Privacy important criteria when developing products – our answer

One in five loses their smart phone.

Our director of consumer business unit in the NOS news broadcast. 

Communication on privacy

As a telecom provider we have a considerable responsibility in the area of privacy. We manage the personal data of 5.3 million customers and our customers have a right to expect that communication over our network will remain confidential. The use of smartphones and tablets by our customers has increased enormously. The popularity of smartphones and tablets is partly because you are able to easily and quickly have access to many personal and business information. We also see that the need to protect this information grows. Not only against theft or loss, but also against viruses and hackers. The need for and ways of protecting information differs between private and business users. In determining the level of security Vodafone constantly searches for the optimum balance between maximum protection and convenience for the customer.

Via our general terms and conditions and the privacy statement published on our website, we explain to our customers what personal data is, what information we hold, what we need this information for and how we protect this information. 

Key results in 2011

Vodafone has implemented a new privacy risk system which enables privacy risks to be identified earlier and more effectively and privacy requirements and considerations to be incorporated more easily into business processes. Privacy has for example become a more important criteria when developing products and services. We evaluate every new project according to a number of requirements based on privacy risks. On this basis, we can take additional measures to decrease or mitigate the risks.

What do we use customer information for?

Vodafone uses customer information to provide products and services and to offer the quality and service that our customers expect from us. Vodafone also makes use of traffic data at an anonymous and aggregated level.  For example, we analyse the overall traffic of our customers - purely on an anonymous basis - in order to detect certain traffic trends. This enables us to identify bottlenecks in the network in good time to ensure that, if necessary, we can expand the network capacity (temporarily or permanently). Sometimes this is necessary in places where a large number of people gather together, such as at football matches or festivals. Vodafone only looks at the content of the data traffic for the purpose of resolving a complaint or fault and after having obtained the permission of the customer concerned. Furthermore, Vodafone is obliged to cooperate with a request to tap a line that is received from the public prosecutor, who must have permission for such a measure from the examining magistrate in the event of criminal offences. Within Vodafone only a select number of people, who have been screened by the Dutch General Intelligence and Security Service (AIVD), are authorised to handle these requests from the judicial authorities.

What is Vodafone doing to guarantee privacy?

  • Cybercrime: The Vodafone network in the Netherlands is monitored 24 hours a day, seven days a week via the Global Security Operations Centre in Dusseldorf. They can identify threats or attacks and take action at an early stage. In addition, the entire network is scanned regularly for viruses, malicious software and intrusion attempts. At Vodafone the management and protection of valuable data is based on the internationally recognised security standard ISO 27001. Vodafone has these security processes checked by independent auditors on a regular basis. The company also participates actively in various consultation structures relating to the improvement of digital security, such as Telecom ISAC and Platform Internetveiligheid [Internet Security Platform], an alliance of market parties and government bodies facilitated by ECP-EPN, and we have close ties with the National Cyber Security Centre (NCSC) and the National Coordinator for Counterterrorism and Security (NCTV).
  • Access to customer data: The systems in which customer data is stored are only accessible to a select group of employees and retailers for whom access to these details is essential to allow them to do their jobs. Encryption is used, amongst other methods, for payment transactions and the transfer of credit card information. Any use of network technology to analyse data traffic is subject to a privacy impact assessment that enables Vodafone to identify and address potential risks.
  • Guidelines and procedures: To ensure that Vodafone employees handle customer information responsibly and to prevent anyone gaining unauthorised access to the content of data or data traffic, Vodafone has formulated clear guidelines and procedures. These set out what is and what is not permitted. Compliance with these guidelines and procedures is checked periodically by employees from our compliance office and audit team. Our procedures relating to access rights to systems fall within the scope of an external auditor's annual inspection. Employees also receive privacy training that is tailored to their role.
  • Compliance with legislation and regulations: Vodafone employs 'Privacy Officers' who make sure, amongst other things, that privacy legislation is observed. They also keep up to date with developments in privacy policy and technology and monitor the development, implementation and observation of the Vodafone Privacy Statement.
  • Support for customers: We give our customers tips on what they can do to protect themselves and we offer apps which can help them to do this, such as the Vodafone Mobile Protect App, which enables customers to protect their smartphone and personal data in the event of loss, theft or viruses. This makes it possible for customers to find their handset easily if it is lost, to lock the device remotely or to wipe all personal data. The Vodafone Safety Net App, supports parents and their children with safe smartphone use.

“Privacy was long neglected in the communications sector. That time is over now, as the heated debate about 'cookies' made ​​clear. Service providers should inform customers clearly about how their personal data is used. Permission for use must also be true consent: hiding behind incomprehensible privacy clauses, which allow unlimited use, is no longer permitable.”

Prof. Dr. N.A.N.M. van Eijk (Nico), Professor of Media and Telecommunications Law, University of Amsterdam


Over the coming period our activities will mainly focus on transparency and facilitating customers' choices in the area of privacy. In 2012 we are launching a new web portal which will give our customers an insight in an accessible way into what data we hold about them, how we protect this data and what purposes we use this data for. Via this portal we will also provide information on the safe use of mobile communication.

No more telephones without passwords? Join in the discussion!

To prevent misuse following the theft or loss of your handset, the easiest step you can take is to set a non-obvious password on your telephone. This prevents high usage costs if someone misuses your found or stolen telephone. It also prevents the misuse of data, however, as many of us have accepted automatic access to all kinds of online services on our telephones. Given that a password is so important and, at the same time, so simple to set up, yet 59% of our customers do not do it, should we leave this decision to the customer? Or should we prompt customers to set a password automatically on their telephone, in the same way as a bank asks for a PIN code to use a debit card? In short, does a lock on your mobile phone prevent misuse or make it difficult for you to use? We'd love to hear your opinion.

What can you do yourself?

Below you will find a number of tips to help prevent other people from misusing your data: 

  1. Set a non-obvious code for the lock screen and another code for your SIM card.
  2. Make an (online) copy of your contacts - using the Vodafone Contacts Backup app, for example. This app is available to everyone free of charge, irrespective of which provider you use.
  3. Use apps to help you find your smartphone remotely and, if necessary, to enable you to wipe any personal data (such as the free Find My iPhone or free Vodafone Mobile Protect apps).
  4. Block your telephone subscription as quickly as possible with your telephone company if you lose your handset and report it to the police. This will stop you being confronted with high usage costs.
  5. If you find a telephone, the best thing to do is to hand it in at a police station.