Privacy Policy
1. About this Privacy Policy
TDC NET provides communication infrastructure throughout Denmark. We expand and operate a fiber network, a cable TV network (COAX), the historical copper network (DSL), and a mobile network that covers various technologies.
A wide range of different IT and telecommunications providers deliver internet and tele services through our network. When you use a communication service from a provider using TDC NET's infrastructure, TDC NET will need to process your personal data to deliver the service in question. On this page, you will find information on how we, as the data controller, process your data and what rights you have.
2. Processing Activities
- Analyses and Reporting
Purpose and Legal Basis for Processing Your Personal Data
TDC NET uses personal data to compile internal statistics, analyses, and reports for internal planning purposes. By utilizing logistic information, business processes are analysed with the aim of optimizing operations and delivering high-quality solutions from TDC NET. The processed data is used, among other things, for pricing, sales and strategy, as well as finance and budgeting.
Personal data is processed based on legitimate interest, cf. GDPR Art. 6, para. 1, litra f.
Categories of Personal Data
In connection with analyses, we process the following types of personal data:Ordinary personal data in the form of:
• Contact information, including address, email, and phone number
• Customer information, including customer number, IMEI number, MAC address, Equipment model, SIM card, eSIM number, Serial number, Track & Trace number, Transaction ID, and Order history
• Traffic data
To prepare analyses, information is collected and anonymized through aggregation.
Where does your personal data come from?
The information we process about you is received directly from you or through our partners, for example, Nuuday and Yousee. We also process information that is automatically generated using out telecommunications network.
Storage of Your Personal Data
The personal data used to prepare analyses and reports are deleted after a period of 5 years in accordance with the Danish Accounting Act.
Versioning
Last changed on 28-10-2024.
- Customer Satisfaction Survey
Purpose and Legal Basis for Processing Your Personal Data
TDC NET aims to improve the customer experience through your feedback. In connection with customer satisfaction analyses, we collect and process your personal data. If you have given consent for sharing the content of your customer satisfaction analysis from our partners, we may also receive information regarding TDC NET.
The results of the satisfaction analyses are used with the aim of:
• Enhancing communication, products, processes, and services
• Optimizing internal processes and systems
• Training employees
• Targeting the experience and delivering relevant services
• Assessing future customer growth
Data is collected through user satisfaction surveys and associated data points, and generally processed only with your consent, in accordance with GDPR Art. 6, para. 1, litra a. You can always withdraw your consent.
Categories of Personal Data
In user satisfaction surveys where we receive responses directly from you, and customer satisfaction analyses where we receive information from others, we collect and process the following types of ordinary personal data about you:
• Customer number and LID/order number
• Your responses and feedback to us in the user satisfaction surveys
• Case number, FiberInstallCode, and rescheduling
We emphasize that we do not want to store sensitive personal data collected in connection with user satisfaction surveys and other customer satisfaction analyses.
Where Your Personal Data Comes From
We collect your personal data directly from you in connection with our user satisfaction surveys, or receive it from our partners (Yousee and Nuuday) if you consent to the sharing of your customer satisfaction analysis.
Additionally, we may process information that is auto-generated within TDC NET, which is necessary to conduct user satisfaction surveys. Participation in a satisfaction survey is always optional.
Storage of Your Personal Data
We store your personal data as long as it is necessary to fulfil the purposes mentioned above. After data merging of customer and order identification, personal data is deleted within 7 days, and order data is aggregated to ensure that individuals cannot be identified.
Your Rights
You have the right to withdraw your consent at any time. If you wish to do so, please contact us. Please note that withdrawal of consent does not affect the legality of the processing based on the consent before its withdrawal. We will ensure that the processing of your personal data stops from the time we receive your withdrawal.
Versioning
Last changed on 29-10-2024.
- Troubleshooting
Purpose and Legal Basis for Processing Your Personal Data
We use your personal data for the optimization, troubleshooting, and correction of the communication lines and network equipment we provide. This may include measuring performance on the line or identifying specific addresses where technical support may be needed. .
The processing of personal data in connection with the optimization and troubleshooting of communication lines and network equipment is carried out in the public interest in accordance with GDPR Art. 6, para. 1, litra e, to fulfil TDC NET's supply obligation, as stipulated in the Telecommunications Act § 14, para. 2.
Categories of Personal Data
We process the following types of personal data:
• Name and address
• Contact information, including mobile number and email
• Technical information, including IP addresses, IMEI number, SIM card, and other technological address
• Performance data og signal strength data
Recipients or Categories of Recipients
We only share your personal data with relevant recipients involved in troubleshooting and maintaining the infrastructure.
This includes:
• Subcontractors who assist with troubleshooting and fault correction, including Dansk Kabel TV
• Information may be shared with your Service Provider for fault rectification notification
In general, TDC NET processes personal data within the EU/EEA area. However, it may be necessary to transfer this information to countries outside the EU/EEA, for example, in connection with IT services. In cases where the third country is not recognized as safe by the EU Commission, TDC NET will take steps to ensure an appropriate level of data protection by entering into agreements with the recipients. This is often done through the EU Commission's standard contractual clauses, which are designed to protect personal data during transfers to unsafe third countries.
Where Your Personal Data Comes From
We collect your personal data from the following sources:
• Directly from you in connection with support requests
• Automatically generated data from our network and your devices
• Automatically generated data from our network and your devices
Storage of Your Personal Data
We retain your personal data only for as long as necessary to perform troubleshooting and resolve any issues, and to fulfil any related service agreements. Afterwards, data will be retained for a period during which we can handle any follow-up support requests, which is estimated to be 24 months in accordance with our internal data storage guidelines.
Versioning
Last changed on 25-10-2024.
- Provision of Products and Services
Purpose and Legal Basis for Processing Your Personal Data
We process your personal data to provide products and services to you. This includes the delivery and operation of our products and services, as well as any communication with you regarding them. For example, it may be necessary to process your personal data to search for network technologies at your address, plan the setup of your fiber connection, and handle any complaints in this regard.
Processing your personal data in connection with the delivery of our products and services is considered part of our legitimate interest, cf. GDPR Art. 6, para. 1, litra f.
Categories of Personal Data
In connection with the provision of services and products, we process ordinary personal data such as:
• Contact information, including name, customer number, phone number, address, and email address
• Payment information
• Technical information, including IP address, IMEI number, SIM card, and eSIM number
• Information about the communication provider you use
Recipients or Categories of Recipients
It may be necessary for TDC NET to disclose your personal data to the following types of recipients:
• Our subcontractors, such as Dansk Kabel TV, who help us deliver and operate products and services
• The network that your communication provider uses to deliver its services
• Other third-party providers where it is necessary to deliver the products or services
Where Your Personal Data Comes From
We collect personal data directly from you when you contact us, use our website to search for various network technologies, or enter into an agreement with us. We may also receive personal data from your communication provider when we deliver a service or product in collaboration with them.
When you use our network, we receive an account number or another code from your telecom or internet provider, which we use to record your usage of our network. This allows us to provide your telecom or internet provider with the relevant information about your use of our network, which is necessary to manage your subscription and generate a bill for you. We also receive your address from your provider if you need access to one of our fixed networks (Fiber/COAX or DSL).
If you need a communication connection installed at your address, we also obtain, if relevant, information from publicly available registers, including the Building and Housing Register (BBR), the Municipal Property Register (ESR), the Government Sales and Valuation Register (SVUR), Plan System DK, miniMAKS – Cadastral System, the Central Business Register (CVR), the Line Owner Register (LER), and Statistics Denmark (DST).
If you measure the speed of your internet connection through https://www.speedtest.net/ , TDC NET also receives information about this from the company Ookla LLC.
Storage of Your Personal Data
Your personal data is stored as long as it is necessary to fulfil the above purposes. This includes storage during the duration of our contractual relationship and for a period thereafter, where it may be necessary according to the law or our legitimate interest (e.g., to handle any complaints or legal claims). If you have further questions or require more information on how we process your personal data, you are welcome to contact our Privacy Compliance department.
Versioning
Last changed on 23-10-2024.
- Legal Obligations
Purpose and Legal Basis for Processing Your Personal Data
TDC NET may process your personal data to fulfil our legal obligations, including the disclosure of information to the police in connection with their investigation of crimes.
In accordance with the Administration of Justice Act §786, in general only after receiving a court order, by providing information on how, when, and with whom a person has communicated, cf. the Telecommunications Act § 10 and GDPR Art. 6, para. 1, litra c.
Categories of Personal Data
To comply with our legal obligations, we may process the following types of information:
• Name
• Adress
• Customer number
• LID and Line ID
• Mast information
• Telecommunications data, including with whom communication has taken place
Recipients or Categories of Recipients
Information is shared with authorities requesting information in connection with investigations, particularly the police.
Where Your Personal Data Comes From
Upon request for the release of information from authorities in connection with investigations, we may receive the name and address of the person to whom the information pertains. Information about the customer number and LID number is automatically generated through your use of our network.
Storage of Your Personal Data
Information about wiretapping and surveillance set up for authorities will be deleted when the case is closed or data has been shared with the authorities.
Versioning
Last changed on 25-10-2024.
- Monitoring of Locations
Purpose and Legal Basis for Processing Your Personal Data
TDC NET processes personal data in connection with CCTV monitoring of locations used and leased by TDC NET.
The monitoring is carried out as part of a legitimate interest with the aim of ensuring security and crime prevention. Processing of recordings is conducted in accordance with the CCTV Act.
Categories of Personal Data
CCTV monitoring of locations owned and leased by TDC NET is considered to involve the processing of ordinary personal data.
Recipients or Categories of Recipients
In rare cases, recordings made for crime prevention purposes may be disclosed if the registered individual has given explicit consent, if it is required by law, or if the disclosure is made to the police in connection with criminal investigations.
Where Your Personal Data Comes From
Information is automatically generated through CCTV monitoring.
Storage of Your Personal Data
Generally, TDC NET deletes recordings from CCTV monitoring after 30 days, but they may be retained for a longer period in special cases if necessary for a specific purpose or in accordance with the CCTV Act.
Versioning
Last changed on 29-10-2024.
- Security and Prevention of Misuse
Purpose and Legal Basis for Processing Your Personal Data
We process your personal data to protect you as a user of our network and services against security threats and to prevent misuse or unauthorized access. We therefore process your personal data based on a legitimate interest, cf. GDPR Art. 6, para. 1, litra f.
Categories of Personal Data
Ordinary personal data in the form of:
• Name and address
• Telephone number and email
• IP-adresser, LID ID and other technical addresses
• Logging data and traffic data
• Authorities, if required by law
Recipients or Categories of Recipients
If necessary, we may disclose your information to the following recipients:
• Our security team and external security partners
• Authorities, if required by law
Where Your Personal Data Comes From
We collect information directly from you in the event of security incidents or support requests. We may also receive information from your communications provider.
For processing a security incident, we may use automatically generated data from our security systems.
As a rule, TDC NET processes personal data within the EU/EEA area. However, it may be necessary to transfer this information to countries outside the EU/EEA, for example, in connection with IT services.
In cases where the third country is not recognized as safe by the EU Commission, TDC NET will take steps to ensure an appropriate level of data protection by entering into agreements with the recipients. This is often done through the EU Commission's standard contractual clauses, which are created to protect personal data when transferred to unsafe third countries.
Storage of Your Personal Data
Personal data is stored as long as necessary to protect our network and prevent misuse. For data related to any security incidents, the information is retained for a period necessary to handle the incidents.
Upon case closure, information is retained for 3 years plus the current year. However, in some special cases, records may need to be retained for a longer period. These cases will be reviewed annually to assess the basis for continued retention, and ultimately deleted in accordance with applicable laws and internal guidelines.
Versioning
Last changed on d. 25-10-2024.
- Whistleblower Scheme
Purpose and Legal Basis for Processing Your Personal Data
The purpose of the whistleblower scheme is to ensure that a whistleblower can quickly and confidentially – and if desired, anonymously – report violations or potential violations through a special, independent, and autonomous channel. This enables an independent and autonomous whistleblower unit to assess what actions are needed.
Personal data is processed in accordance with the Whistleblower Law and the Whistleblower Directive. The processing of ordinary and sensitive personal data is also covered by GDPR Art. 6, para. 1, litra c & Art. 9, para. 2, litra b and f.
Categories of Personal Data
Processing of personal data in connection with the whistleblower scheme includes:
• Ordinary personal data that you as a whistleblower report, as well as personal data relevant to your report, such as the name, position, and work email of the employee that the report may concern.
• Confidential personal data that you as a whistleblower report, as well as personal data requiring processing in connection with your report, such as criminal records obtained by TDC NET concerning the employees involved in the report.
• Sensitive personal data that you as a whistleblower report, as well as personal data requiring processing in connection with your report.
Recipients or Categories of Recipients
When reporting through the whistleblower scheme, your personal data is made available to the law firm Plesner, which acts as a data processor for reports received through Whistleblower by Plesner.
If your report concerns a violation of law, the information you report, about you or another, may be disclosed to the police or other authorities..
Where Your Personal Data Comes From
TDC NET processes personal data that comes directly from you when you contact us. If your report requires further investigation, TDC NET may retrieve and process automatically generated information, and obtain personal data from third parties where relevant.
Storage of Your Personal Data
Reports that turn out to be unfounded are concluded in the scheme immediately and deleted within 45 days from the determination that the report is considered unfounded.
If a report is made to the police or another authority, the data will be retained for at least as long as the investigation is ongoing with the police/authority.
Versioning
Last changed on 23-10-2024.
3. Your Rights
TDC NET respects your rights, and the personal data you provide to us is yours. You have the right to access, correct, export, and opt out of the processing of your personal data. People have different needs to protect their personal data. We strive to clearly communicate the personal data collected by us and our partners, so you can exercise your rights effectively.
Right of Access
You have the right to access the information we process about you, as well as several additional details. To protect your personal data, we need to appropriately verify your identity before granting you access to your information.
Right to Rectification
TDC NET ensures that your personal data is accurate. If you believe the data is incorrect or incomplete, we encourage you to contact us so we can correct the information.
However, we reserve the right to refuse your request if it is unfounded or if we receive repeated similar requests from you. In such cases, we reserve the right to impose an administrative fee. We also reserve the right to refuse your request if it is unreasonable. .
You can request the correction of your personal data by contacting our Customer Service. All requests will be processed as quickly as possible, and within a month, you will receive confirmation that your personal data has been corrected, or an indication of when we expect it to be done.
Right to Erasure
TDC NET has a deletion policy to ensure that no personal data is stored longer than necessary. In specific cases, you have the right to have data about you deleted before our regular general deletion period occurs.
You have the right to have your personal data deleted when:
- The personal data is no longer necessary (e.g., if you are no longer a customer, and we therefore no longer have the right to retain the data)
- You wish to withdraw your consent
- The processing of personal data is not conducted in accordance with applicable law
You can request the deletion of your personal data by contacting our Customer Service. We process all requests as quickly as possible, and within a month, you will receive confirmation that your data has been deleted, or an indication of when we expect it to be done.
Right to Restriction of Processing
You have the right to have the processing of your personal data halted if:
- You believe the personal data is incorrect. We will stop processing until we have verified the accuracy of the personal data
- The processing is unlawful. Instead of having the personal data deleted, you can request the processing be ceased
- We no longer need the personal data to fulfil the original purpose of the processing, but we need to retain the data to establish, exercise, or defend legal claims
- You object to the processing in accordance with GDPR Article 21
If the processing of your personal data is restricted, we may only store the personal data and not process it in any other way than what the restriction allows.
If you have restricted the processing of your personal data, we will inform you before potentially lifting the restriction on processing.
Right to Data Portability
You also have the right to receive your personal data, which you have provided to us, in a structured, commonly used, and machine-readable format. Additionally, you can have the data transferred to another provider.
Right to Object
You have the right to object to our otherwise lawful processing of your personal data, if the processing is based on an assessment of our and your interests and purposes.
If the objection is justified, we will limit the processing as described below.
You also have the right to object to our processing of your personal data for direct marketing purposes. If you object to this processing, we may no longer process your personal data for this purpose.
Right to Lodge a Complaint with a Supervisory Authority
You have the right to file a complaint with a supervisory authority if you are dissatisfied with how we process your personal data.
You can find the Danish Data Protection Agency's contact information at www.datatilsynet.dk.
4. How Do We Protect Your Personal Data?
To ensure that the processing of your personal data is secure, we have implemented an information security management system based on best practices such as ISO27001 and the Insurance & Pension Standard. This system includes management, processes, and other administrative, technical, and physical controls that ensure our IT environment is secure from confidentiality, integrity, and availability perspectives.
We also prioritize the systems and applications that handle your personal data. For each of these systems, we have specific security requirements and controls.
The security requirements and controls apply both to us and our subcontractors, ensuring that the entire service supply chain is secure. We conduct audits and security controls, such as vulnerability and penetration tests, both on our own systems and on the systems operated by our subcontractors.
Some of our services are also security-certified and subject to external ISAE audits.
The IT environments, systems, and applications we use to deliver customer service and products, as well as to store or process personal data, are assessed and designed to be as secure as possible.
5. Use of Machine Learning and AI
We use various methods to conduct analyses and ensure security and prevention of misuse. This includes leveraging advanced and innovative solutions such as machine learning and AI. We employ these methods because they can provide better and more useful results, which ultimately help us detect patterns and stop fraud and misuse on our network and with our services. When we use this type of technology, there will always be some form of human assessment involved to ensure we achieve the safest possible outcome.
Last changed on 10-02-2025.
6. Version control
We continually review and update the privacy notice if there are changes in our processing of personal data. Any changes will be published here, and significant changes will also be communicated directly to those registered.
Last changed on 31-10-2024.
Contact TDC NET
TDC NET is the data controller for the processing of your personal information that we have received about you. You can contact TDC NET's Privacy Compliance department at the following:
TDC NET A/S,
CVR-nr. 40075267,
Teglholmsgade 1
2450 Copenhagen SV
E-mail – compliance@tdcnet.dk
TDC NET's Data Protection Officer
If you have any questions regarding the processing of your personal data, you can contact TDC NET's data protection officer at the following contact details:
Bech-Bruun Advokatpartnerselskab
CVR nr.: 3853 8071
Langelinie Allé 35
2100 Copenhagen Ø
Telephone number – 72 27 30 02
E-mail – dpo.tdcnet@bechbruun.com