Privacy Policy

Telefónica Global Solutions, S.L.U. (“Telefónica”), as owner of this website (the “Website”), informs you that the companies of Telefónica Group are committed to respecting the privacy of users and the secrecy and security of personal data, in compliance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), as well as in the Organic Law 3/2018 of December 5, 2018, on Personal Data Protection and guarantee of digital rights and other regulations in force.

For such purposes, “Telefónica Group” shall mean: Telefónica, S.A. and any entity in which Telefónica, S.A., either directly or indirectly:

a) Owns more than 50% of the share capital, or
b) Has the power to appoint or dismiss most of the administrative members of the administrative body, or may hold most of the voting rights by virtue of agreements by virtue of agreements reached with other shareholders, or
c) Holds the management control as a result of rights, agreements or other means that grant the possibility of exercise a decisive influence on the company activities.

Our principles are:

TRANSPARENCY

We will not process your data in an unexpected, obscure or abusive way.

When we collect your personal data through our Website, you will be properly informed about: who processes your data, what is the purpose of the processing, what is the basis for the legitimacy of the processing, the possibility of exercising your rights and other relevant information. In addition, your data will be deleted according to the defined retention policy about which you will be informed and, in any case, when you request it by exercising the right of cancellation.

CONTROL

We will seek your consent whenever necessary and we will provide you with the necessary tools to access and update your personal information, as well as to decide how to manage your data, selecting the purposes for which we will process it.

SECURITY

We take care to ensure the security, secrecy and confidentiality of your data. Therefore, as part of our commitment and in compliance with current legislation, we have adopted the most demanding and robust security measures and technical means to prevent its loss, misuse or access without your authorization, undertaking to keep them secret and guaranteeing our duty to safeguard them by adopting all necessary and reasonable measures to prevent their alteration, loss and unauthorized processing or access, in accordance with the provisions of the applicable legislation.


At Telefónica your privacy is a priority, which is why we protect your information in accordance with the privacy policy you can read below. If you have any questions, please contact us at [email protected] and we will be happy to help you.

1. Who is the data controller?

Telefónica Global Solutions, S.L.U., company with registered number and with principal place of business at Madrid (Spain), C.P. 28050, Ronda de la Comunicación, s/n, Edificio Oeste1, will be responsible of the processing of your data in accordance with what we inform you in this Privacy Policy.


We also have a Data Protection Delegate who ensures compliance with data protection regulations at Telefónica, and with whom you can contact, for any questions, doubts and/or complaints you may have when we process your data, by writing to [email protected].

2. What data do we process, for what purpose and why?

Depending on the section of the Website, the data collection channel or the means by which you interact with Telefónica, your data may be processed for the following purposes:

2.1 Attention to queries raised through forms or other contact channels

  • For what? – Purposes of processing: the purpose of the processing that we pursue is to attend and to respond the queries made by users of the Website and/or, in general, people who contact Telefónica through the rest of the channels provided for this purpose.
  • Why? – Applicable legal basis: the legal basis on which we rely to carry out this purpose is the consent you have given by voluntarily contacting us.
  • What data? – Type of data: the data we process for this purpose are your identification, contact and/or professional data (e.g. name and surname, email, contact telephone number and/or company you work for), as well as the information contained in the query sent, the processing of which is necessary to provide you with a response.
  • Where does it come from? – Origin: the data that we process for this purpose is obtained from you when you complete the contact forms included on the Website and/or send us an email at the contact addresses that we make available to users, including those mentioned in this Privacy Policy.
  • Who does it belong to? – Categories of data subjects: the data that we process for this purpose relate to users of the Website or, in general, data subjects who send enquiries and any other data subjects whose data have been provided by the sender of the enquiry.
  • For how long is it retained? – Retention period: the data that we process for this purpose will be subject to the general retention criteria set out in section 3 of this Policy and, in any event, will not be kept for longer than is necessary to deal with queries and, where appropriate, to meet Telefónica’s possible responsibilities in relation to the same.

2.2 Sending regular news articles or newsletters

  • For what? – Purposes of processing: the purpose of processing we are pursuing is to send periodic newsletters by e-mail, upon request by the interested party, on the activities carried out by the Telefónica Group and the content generated by the Group through its different areas. Depending on the newsletter to which you have asked to subscribe, your data may be shared with the Telefónica Group companies responsible for it in order to process your subscription request and/or manage the associated mailings.
  • Why? – Applicable legal basis: the legal basis on which we rely to carry out this purpose is the consent given when you subscribe to the newsletters.
  • What data? – Type of data: the data we process for this purpose are your identification, professional and contact details necessary to send you the newsletter.
  • Where does it come from? – Origin: the data that we process for this purpose comes mainly from the newsletter subscription forms included on the Website, in addition to the other contact channels provided by Telefónica for this purpose.
  • Who does it belong to? – Categories of data subjects: the data we process for this purpose relate to users of the Website and data subjects in general who subscribe to the newsletters.
  • For how long is it retained? – Retention period: the data we process for this purpose will be subject to the general retention criteria set out in section 3 of this Policy.

2.3 Maintenance and management of the Website owned by Telefónica, its security and user access to it.

  • For what? – Purposes of processing: the purpose of the processing that we pursue is to maintain active and technically manage the Website owned by Telefónica that is visited by the user and to which this policy and any applicable specific conditions are applicable, to protect it against security incidents and malicious attacks that it may suffer and, in general, to enable free and continuous access to it by all Internet users. The user can find further information on the scope of this purpose in the Cookies Policy applicable to the website owned by Telefónica.
  • Why? – Applicable legal basis: the legal basis on which we rely to carry out this purpose is the legitimate interest of Telefónica, as the owner, in ensuring the availability and security of its Website for all Internet users who visit it, in accordance with the relevant legal and usage notices.
  • What data? – Type of data: the data that we process for this purpose are those, generally pseudonymized, which are obtained directly from the devices with which the user accesses and browses the Website owned by Telefónica, the processing of which is strictly necessary for the fulfilment of the aforementioned purpose.
    This website browsing data may include the user’s IP address; the date and time of connection; aggregate data on the type of audience browsing the website, such as geographical information, the device used for browsing, technology, etc.; browsing behaviour on the Website, such as the number of pages viewed, average time on the page, bounce rate, whether content is shared through social networks, etc.; as well as aggregate data on the channels from which the audience arrives: organic search, direct search, social networks or referrals.
  • Where does it come from? – Origin: the data that we process for this purpose comes from the devices with which the user accesses and browses the Website owned by Telefónica.
  • Who does it belong to? – Categories of data subjects: the data we process for this purpose comes from the devices with which the user accesses and browses the Website owned by Telefónica.
  • For how long is it retained? – Retention period : the data we process for this purpose will be subject to the general retention criteria set out in section 3 of this Policy.

2.4 Maintenance, management, access, use and security of platforms (such as, but not limited to, Telefónica’s Customer Control Centre) for authorized users.

  • For what? – Purposes of processing: the purpose of the processing that we pursue is to maintain and manage access, use and security of the platforms and the functionalities enabled therein and/or, in general, private areas that may be accessible at any time to users authorized by Telefónica and to which, in addition to this Policy, the conditions expressly accepted or agreed for this purpose shall apply; as well as through the cookies generated in the private areas as a result of the browsing of authorized users.
  • Why? – Applicable legal basis: the legal basis on which we base the processing of data of users authorized to access and use certain Telefónica platforms, in their capacity as employees of a Telefónica customer company, is the appropriate fulfilment of the commercial and/or contractual relationship maintained between Telefónica and the company in which the authorized user carries out their activity.
  • What data? – Type of data: the data that we process for this purpose are all those necessary to create, manage and maintain the authorized user’s account, as well as for their correct access and use of the Telefónica platform, as well as those obtained directly from the devices with which the user accesses and browses the Website.
  • Where does it come from? – Origin: the data that we process for this purpose are usually communicated either by the users themselves and/or, failing that, by the business customers in which these users carry out their professional activity, as well as from the devices with which the user accesses and browses the Website owned by Telefónica, the processing of which is strictly necessary for the fulfilment of the aforementioned purpose.
  • Who does it belong to? – Categories of data subjects: the data we process for this purpose refers to users authorized by Telefónica’s customer companies or collaborators to access and browse the private areas of the Website.
  • For how long is it retained? – Retention period : the data we process for this purpose will be subject to the general retention criteria set out in section 3 of this Policy.

2.5 Management of the relationship with users through Telefónica’s social networks

  • For what? – Purposes of processing: the purpose of the processing we pursue is to interact and maintain the contact with users who interact with Telefónica through the different social networks in which Telefónica has created an official account. This includes the public response to messages or public comments made by such users, appointments, attention and response to private messages through these networks, processing of the request to the Telefónica area or to the Telefónica Group company competent to deal with it, etc. If strictly necessary, your data may be shared with the relevant Telefónica Group companies for the purposes of processing and giving due attention to your request.
  • Why? – Applicable legal basis: the legal basis on which we base this purpose is the consent you give when you interact with Telefónica through the social network on which Telefónica has created an official account.
  • What data? – Type of data: the data that we process for this purpose are your public data in the profile of said social network, identification, contact and other data voluntarily shared during contact maintained through the social network or necessary to resolve the request made.
  • Where does it come from? – Origin: the data we process for this purpose comes from the social network through which you contact us and the data we obtain directly from you in this contact.
  • Who does it belong to? – Categories of data subjects: the data that we process for this purpose refers to users who contact Telefónica through the social network and any other data subjects whose data the user of the social network has been informed of when contacting Telefónica.
  • For how long is it retained? – Retention period: the data we process for this purpose will be subject to the general retention criteria set out in section 3 of this Policy.

2.6 Management of events organized by or in collaboration with Telefónica

  • For what? – Purposes of processing: The purpose of the processing that we pursue is to manage attendance and facilitate access to the event site by interested users who decide to register voluntarily for the events. In addition, we may send out evaluation surveys for events in which you choose to participate.
  • Why? – Applicable legal basis: the legal basis on which we rely to carry out this purpose is the consent you give when you apply to attend and/or participate in the relevant event.
  • What data? – Type of data: the data we process for this purpose are your identification, professional and contact details necessary to manage your registration, attendance and participation in the event.
  • Where does it come from? – Origin: the data that we process for this purpose comes from the registration forms for the events set up for this purpose, whether they belong to Telefónica and/or, where appropriate, to the other co-organizers of the events, as well as from your participation in the event.
  • Who does it belong to? – Categories of data subjects: the data we process for this purpose refers to interested users who contact Telefónica showing interest in attending or participating in events.
  • For how long is it retained? – Retention period: the data we process for this purpose will be subject to the general retention criteria set out in the following section of this Policy.

2.7 Sending commercial or advertising communications about Telefónica’s products and services.

  • For what? – Purposes of processing: the purpose of the processing we are pursuing is to send commercial information, including by electronic means, about Telefónica’s products and services.
  • Why? – Applicable legal basis: the legal basis on which we rely to carry out this purpose is the express consent of the recipient as a general rule, all in accordance with the applicable regulations.
  • What data? – Type of data: the data we process for this purpose are your identification, professional and contact data necessary to manage the shipment.
  • Where does it come from? – Origin: the data that we process for this purpose comes from the forms and/or other means of data collection provided for this purpose by Telefónica.
  • Who does it belong to? – Categories of data subjects: the data we process for this purpose relates to interested users who contact Telefónica showing an interest in receiving commercial information.
  • For how long is it retained? – Retention period: the data we process for this purpose will be subject to the general retention criteria set out in the following section of this Policy.

2.8 Improving customer satisfaction

  • For what? – Purposes of processing: the purpose of the processing that we pursue is to improve the satisfaction of our customers, attending to and responding to suggestions related to our products, services, procedures or attention in general made by users of the Website and/or, in general, people who contact Telefónica through the rest of the channels provided for this purpose. Once the suggestion has been dealt with, your data will also be processed in order to contact you and find out how satisfied you are with it.
  • Why? – Applicable legal basis: the legal basis on which we rely to carry out this purpose is the consent you have given by voluntarily contacting us.
  • What data? – Type of data: the data we process for this purpose are your identification, contact and/or professional data (e.g. name and surname, email, contact telephone number and/or company you work for), as well as the information contained in the query sent, the processing of which is necessary to provide you with a response.
  • Where does it come from? – Origin: the data that we process for this purpose is obtained from you when you complete the contact forms included on the Website and/or send us an email at the contact addresses that we make available to users, including those mentioned in this Privacy Policy.
  • Who does it belong to? – Categories of data subjects: the data that we process for this purpose relates to users of the Website or, in general, data subjects who send suggestions or queries and any other data subjects whose data have been provided by the sender of the query.
  • For how long is it retained? – Retention period: the data that we process for this purpose will be subject to the general retention criteria set out in section 3 of this Policy and, in any event, will not be kept for longer than is necessary to deal with queries and, where appropriate, to meet Telefónica’s possible responsibilities in relation to the same. However, once the suggestion has been dealt with, the message may be anonymised, eliminating all personal data that could identify you, keeping the record of opinions in order to improve the processes, products and services provided by the organisation.

2.9 Provision of telecommunications services, the establishment and operation of telecommunications networks, as well as the provision and operation of information and communications technologies and services.

  • For what? – Purposes of processing: the purpose of the processing we are pursuing is the provision of our services, as well as the reception or delivery at destination and management of telecommunications signaling. Likewise, the data may be processed for (i) billing customers for the contracted communications; (ii) interconnection of communications with other operators; (iii) control of fraud, its own or its customers’; (iv) security of the networks and of the equipment connected to them, both its own and its customers’; (v) correct dimensioning of the network and of the resources assigned to it; (vi) guaranteeing the correct quality of its services; or (vii) any other related to the provision of these services.
  • Why? – Applicable legal basis: the legal basis on which we rely to carry out this purpose is the legitimate interest of Telefónica in the provision of its services, as well as that of its corporate customers and telecommunications operators for the correct processing of their communications.
  • What data? – Type of data: the data we process for this purpose may include data relating to the origin, destination, duration, data volume and timing of the communication, cell location data and/or device identification data, IP address or other unique identifiers, depending on the characteristics of the specific service provided, necessary to carry out an electronic communication.
  • Where does it come from? – Origin: the data that we process for this purpose is obtained from the provision of the services.
  • Who does it belong to? – Categories of data subjects: the data we process for this purpose relates to the users concerned because of the provision of the services. However, Telefónica does not offer services to individuals, only to legal entities, so we generally do not have access to information that would allow us to directly determine the identity of individuals using Telefónica’s communications services.
  • For how long is it retained? – Retention period: the data we process for this purpose will be subject to the general retention criteria set out in section 3 of this Policy below.


3. 
How long do we retain your data?

In general, we will retain your data for the time necessary to fulfil the purpose described in each processing activity and to determine any liability that may arise from that purpose.

By way of example, Telefónica has established a series of retention periods that will be applicable depending on the purpose and the legitimate basis applicable to each processing activity, unless a different period has been specified in this Policy and/or in the specific conditions or conditions for the provision of each of Telefónica’s products and services:

3.1 In order to carry out the processing related to the execution of the contract signed with suppliers and/or B2B customers, whether wholesalers or retailers, the data will be kept for the time strictly necessary to comply with the purposes required for each product or service contracted.

3.2 In application of civil, commercial and tax legislation, data related to the contracting and invoicing of products and services contracted by or from Telefónica will generally be stored for a minimum period of 6 years from the termination of the B2B customer or supplier.

In any case, your data will be kept in accordance with the retention criteria or specific periods that we inform you of in each case, described in each data processing activity and, where appropriate, until you withdraw your consent and/or object to the processing of your data. In this regard, we will do our best to provide you with an automatic and simple mechanism for you to withdraw the consent granted and/or to object to the processing and, in any case, we are at your disposal at the mailing address for exercising your rights as indicated in section 6 of this Policy.

Finally, please note that after the above deadlines, the data may be destroyed, blocked or anonymized, as appropriate, and in accordance with the provisions of the law. Consequently, it is hereby informed that the data processed may be subject to an irreversible anonymization process in compliance, in any case, with the Code of good practices in data protection for Big Data projects, as well as the Guidelines and guarantees in personal data anonymization procedures published by the Spanish Data Protection Agency with the aim of using all the guarantees established in the legislation, as well as any other measures permitted by the market and technology. In this respect, it should be noted that the principles of personal data protection do not apply to anonymous information.

4. Who do we share your date with and for what reason? 

In order to carry out the processing purposes described above, we may (i) disclose your data to other operators or providers of electronic communications services, where such disclosure is necessary to process the communication; and/or (ii) make use of authorized subcontractors acting on behalf of and in the name of Telefónica, as processors (e.g. internet service providers, data hosting and technical support providers, platform providers, email providers, security service providers, etc.) and contractually subject to our instructions, solely for the lawful purposes described above. Internet service providers, data hosting and technical support providers, platform providers, e-mail providers, security service providers, etc.) and contractually subject to our instructions, only for the lawful purposes described above and only for the period strictly necessary for such purposes.

In particular, this involves giving access to your data to:

4.1 Operators or providers of electronic communications services in order to process communications. For example, it will be necessary to communicate your data to the operator terminating the call, as well as to other operators carrying the call.

4.2 Suppliers, as well as the companies they subcontract to, which help to fulfil the purposes described in section 2 of this Policy and/or to communicate and be in contact with you (e.g. Microsoft as our provider of Office 365 and SharePoint tools).

4.3 In the event that we need to share your information with other third parties (e.g. sponsors of events for which you have voluntarily registered or another Telefónica Group company for the proper management of such events), we will inform you accordingly and collect the necessary authorizations to do so. Such access will only be for lawful purposes and for the period of time strictly necessary to do so.


In line with the above, we also inform you that, to the extent strictly necessary to comply with the purposes stated above, your data may be shared with other companies or entities belonging to or linked to the Telefónica Group, for processing under their responsibility and always for the same purposes stated in this Policy. The companies or entities belonging to or linked to the Telefónica Group to which your data may be shared can be consulted on the website http://www.telefonica.com/.

In addition, where there is a legal obligation or requirement to do so, we may disclose your data to the competent public authorities in accordance with such legal obligation or requirement.

5. International Data Transfers

Where authorized subcontractors acting on behalf of Telefónica or the above-mentioned recipients are located or process your data outside the European Economic Area, we will be making an international transfer of your data in accordance with the provisions of data protection law. In general, we will avoid international transfers and your data will be processed within the European Economic Area. However, where necessary, we will take such organisational, technical and contractual measures as may be necessary to ensure the protection and security of your data, such as, for example, signing the European Commission’s Standard Contractual Clauses with the authorized subcontractor or third party transferee, carrying out impact assessments on the international transfer in question to assess the risk and take measures to mitigate it, encryption of data in transit or at rest, pseudonymization of the data subject to the international transfer, the possibility for the data subject to claim damages directly against the authorized subcontractor or third party transferee, etc.

6. What rights do you have as data subject regarding your data?

As a data subject, data protection regulations grant you certain rights over your data which, depending on how they apply, you may exercise against Telefónica. Here’s what they are and how you can exercise them. We also inform you that on the website of the Spanish Data Protection Agency (http://www.aepd.es/) you can find more information on the characteristics of these rights and download templates to exercise each of them.

  • Right to withdraw the consent given: this is your right to withdraw your consent to the processing of your data for the purposes that are legitimate on that basis, at any time and in an easy way.
  • Right of access : this is your right to ask us for details of the data we hold about you and how we process it, and to obtain a copy of it.
  • Right of rectification: this is your right to obtain the rectification of your inaccurate or erroneous data, as well as to complete incomplete data.
  • Right of erasure: this is your right to request deletion or suppression of your data and information in certain circumstances. However, please note that there are certain occasions when we are legally entitled to continue to store and process your data, for example, in order to comply with a legal obligation to retain data.
  • Right of restriction: this is your right to restrict or limit the processing of your data in certain circumstances. For example, if you apply for deletion of data, but, instead of deleting it, you would prefer that we block it and process it only for retention purposes because you will need it later to make a complaint. Again, please note that there may be times when we are legally entitled to refuse your request for a restriction.
  • Right to object: this is your right to object to us processing your data for a specific purpose, in certain circumstances provided for by law and related to your personal situation.
  • Right to portability: this is your right to ask us to receive your personal data in a structured, commonly used, machine-readable and interoperable format and to transmit it to another data controller, provided that we process your data by automated means.
  • Right not to be subject to automated individual decisions: this is your right to ask us not to subject you, in certain circumstances, to a decision based solely on automated processing of your data, including profiling, that produces legal effects concerning you or similarly significantly affects you.

In general, you may exercise these rights at any time and free of charge by contacting Telefónica at [email protected]. Likewise, in general, other options for withdrawal of consent and opposition may be made available to the user.

It is important to bear in mind that when you exercise a right, in most cases, you must clearly specify which right you are exercising and provide a copy of a document proving your identity.

Any exercise of rights shall be answered within a maximum period of one month, which may be extended by two months if necessary, taking into account the complexity of the request and the number of requests.

Finally, in the event that you do not agree with the way in which your data are handled by Telefónica, you have the right to lodge a complaint with the national supervisory authority by contacting the Spanish Data Protection Agency, whose contact details are as follows:

Agencia Española de Protección de Datos

C/ Jorge Juan, 6 – C.P. 28001, Madrid (Spain)


If you are a customer of an operator that uses Telefónica to manage your communications, the correct and most efficient way of attending to your rights is through your operator to which Telefónica provides services, which will contact us for this purpose if it deems it necessary.

7. EU-US Data Privacy Framework

Telefónica’s U.S. affiliate, Telefonica Global Solutions USA, Inc. (“U.S. Affiliate”), complies with the EU-U.S. Data Privacy Framework and the UK Extension to the EU-U.S. Data Privacy Framework (“DPF”) regarding the collection, use and retention of personal information from European Union and European Economic Area member countries and the United Kingdom. 

Our U.S. Affiliate has certified with the Department of Commerce that it adheres to the Data Privacy Framework Principles (EU-U.S. DPF Principles). If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework Principles visit https://www.dataprivacyframework.gov/. You may view our certification by searching the Data Privacy Framework List available on the DPF web site.

If you have any inquiries or complaints about our U.S. Affiliate’s handling of your personal information under the Data Privacy Framework, or about our privacy practices generally, please contact us at: [email protected] or through our EU Representative, Telefónica Global Solutions, S.L.U., using the contact information detailed in Section 1 of this Privacy Policy. For any unresolved complaints related to the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF that our U.S. Affiliate cannot resolve directly, we have chosen to cooperate and comply with the advice of the relevant EU Data Protection Authority, or a panel established by the European data protection authorities, for resolving disputes with EU individuals and the UK Information Commissioner ’s Office (ICO) for UK individuals. To know the contact information of your relevant EU Data Protection Authority, please refer to this link and select the applicable country. If neither U.S. Affiliate nor the the relevant authority for EU or UK citizens resolves your complaint, you may pursue binding arbitration through the Data Privacy Framework Panel. To learn more about the Data Privacy Framework Panel, visit here.

The type of personal information collected by our U.S. Affiliate and the purposes for which said personal information is used are described in Section 3 of this Privacy Policy. Our U.S. Affiliate may sometimes provide personal information to third parties as explained in Section 4 of this Privacy Policy. If we transfer personal information received under the DPF to a third party, the third party’s access, use and disclosure of the personal information must also be in compliance with our DPF obligations, and we will remain liable under the DPF for any failure to do so by the third party unless we prove we are not responsible for the event giving rise to the damage.

As explained in Section 6 of this Privacy Policy, you have the right to access and control your personal data, as well as make choices about the collection and use of your data by our U.S. Affiliate.

Our U.S. Affiliate is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). We may be required to disclose personal information that we handle under the DPF in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

8. Further processing of data and changes to the Privacy Policy

Telefónica reserves the right to update this Privacy Policy at any time. Any such update will be made public by Telefónica, in any case.

**********


For further information, please note that you can also consult Telefónica’s Global Privacy Policy and Global Security Policy, which also apply generally to our company as a company belonging to the Telefónica Group.

Last update

Privacy Policy updated March 2024.