Data Protection Statement of Telenor Hungary

This statement was last updated on: 25 May 2018

Data protection is very important to us, and we wish to be transparent about how we collect and use your personal data. Please read this statement thoroughly and contact us if you have any questions or queries.

This statement contains information on your rights related to your personal data, and lets you know the principles that Telenor Hungary follows in the course of processing your personal data. The document below contains the general conditions of personal data processing; as such, it is applicable to the use of all of the services, products and websites of Telenor Hungary, including any products or services provided together with our partners. In addition, depending on the product or service concerned, other special conditions may be applicable as well. Please read these terms and conditions carefully, as both the statement and the special conditions contain obligations that you must meet, if you choose to use our services. Special conditions shall apply where there is a contradiction between the general conditions set out in this document and such special conditions.

1.  The data processing principles of Telenor Hungary


Telenor Magyarország Zrt. (Telenor Hungary Ltd., hereinafter: Telenor Hungary or Telenor) is a business association with its registered address at H-2045 Törökbálint, Pannon út 1, registered by the Pest County Court as Court of Registration under company registration number 13-10-040409. 

Our objective is to comply with the applicable requirements in the course of our data processing, and to ensure that all of our customers are able to rest assured when it comes to entrusting us with their personal data. To this end, the following fundamental data protection principles are applied:

  1. Your personal data will be processed in accordance with the provisions of this statement and the applicable laws.
  2. We will do everything that can be reasonably expected in order to make the processing of your personal data transparent, and we are at your service if any questions arise.
  3. Personal data are only processed for specified, explicit and legitimate purposes, and only in the manner and for the duration needed for these purposes. We take every reasonable step to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay. We also ensure the appropriate storage of personal data, as well as the observance of the principle of data minimisation in the course of our data processing activities. 
  4. Your personal data are protected through appropriate security measures, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage.
  5. Our products and services are developed with data protection aspects in mind. This means that the protection and appropriate processing of your data is a key priority for us, and that we endeavour to do everything in our power to make sure that the products and services we develop come with appropriate built-in data protection safeguards, and that any special considerations are already assessed during the planning phase in order to make sure that we provide you with the best possible service.

Back to table of contents

2.  Legal background of the processing of personal data


While processing your personal data, we act in accordance with the above data protection principles and the applicable laws.

(a)  Act C of 2003 on Electronic Communications (Electronic Communications Act);

(b)  Act CXII of 2011 on Informational Self-Determination and Freedom of Information (Privacy Act);

(c)  Act CVIII of 2001 on Certain Issues of Electronic Commerce Services and Information Society-Related Services (E-commerce Act);

(d)  Act XLVIII of 2008 on the Essential Conditions of and Certain Limitations on Business Advertising (Advertising Act);

(e)  Act CLXV of 2013 on Complaints and Public Interest Disclosures;

(f)  Decree No. 2/2015 (III. 30) of the National Media and Infocommunications Authority on the detailed rules of subscription contracts in the field of electronic communications (Subscription Agreement Decree);

(g)  Decree No. 4/2012 (I. 24.) of the National Media and Infocommunications Authority on the confidentiality and data protection obligations related to public electronic communications services, on the special conditions of data processing and confidentiality, on the security and integrity of networks and services, on the management of traffic and invoice data and the rules of calling line identification and call forwarding (NMIA Decree 4/2012);

(h)  Commission Regulation (EU) No 611/2013 of 24 June 2013 on the measures applicable to the notification of personal data breaches under Directive 2002/58/EC of the European Parliament and of the Council (Electronic Communications Directive) on privacy and electronic communications (Regulation 611/2013/EU);

(i)  Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation (hereinafter: GDPR)).

Back to table of contents

3.  Everyday data processing


The type of personal data collected and the method used to collect the personal data depends on the purpose of the data collection, which, in turn, is in line with the products and services used by you. In general, we collect and use your personal data, if:

  • the data are required to provide the product or service used by you and/or for the conclusion or performance of the contract concluded with you, 
  • the data are indispensable for handling your complaints or comments that may arise;
  • we are required by law to collect and process the data;
  • the data are necessary in order to improve your user experience;
  • the data are required to ensure appropriate product and service quality, or to improve that quality; or
  • You have consented to the collection and use of your data for a particular purpose, such as participating in a prize competition.

We can collect data about you from other sources as well.

The type of personal data we collect and the method we use to collect the data also depends on whether you are already a subscriber to one of our services, or if, for example, you are only browsing through our offers on our website.

If you are using one of our electronic communication services as a subscriber, you can find detailed information on data protection in Annex 2 to the General Terms and Conditions (“The processing of Subscribers’ and users’ personal data at Telenor Hungary Ltd. (Privacy Notice”).

If you are using one of our mobile applications, the Privacy Notice provided at the time of downloading the application will be applicable to the processing of your personal data with regard to the use of the mobile application. The Privacy Notice can also be accessed subsequently from our application. 

If you are browsing through our websites or are using a service available on one of our websites, in addition to this information document you can find additional information on data protection in the document entitled “Legal disclaimer and terms of service”. Additional conditions and provisions may be applicable to certain services available on our websites; additional information on these may be found on the associated websites where the given service or product is offered.

Telenor operates a compliance hotline that you can use to report breaches of laws, Telenor’s Code of Ethics or Telenor’s internal regulations. If you report an incident, your personal data will be subject to processing. You can find detailed information on the reporting process and processing personal data in the document entitled “Notice on compliance reports”. 

If you are using one of our mobile applications, the Privacy Notice provided at the time of downloading the application will be applicable to the processing of your personal data with regard to the use of the mobile application. The Privacy Notice can also be accessed subsequently from our application, or through the following link

Telenor Hungary processes your personal data based on different legal bases during each data processing activity. Subscribers can find detailed information on the various data processing activities in the Privacy Notice. The legal bases used in the case of web-based products and applications are detailed in the relevant notices. 

The possible legal basis for our data processing activities, in general, are the following: 

  • consent, if you have given consent to the processing of your personal data for one or more specific purposes;
  • the processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract;
  • compliance with a legal obligation to which Telenor is subject;
  • processing is necessary in order to protect your or another natural person’s vital interests;
  • processing is necessary for the purposes of the legitimate interests pursued by Telenor or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require the protection of personal data.

Information is always provided on the legal basis of data processing for a given data processing purpose in the privacy notice applicable to the data processing at hand. 

Back to table of contents

4.  The various data processing activities at Telenor


The purpose of the data processing conducted on our websites and other digital platforms is to ensure that we are able to provide you with the best possible quality of digital experience. The data processing may be linked to the use or purchase of services and products, which requires that we identify you. Improving the online user experience is achieved by applying a variety of digital technologies; these allow us to provide you with personalised offers or products and services that are relevant to you on our website or mobile application. In addition, if you are also using our services as a subscriber, your data is also being processed during the use of the given service or product, as follows:

The detailed privacy notices relevant to Telenor’s various data processing activities are available through the following link:[*]

4.1.  Information required for the provision of services

The personal data provided by you (e.g. name, address, other data that can be used for identification purposes; contact information, e.g. email address), and the data that we collect about you (e.g. product usage data, network use data) are used in connection with the services used by you. Act C of 2003 on Electronic Communications (Electronic Communications Act), under Chapter XVII Data Handling Regulations, stipulates that the service provider may handle the personal data as necessary and sufficient for the identification of the user or subscriber with a view to concluding an electronic communications service contract, specifying its content, amending it, monitoring its performance, billing the fees originating from it and enforcing the related claims; more information on what is necessary and sufficient personal data to identify the subscriber is contained in the Privacy Notice.

4.1.1  In order to be able to provide our services to you, such as any of our tariff packages, the Telenor Wallet or MyTv services, etc., we require certain personal data.

These include:

(a)    your name, telephone number, email address, postal address, date of birth and other data that you provide when registering for our services or concluding a contract with us;
(b)    information related to payment, such as bank card data or other banking and payment data, that you also provide while concluding the contract.

These data are typically collected in the following cases:

(a)    when you register for one of our products or services, or 
(b)    when you purchase or use one of our products or services;
(c)    or when you subscribe to our newsletters or promotions pertaining to our products or services; or
(d)    when you request information or have questions or feedback regarding one of our products or services or our website.

These data are typically used

  • to provide the given service or product;
  • to process data related to your contract;
  • to conduct credit-rating checks,
  • to meet payment terms; and
  • to communicate with you.

4.1.2  Other data also need to be processed in order to be able to provide our services

We can collect other data on you while you are using our products, services or web pages. These data may include:

(a)    data related to your contract (for example, the end date of your loyalty period) and data related to your communication with us (e.g., your queries addressed to our customer service, your feedback and data related to your compliance with payment terms and invoicing dates);
(b)    product use data, such as the date you last used an application, how long you spent using a certain application, or how much you spent on a given product or service;
(c)    network data, including the data on mobile calls and short text messages (e.g. the dates of the calls and short text messages originated or received by you (but not their content), or the duration of the calls originated or received on our network);
(d)    positioning data (not recorded as a geographical address, but as cell data), when:

(i)    you use our telecommunications services, such as placing a call or sending a short text message, or use our broadband services;
(ii)    an emergency call is placed (during such an occurrence, the party receiving the emergency call must be provided with the subscriber’s location data);
(iii)    it is essential for investigating customer complaints;
(iv)    you use one of our location-based services, if you subscribe to such a Telenor service; or when
(v)    you register for certain location-based promotional activities.

(e)    The technical and analytical data generated during your use of different online services, for example, when you visit one of our websites and/or use one of our online services (browsing, online purchases, online service manipulation, chat, email, downloads, software updates, video streaming, etc.). A part of these data is stored as cookies and cannot necessarily be used to identify you personally, but it makes it possible for us to improve the quality of our services and to provide our clients with personalised solutions. The technical data we collect may include:

(i)    data relevant to your device, such as the serial number, type and version of your mobile device;
(ii)    network identifiers, i.e., IP addresses and port numbers;
(iii)    operating system, browser types, and their version numbers;
(iv)    type and category of service available online, such as browsing, social media/Facebook, etc.); 
(v)    time, location and mode of your use of the service and the log data;

analytical data on your visit to our website and your use of our mobile application, including on where you navigated to our page from, which pages you visited on our website, which of our services and products you viewed and searched for, as well as the duration of your visit and your interactions with us. Telenor does not process the content of the services available online (e.g. the content of chat conversations, articles, voice calls, emails, images, videos, list of downloaded files, etc.) or user names and passwords, results of online search engines, and GPS accurate actual or historical location data (only cell codes), thereby guaranteeing the protection of your privacy, and the enforcement of the data processing principle of data minimisation.

We usually use the data to:

  • meet other obligations related to the provision of the service (for example, troubleshooting tasks or data provision requests related to network quality), or 
  • ensure that we are able to bill the fees payable for the services and products provided, and if necessary to collect any outstanding receivables;
  • use the recorded communication data for quality assurance purposes, to handle feedback, and to ensure the availability of customer service activities; 
  • improve the customer experience (e.g. for the purposes of network management and network optimisation);
  • develop our services by making sure we understand your behaviour and preferences;
  • create a customer profile of you in order to send you personalised content and marketing materials suited to your interests, and to be able to offer more relevant user experience, products and services, and to ensure that we do not offer products and services that do not interest you. With the help of these data, we can also try to ascertain whether you are satisfied with our personalised services;
  • analyse the use of our networks and services, in order to be able to identify general trends, and to create new services for our customers;

You have the right to object to the data processing by contacting us using the contact information provided, and if the data processing is based on consent, you also have the right to withdraw your consent, with the proviso that withdrawing your consent will not affect the legality of the data processing conducted on the basis of your previous consent. 

4.2.  Security of services provided to you

The data available to us are also used to maintain the security and safety of our services and communities:

  • we have the right to investigate any suspicious or illegal activities in breach of our terms of service or the applicable laws, and to take steps against them; and
  • to share your data with the competent authorities, if such an official request is received from the authorities concerned, e.g. in the interest of performing its duties, the authority requests information about you. 
4.3.  Provision of offers, promotions, prize competitions and other types of data processing conducted with your consent

We can also collect and process data associated with you, which you have authorised us to collect and process by way of consent. These may include, for example, personal data that are necessary for us to be able to provide you with an appropriate offer, or which you provided us with by participating in one of our prize competitions, draws and surveys, or the data you provided in the course of other promotional activities (e.g. promotional campaigns) and on one of our distribution channels, if, pursuant to the applicable laws, your consent was required for the collection and processing of the data you provided. You may find detailed information on the data categories we process based on your consent in the relevant privacy notices. 

You may withdraw your consent at any time using our company’s contact details.

4.4.    Processing of personal data collected from other sources

(a)  In certain cases, we may also collect personal data on you from third parties, for example in the event of number porting for the purpose of providing the number porting service.

4.5.  The transfer of your personal data to third parties in the course of the provision of Telenor services

In the interest of the full implementation of our services, it is required that some of your personal data are transferred to third parties – on a temporary basis – for the purpose of data processing. If, for example, an online payment is made in the course of using the netshop service, the number of the credit card needed to make a payment is transferred to the financial institution service provider, but we do not store the credit card number in our systems. If you also require the delivery of the purchased product, we hand over the product to be delivered, as well as its price, the name of the recipient and the postal address specified for delivery, to our delivery partner. Without consent to such a data transfer, personal data may not be processed in this manner.

The third parties to which we transfer your data give us guarantees that their data processing is conducted in compliance with the relevant data protection principles, this data protection statement and the provisions of the applicable laws.

Your personal data may be shared with the following third parties:

(a)    any company that is a member or subsidiary of the Telenor Group;
(b)    data processors acting on their behalf in respect of, for example, performance of postal services, performance of device repair tasks, systems operations, etc.);
(c)    third parties that provide services for the use of which you have granted consent, such as pay-parking);
(d)    law-enforcement bodies and other authorities, where we are under an obligation to cooperate for law-enforcement or other purposes; and
(e)    third party operators, such as collection agencies or credit rating companies.

 
Unless otherwise stipulated in the applicable legal regulations, Telenor Hungary only shares your personal data with third parties after the conclusion of a contract with the given data recipient. Click on the link below to view our partners.

In the interest of supporting its sales or customer management activities, Telenor Hungary uses data processors (e.g. operation of sales points, making telesales calls, recording and investigation of customer complaints, etc.), for the performance of which activities these data processors may access certain personal data stored in the systems of Telenor Hungary.

To guard certain facilities (e.g. stores), Telenor Hungary uses the services of third parties that, in certain cases and to the extent required for the performance of guarding duties, may become aware of your personal data (e.g. checking the recordings stored on security cameras at the stores).

Telenor Hungary forwards the devices submitted for inspection or repairs to third-party subcontractors, in which case these contracted partners may gain access to personal data stored on the devices and may also become aware of the personal data contained in the work acceptance report drawn up for such repairs.

For the purpose of its own operation and the provision of certain services, Telenor Hungary uses information technology (IT) services provided by its contracted partners, which, acting as data processors, may become aware of some of your personal data.

Telenor Hungary uses third-party data processors for the performance of logistics and data storage tasks (e.g. handling and storage of products and documentation).

The delivery of certain products and consignments is performed by contracted partners on behalf of Telenor Hungary; these partners qualify as data controllers pursuant to Section 54 (1) of Act CLIX of 2012 on Postal Services.

Telenor Hungary uses the services of third-party data processors for the performance of complaint handling and troubleshooting tasks, in the course of which the data needed to respond to complaints or repair faults may be processed.

Telenor Hungary uses third-party data processors to perform invoice printing and sending tasks.

In the interest of optimising advertising displayed in electronic form, Telenor Hungary may transfer certain personal data to service providers operating online search engines and social media networks. 

4.6.  Data processing related to debt collection

Telenor Hungary may engage external service providers to collect its outstanding debts or may transfer its claims to third-party collection agencies (factoring), pursuant to the applicable provisions of Act V of 2013 on the Civil Code, as such, amongst others, Section 6:193-204. In such cases, the personal data processed for the purpose of collecting debts are transferred to these external service providers or collection agencies. More information on the matter is contained in the Privacy Notice.

Telenor Hungary uses the following third-party data processors to perform debt collection tasks:

  • Creditexpress Magyarország Kft. (company registration number: 01-09-677951, registered address: H-1146 Budapest, Hungária krt. 179-187);
  • Ecovis Holding Kft. (company registration number: 01-09-874037, registered address: H-1036 Budapest, Bécsi út 52);
  • Vitári Law Office (Budapest Bar Association registration no. 448, registered address: H-1089 Budapest, Gaál Mózes u. 5-7);
  • E.R.T. Hungary Kft. (company registration number: 01-09-888186, registered address: H-1145 Budapest, Újvilág u. 50-52);
  • Consequence Europe Magyarország Kft. (company registration number: 01-09-721680, registered address: H-1013 Budapest, Pauler utca 11);
  • SOLVENTIS Követeléskezelő Kft. (company registration number: 07-09-019231, registered address: H-8000 Székesfehérvár, Milleniumi utca 11).

Telenor Hungary has a contractual relationship with a collection agency (Intrum Justitia Zrt. (registered address: H-1139 Budapest, Papp Károly u. 4-6, company registration number: 01-10-044857)) and, pursuant to the provisions of the Civil Code on the assignment of claims, it may transfer certain claims to it.

4.7.   Data related to the reporting and management of network problems

Pursuant to the agreement between Telenor Hungary and Magyar Telekom Zrt. (registered address: H-1012 Budapest, Krisztina krt. 55, Hungary, company registration number: 01-10-041928) pertaining to the shared LTE 800 MHz 4G mobile telecommunications network, for the purposes of complying with legal obligations (Section 141 of the Electronic Communications Act) and the enforcement of legitimate interests and/or the performance of a contract, as data controller it shares data with Magyar Telekom Zrt. The purpose of such sharing of data is the handling of complaints regarding network-related problems, including, among others, troubleshooting, complaint handling and the notification of subscribers of measures taken. The categories of personal data shared for such a purpose are listed in the Privacy Notice.

In the activity related to the operation of the network, Telenor Common Operation Zrt. cooperates as data processor with Telenor Hungary, and its branch offices in Serbia and Montenegro may also be involved in this activity.

  • Name, address and company registration number of Serbian branch office: Telenor Common Operation Ogranak Beograd (address: Omladinskih brigade 90, 11070 Belgrade, company registration number: 29505365)
  • Name, address and company registration number of Montenegro branch office: Telenor Common Operation Zrt. Dio stranog drustva Podgorica (address: Rimski trg 4, 81000 Podgorica, company registration number: 02952165).

Back to table of contents

5.  International data transfer


Taking advantage of our strong international presence and operation, at times we use partners, service providers and technical infrastructure (e.g. servers) that are not located in your country of residence or where the service is used.

We are aware that transferring your data from your country of residence to another country carries data protection and security risks; we therefore only transfer data to a receiving party that employs adequate security measures, for example, in respect of the valid legal basis for data transfer. In respect of the subscribers of Telenor’s organisations within the EEA, we undertake to strive to have the EU model conditions pertaining to international data transfers observed and to act in line with the Privacy Shieldframework. In respect of the subscribers of Telenor’s organisations outside the EEA, we undertake to conclude contracts with our partners that ensure data protection and the security of data transfers.

The single data protection terms and conditions are available to view here. In addition, you may also request these terms and conditions directly from us.

Back to table of contents

6.  How we protect your personal data


Taking into account the risks of varying likelihood and severity, Telenor implements the appropriate technical and organisational measures to ensure the security and safety of your personal data.

If Telenor processes your data based on its own or a third party’s legitimate interests, you have the right to object to data processing.

We ensure the security of your personal data by implementing the following measures:

a.    When we process your data through other operators or data processors, we ensure at all times that the given operators and data processors apply the appropriate technical and organisational measures in order to ensure that the data are kept secure. Such control mechanisms include controlling access to the data and the infrastructure that houses the data, as well as the entry into agreements with the third party that sets out a requirement of compliance with the applicable laws. When developing our products and services, we are already paying attention to integrating and establishing appropriate data protection guarantees.

b.    When you use your telephone number or username and password to log in to your My Telenor account to use one of our services, we encrypt all data using a cryptographic protocol such as Transport Layer Security (TLS) or Secure Sockets Layer (SSL) encryption. We also apply such cryptographic protocols on all web pages where we collect personal data. Purchases through such web pages can only be made using browsers that support TLS or SSL (e.g. Internet Explorer, Safari, Firefox or Chrome). This means that your personal data are protected during the transfer online;

c.    If you have a username and password that provide access to our services and you have been inactive for some time, you are automatically logged out of your account to ensure the safety of your data;

d.    If needed, we use data protection impact analyses to gauge how a given activity would impact the safety of your personal data.

Back to table of contents

7.  How long we store your personal data


Your personal data are only stored for legitimate purposes, for the duration needed for these purposes. When such data are no longer needed, they are erased.

The retention periods applied to the various data processing purposes are detailed within our relevant privacy notices. Data retention periods may vary greatly; for instance, video recordings created for security purposes must be retained for 3 days pursuant to the applicable law, whereas pursuant to Act C of 2000 on Accounting, accounting documents – and their attachments – that directly or indirectly support accounting (e.g. bills issued on subscriber fees) must be retained for 8 years.

Back to table of contents

8.  Your rights and their enforcement


It is important for us that you are fully aware of your rights in respect of personal data. 

Pursuant to Articles 15-20 of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation (hereinafter: GDPR)), you have the following rights in respect of your personal data processed by Telenor:

a)    the right of access;
b)    right to request rectification;
c)    the right to request the erasure of data;
d)    the right to request restriction of processing;
e)    the right to object to the processing of your personal data;
f)    the right to receive the personal data and the right to transfer those data to another data controller if the statutory prerequisites for this exist (right to data portability);
g)    if personal data are processed on the basis of consent, the right to withdraw consent at any time.

You may send your request regarding the exercise of your rights using the specified contact details, which are as follows: via email to adatvedelem@telenor.hu, or by post to 2045 Törökbálint, Pannon út 1, Hungary, over the phone at 1220 or in person at Telenor’s customer service and sales points. Up-to-date information on the contact details of Telenor’s Customer Service Points (and Sales Partners) are available at http://www.telenor.hu/elerhetoseg/uzletkereso/.

Information on data processing may be requested free of charge once a year. As a general rule, should the data subject again request information with respect to the same scope of data in the same year, Telenor Hungary is entitled to ask for the reimbursement of its costs (HUF 500/audio recording, HUF 5/sheet). Telenor Hungary reserves the right to determine the amount and due date of reimbursement based on the individual circumstances of the given case. 

Telenor provides information on the measures taken as a result of the request received without undue delay, but typically within 30 days of the receipt of such a request. If Telenor takes no measures, it provides information on the reasons for not taking measures without delay, but typically within 30 days of the receipt of the request. If you do not agree with Telenor’s response or measures, there are avenues of legal remedy available to you. Telenor shall communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. Upon request, Telenor provides information on the recipients.

If you feel your rights have been violated, you may turn to the court or lodge a complaint with the Hungarian National Authority for Data Protection and Freedom of Information (NAIH, registered address: H-1125 Budapest, Szilágyi Erzsébet fasor 22/c; telephone number: +36 1 391 1400; fax: +36 1 391 1410; email: ugyfelszolgalat@naih.hu).

If you require more detailed information on your data protection rights, read the information below or contact us.

Right of access

You have the right to obtain from Telenor confirmation as to whether or not personal data concerning you are being processed and, where that is the case, access to the personal data and information on the circumstances of data processing. The information requested may cover the following data: the purposes of the processing; the categories of personal data concerned; the recipients or categories of recipients to whom the personal data have been or will be disclosed by Telenor, the envisaged period for which the personal data will be stored, or, if the personal data are not collected directly from you, any available information as to their source. 

Rectification

You have the right to obtain from Telenor without undue delay the rectification of inaccurate personal data, and to have incomplete personal data completed. 

Right to erasure (‘right to be forgotten’) 

You shall have the right to obtain from Telenor the erasure of personal data concerning you without undue delay where one of the following grounds applies: 

a)    the personal data are no longer necessary;
b)    the consent on which the processing is based is withdrawn and there is no other legal ground for processing;
c)    you object to the processing and there are no overriding legitimate grounds for processing;
d)    the personal data have been unlawfully processed by Telenor;
e)    the personal data have to be erased for compliance with a legal obligation.

Telenor shall not erase the data if data processing is required on one of the following grounds: (i) for exercising the right of freedom of expression and information; (ii) for compliance with a legal obligation which requires processing by law; (iii) for the establishment, exercise or defence of legal claims.

Right to restriction of processing

You have the right to obtain from Telenor the restriction of processing where one of the following applies:

a)    you contest the accuracy of the personal data, for a period enabling Telenor to verify the accuracy of the personal data;
b)    the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
c)    Telenor no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims; or
d)    you have objected to processing, pending verification of whether the legitimate grounds of the data controller override those of the data subject.

Where processing has been restricted, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. You shall be informed by Telenor before the restriction of processing is lifted. 

Right to object

You shall have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data based on Telenor’s legitimate interests. In this event, Telenor shall no longer process the personal data unless the data controller demonstrates compelling legitimate grounds for the processing that override your interests, rights and freedoms, or which are related to the establishment, exercise or defence of legal claims.

Right to data portability

If this does not adversely affect the rights and freedoms of others, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format. You also have the right to have Telenor directly transfer these data to another data controller, where

a)    the processing is based on your consent or is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract; and
b)    the processing is carried out by automated means, i.e. personal data are processed in an IT system and are not paper-based. 

Back to table of contents

9.  Processing the data of children


As a general rule, it can be stated that the data of children under the age of 16 are not processed without the consent of their legal representative. If we detect that we have been collecting data on children under the age of 16 without consent, we take measures to notify the legal representative, request consent and, if no consent is granted, the data are erased. In the case of services aimed at children under the age of 16 – while providing information regarding data protection rights – we request the consent of the legal representative.

Back to table of contents

10.  Review of this data protection statement


The statement shall be reviewed and revised as necessary. Should the content of the statement change significantly, we will inform you in a manner deemed appropriate by us, for example through a communication published on our website, an email message, or a short text message. When determining the manner of notification, we will take into account considerations such as the significance of the change, the services affected by the change, and the range of customers that can be reached using the given type of notification.

Back to table of contents

11.  Questions about the data protection statement


Telenor Hungary is responsible for the processing of your personal data. Should you have any questions, concerns or complaints about this data protection statement, or our processing of your data, please contact your local data protection officer using the following contact information:

Data Protection Officer
Telenor Hungary Ltd.
Address: H-2045 Törökbálint, Pannon út 1
Email: adatvedelem@telenor.hu
Telephone number: +36 20 930 4000

We will respond to your request or query to the best of our knowledge, as fast as possible but within 30 days at the latest.
If you have lodged a complaint and find our response unsatisfactory, you may refer your complaint to the Hungarian National Authority for

Data Protection and Freedom of Information (NAIH, registered address: H-1125 Budapest, Szilágyi Erzsébet fasor 22/c; telephone number: +36 1 391 1400; fax: +36 1 391 1410; email: ugyfelszolgalat@naih.hu).

Back to table of contents