-user device |
Software Environment — Integrating App |
Stored whenever ID is used to log into a 3.party service Deleted when account is deactivated |
The service, for which you use ID to sign-in. | |
Software Environment — User Agent |
1 month to 2 years Same policy as other log data (see IP address) |
Information sent by your browser. | |
Time And Location | Timestamp |
1 month to 2 years Same policy as other log data (see IP address) |
The time of the day, when an event happens. This is relevant for example to recognise malicious sign-in attempts, due to high frequency of sign-in attempts. |
User Behaviour | Event Stream |
1 month to 2 years Same policy as other log data (see IP address) |
Information on how users traverse the login of the ID application,where they may get stuck and where components may not work as intended. |
User Behaviour — Logs |
1 month to 2 years Same policy as other log data (see IP address) |
Historic logs of user activities, such as sign-in attempts, used i.e. under exceptional circumstances to investigate security vulnerabilities. | |
Other User Events |
1 month to 2 years Same policy as other log data (see IP address) |
Other user triggered events of potential IT-security relevance. |
Personal Data Categories for Customer Service
What personal data is used by the customer care service is highly contextual and strongly depends on what you are seeking assistance with. The list below is comprehensive, but usually only a small fraction of it will apply, depending on your request.
Personal Data | Retention Policy | Remarks | |
Customer Service & Customer Communication | Customer Service Interaction – All |
1 month to 2 years To follow-up an issue on repeated occurrence (i.e. sporadic technical issues) |
Your interaction with the Customer Service. |
Data Subject Identifier | Full Name |
1 month To follow-up an issue on repeated occurrence (i.e. sporadic technical issues) |
Part of core customer information, required to provide the service. |
Logic Account Identifier | Email Address |
1 month To follow-up an issue on repeated occurrence (i.e. sporadic technical issues) |
Part of core customer information, required to provide the service. Used as username by the end-user. |
(End-)User Account ID |
1 month To follow-up an issue on repeated occurrence (i.e. sporadic technical issues) |
An unique identifier that is used internally by the system to identify each user. | |
IP-Address |
1 month To follow-up an issue on repeated occurrence (i.e. sporadic technical issues) |
The IP-address linked to your customer service ticket. | |
MSISDN |
1 month To follow-up an issue on repeated occurrence (i.e. sporadic technical issues) |
Part of core customer information, required to provide the service. Used as username by the end-user. | |
One-time PIN |
1 month To follow-up an issue on repeated occurrence (i.e. sporadic technical issues) |
A one-time PIN that you receive in order for customer service to assess that you are the rightful owner of an account. | |
Ticket-ID |
1 month To follow-up an issue on repeated occurrence (i.e. sporadic technical issues) |
Customer Service operates on so-called tickets, to be able to follow-up your request over a longer period, if needed. | |
User Behaviour | Service Usage Metadata |
1 month To follow-up an issue on repeated occurrence (i.e. sporadic technical issues) |
Overview of which services the end-user has used ID to log into. |
Personal Data Categories for Privacy Service
Personal Data | Retention Policy | Remarks | |
Logic Account Identifier | (End-)User Account ID |
Stored when you make a request Deleted when account is deactivated |
Your ID Retained to be able to display and check consent decisions and objections. |
Personal Data Categories for Analytics
Personal Data | Retention Policy | Remarks | |
General User Data | User Base Data — All | 1 year | Retained to have a historical comparison of user base data frequencies between seasons of different years. |
Logic Account Identifier | (End-)User Account ID | 1 year | Retained to have a historical comparison of number of distinct users between seasons of different years. |
IP-Address — End-User | 1 year | Retained to have a historical comparison of user density in different estimated locations between seasons of different years. | |
MSISDN | 1 year | Retained to have a historical comparison of number of distinct users between seasons of different years. | |
Email Address | 1 year | Retained to have a historical comparison of number of distinct users between seasons of different years. | |
Technical Data — B2B | Operation Status Confirmation Message | 1 year | Retained to have a historical comparison of the API call status frequencies between seasons of different years. |
Technical Data — User | Software Environment — User Agent | 1 year | Retained to have a historical comparison of browser usage between seasons of different years. |
Time And Location | Timestamp | 1 year |
The time of the day when an event occurred. Retained to track statistics evolution over time. |
User Behaviour | Service usage metadata | 1 year |
User-triggered events that allows insights on the performance of the product and potential technical issues. Retained to have a historical comparison of number of service usage patterns between seasons of different years. |
Event Stream | 1 year | Retained in order to build information about how the service performs (e.g. where users quit the service) |
Legal basis
Details | |
To improve our customer service. | We are committed to providing you with quick, effective and convenient assistance, should you encounter an issue with one of our services. Quality assurance of our customer service is essential to improving our processes and meeting your needs. |
To maintain security. | We are committed to maintain both the integrity and confidentiality of your data and the reliability of our services. Therefore, we take measures to recognise events that indicate an attack on our systems or fraudulent attempts to access or alter data. We also keep log-files, accessible only to a few of our colleagues and only on documented exceptional circumstances, which allow us to investigate security incidents and learn from them. |
To improve customer experience. | We need to understand how you access our services to ensure an effective presentation of our websites and apps on your devices. This includes troubleshooting and preventive measures to maintain the stability of our services. |
To improve our performance. |
This includes understanding how our products are used across different markets and over time in order to optimise them accordingly. In many cases, this data will be aggregated, and such aggregated statistics do not include information that can directly identify you. In other cases, numeric indexes are used to distinguish between different users without directly identifying them. We use this information for research to provide a better customer experience and to create new services. |
To integrate and interlink our services within the Telenor Group. | Telenor Linx provides centralised services to other members of Telenor Group, which is why your mobile service provider will exchange information with us for various administrative purposes. This includes information on the performance of our services to improve integration or supporting internal reporting. Where we process data for this purpose, this is performed at an aggregate, depersonalised level. |
For some specific data processing, we will ask your prior explicit consent.
Transfer of personal data to Third Parties
Third party companies help us to provide and maintain our services. These third parties fall into the following categories:
- Network Operator: We integrate and collaborate with other network operators, for example, other Telenor companies. These activities require data transfers to or from your mobile service provider.
- Partners: Occasionally, we integrate our services with partners outside the Telenor Group. In such a case, each party is responsible for their part of the data processing as a data controller.
- External vendors: We use external vendors to host, deliver, improve, and maintain our services and products. These vendors are data processors to us, which means they are legally and contractually obligated to follow our instructions, maintain your data securely according to our standards, delete your data upon request, and so forth.
Finally, if we decide to sell, buy, merge or otherwise re-organise a business, we may transfer your personal information to purchasers, or partners and their advisers.
Data transfers outside of the EU/EEA
In some specific cases, we transfer data to countries outside the European Economic Area (EEA)/European Union (EU). Such transfers occur when:
- a user’s country of residence is outside EU/EEA, and the user is a subscriber to the local mobile network operator and Telenor Linx services are offered with the subscription; or
- a user use Telenor ID to sign into a service based outside EU/EEA; or
- we use the processing capacities of a vendor based outside EU/EEA; or
- we use Telenor Linx own capacities outside of EU/EEA.
In the first two cases, the countries to which we transfer the data are determined by the location of your mobile service provider or the location of the services you are using with Telenor ID. Unless it is necessary to transfer the data to a country outside the EU/EEA for the performance of our contract with you, we enter into standard data protection clauses adopted by the European Commission (“EU Model Clauses”).
Many of our vendors are located in the United States. The hosting services we purchase limit however the location of processing to EU, which means that data is not transferred to nor accessed from outside of EU. For vendors that help us improve and maintain our products, data might be transferred to the USA. In such cases we assess the risk and make the adequate security measures before any transfer starts up.
For the last category, Telenor Linx has full control of the entities and full insight in any authority requests coming into the local Telenor Linx units. Here as well adequate security measures are taken.
All transfer of personal data out of EEA is furthermore based on a set-up with EU model clauses, either between Telenor Linx in Norway and the party outside of EEA, or via a European vendor who as a data processor establish a processor-to-processor model clause with the party outside of EEA.
Security and fraud prevention
In electronic communication as elsewhere in society there is a risk for malicious attacks and fraudulent attempts. Telenor process signalling and roaming data in various ways to prevent and stop fraud. We manage firewalls where recognizable fraudulent traffic is stopped, and we look for call patterns we know are likely to be fraudulent to close down traffic from such sources when necessary. Typical case for the latter could be sending thousands of messages in a very short time range to a high-cost number – Wangiri calls trying to trick the called party to call back on a missed call, or “fake support calls” used to scam the victim’s credit card. Characteristic for both types of calls is the sequential dialling generated by machines.
To be allowed to transfer calls to the USA, all calls coming from a sender with a phone number from the North American Numbering plan will be analysed as any other call going through Telenor’s network. In case such a robo-call would pass through to the recipient despite our efforts to prevent it, US authorities may require Telenor’s assistance to track back the real sender of the call.
Fraud detection and prevention is dependent on fresh data, and data used for this purpose will not be stored for more than 24 hours. For monitoring purpose, the last two digits are removed from both the calling and the receiving number (A and B number). The A and B numbers are not combined in any of the fraud alerts to further limit any possibility for reidentification of end-users.
User rights
Telenor Linx takes privacy rights seriously and offers in general the rights to access and information to the individuals whose data we collect and process. However, for the international voice and SMS services, as well as the roaming services, Telenor Linx only gathers information from your local operator and operators you roam with, and the full set of information will only be available at your local operator. Additionally, Telenor Linx do not know the identity of the individual users. For these reasons, you will have to ask your local operator for access to your traffic data.
For all other services Telenor Linx is controller of you have several rights regarding your personal data which you can exercise by visiting your privacy settings in your service or contact Telenor Linx directly. Customer Service will handle your requests and answer your questions. These include the:
- Right to withdraw consent: Where you have previously given consent for us to process your personal data, you can withdraw that consent any time.
- Right to access your information: You can ask for more detail regarding the data we collect about you and how we process it.
- Right to rectification: You can request that we correct any inaccurate personal data which we are processing. For most of our services, the simplest way to correct your data is to update your user profile yourself.
- Right to object: When we process your personal data on the legal basis of legitimate interest you have the right to object to such processing.
- Right to erasure: You can request that we erase the personal information we hold about you. This kind of request must meet certain criteria. For example, we cannot delete information required to fulfil our contract with you.
- Right to restrict processing: In certain cases, you may request that we cease processing of your personal data for specific purposes. For instance, you might claim that our use of your data is unlawful, but you may ask us to restrict the processing of data, as opposed to deleting it.
- Right to portability: You have the right to receive the personal data we are processing concerning you. This pertains to the data which you have provided to us and that we are processing based on your consent or to perform a contract with you, provided that the data is processed using automated means. This right includes a direct transfer of your data to another controller, where technically feasible. Please note that the right to portability does not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller. We also will not be able to extend this right in a way that would adversely affect the rights and freedoms of others.
See the “Contact Details” section of this Privacy Notice to see options to how and where you may exercise your rights.
Business Customers and vendor management
All business customer data and vendor data are solely used for professional relationship management purposes. In addition to contact and follow-up, Telenor also runs an annual Net Promoter Score (NPS) survey. We then ask for and collect the NPS from our business customers and vendors. It is voluntary to participate. This data is stored for as long as the customer or vendor has a relationship with our company. At any point in time, contacts can opt out of the survey, and/or ask to have their own data deleted.
Telenor Linx typically log your activities when you log on to our customer portals.
We collect your e-mail address/username and your log-data based on legitimate interest as a legal basis. Our legitimate interest in collecting your log-data is to secure and control access to the (personal) data in the system.
We do not share information about you with any third parties for other purposes than the ones described in this privacy notice.
Changes to the Privacy Notice
We will at all times keep our privacy notice updated and notify on our website or application with any changes. For products where we have registered your e-mail address, we will also notify you by e-mail if we make substantial changes relevant to this product.
How can I contact Telenor Linx regarding my privacy rights?
For requests about access to data, objection to data processing, correction of your data, deletion of data or accounts or to see your history for relevant services, please go to our “Make a request” page: https://manage.telenorid.com/privacy
For opting out of, please go to https://privacy.telenordigital.com/pages/consents
Telenor Linx AS
Snarøyveien 30
1331 Fornebu, Norway
Org. No. NO 996 516 288
Any questions or complaints to Telenor Linx processing of personal data can be addressed to the Telenor Linx’s Data Protection Officer.
You also have the right to lodge a complaint with a supervisory authority.