Privacy Policy for Telenor Cyberdefence

Effective Date: 01.02.2025

Introduction

Telenor Cyberdefence (“we,” “us,” or “our”) is committed to protecting the privacy and security of our clients, partners, and users. This Privacy Policy outlines how we collect, use, disclose, and protect your personal data in connection with the security services we provide to businesses in the Nordic market. By using our services, you agree to the practices described in this policy.

1. Data We Collect

We collect personal data necessary to provide our services effectively. This includes:

Contact Information: Names, job titles, email addresses, phone numbers, and business addresses.
Account Information: Usernames, passwords, and account settings for our service portal.
Service Data: Logs, metadata, and network traffic data related to our security services, including IP addresses and device identifiers.
Payment Information: Billing details, including credit card information or bank account details.
Communication Data: Emails, messages, or other communications you have with us.
Usage Data: Data about how you interact with our website, portal, and services.

2. How We Use Your Data

We use the collected data to:

Provide and maintain our security services.
Detect, prevent, and respond to security incidents and threats.
Communicate with you about updates, maintenance, or support.
Conduct billing and payment processing.
Comply with legal and regulatory obligations.
Improve our services through analytics and feedback.

3. Legal Basis for Processing

We process personal data based on the following legal grounds:

Contractual Obligation: To fulfill our obligations under the service agreement.
Legal Compliance: To meet legal and regulatory requirements.
Legitimate Interest: To improve and protect our services and your business.
Consent: When you provide explicit consent for specific uses.

4. Data Sharing and Disclosure

We do not sell your personal data. We may share your data with:

Service Providers: Trusted third parties who assist in delivering our services (e.g., cloud hosting, payment processors).
Partners: Authorized business partners who help deliver services to you.
Legal Authorities: When required by law, court orders, or to protect our legal rights.
Business Transfers: In the event of a merger, acquisition, or sale of assets.

5 International Data Transfers

We may transfer your data outside the Nordic region to provide our services. When we do, we ensure appropriate safeguards are in place, such as EU Standard Contractual Clauses or equivalent measures, to protect your data.

6 Data Retention

We retain your data only for as long as necessary to:

Provide our services.
Comply with legal obligations.
Resolve disputes.
Enforce our agreements.

When no longer needed, we securely delete or anonymize your data.

7 Data Security

We implement technical and organizational measures to protect your personal data from unauthorized access, disclosure, or destruction. These include encryption, secure servers, and regular security audits.

8. Your Rights

You have the following rights under applicable privacy laws:

Access: Request access to your personal data.
Correction: Request corrections to inaccurate data.
Deletion: Request deletion of your data (subject to legal obligations).
Restriction: Request restriction of processing under certain conditions.
Portability: Request a copy of your data in a portable format.
Objection: Object to data processing based on legitimate interests.
Withdraw Consent: Withdraw your consent at any time.

To exercise your rights, contact us at Lars.berg@telenorcyberdefence.com.

9 Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience on our website. For more information, see our Cookie Policy.

10 Updates to This Policy

We may update this Privacy Policy periodically. Any changes will be posted on our website with the updated effective date. We encourage you to review this policy regularly.