Privacy Policies of Communication Companies in Egypt

• Ownership → Vodafone Group with 54.93%, Telecom Egypt with 44.94%, and a small percentage of 0.13% for free trading.
• Services provided by the company →Telecommunications services for mobile phones and the Internet..
•  Affiliates → Vodafone ownsSarmadicompany for design and developing websites and applications. It also owns a number of sites and famous services in Egypt and Raya Telecom, which provides Internet and data services to the corporate and consumer sectors in Egypt.

How Vodafone deals with user data

  Access to the Privacy Policy: The Privacy Policy is publicly, comprehensively, and easily accessible.

Vodafone has a privacy policy posted on its website and is easy for the user to access, while they do not provide sufficient information about the data and information collected about users and how the company deals with them.

   Change of privacy policies :Companies commitment to inform users about changes in privacy policies..

The Company indicates a change in privacy policies, but does not provide a description of the changes that occur, and there is no mechanism to inform users of the changes except to indicate the change to the privacy policy page on the Company’s website.

  • Data collection : the quality of data and information gathered by companies about users, and how this is done.

The Company requires, in accordance with a decision of the National Telecommunications Regulatory Authority (NTRA), to obtain a copy of the national number while contracting the telecommunications services it provides, and therefore the Company has all the personal data of the users. The company also collects significant data from users while providing telecommunications services and when purchasing products and using the services it offers. As well as access to user information by credit rating agencies, banks, as well as other regulators, such as the Commercial Register and the IRS.

For example, the company maintains the following data:

• User data on the national ID card.
• User interests based on the use of Vodafone products and services, meaning that the company collects usage behavior data so that it can be analyzed to obtain a rough view of user interests.
• All user operations from calls, messages, internet use, subscription to services or programs, etc. in terms of date, time, duration of calls, messages and approximate user location when making calls, messages and web surfing sessions, and subscription to Vodafone or any services related to the user account. The Company states that this is done for the purpose of accounting, without any guarantee therefor.
• The actual level of customer service, for example communication and coverage problems that may affect network services.

Vodafone offers its customers the application of “I am Vodafone” through which users can manage their account. This application has wide powers such as knowledge of applications on the phone, reading usage data, contact lists, call history, SMS and geolocation based on GPS technology or approximate location Based on the network.

 • Data sharing : the quality of data that companies share with third parties and purpose of sharing.

Vodafone shares the data and information it collects about users with third parties. There is no information available about the type of data and information that is shared or the limits of third parties’ treatment thereof. The Privacy Policy states that data that are shared with third parties ” are for statistical purposes without indication to the personal aspects of the individual”, while this cannot be ascertained in the absence of a data protection law in Egypt. The Privacy Policy states that if Vodafone has transactions with another entity to provide the Company with services to process the user’s personal information, the Company will ensure that they have the appropriate security measures, meaning that the data can be shared with third parties.

While the Privacy Policy states that “Vodafone will not share your information with third parties to contact you to market their products and services, without your explicit and specific consent”, the company does not abide by this item. The organization monitored the sharing of personal data for users with one of the debt collection agencies without consent of the user. These included the user name, telephone number, address, date of birth and national number. This assumes the possibility that the company has shared a copy of the national ID card.

The Privacy Policy indicates that the Company shares user data and information with third parties such as:

• Vodafone Holding Company, or any other company or organization in the Vodafone Group.
• Any partners or agents who contribute to the provision of Vodafone services and products, for example (shipping companies to deliver electronic purchase orders).
• Any partners or agents working to perform services on or on behalf of Vodafone Egypt or the Vodafone Group.
• Credit rating, business registration, and banks.
• Debt collection agencies (if conditions are met).
• Law enforcement agencies, regulatory organizations, courts or other public authorities provided that the legal requirements are met. The Privacy Policy does not refer to any applicable laws or procedures.
• Emergency services (if you make an emergency call), including the approximate location.

  Data Retention :The length of time companies retain data collected from users, and their storage and protection mechanisms..

Vodafone reserves all data collected from users indefinitely, and some personal information about the Customer will be retained for a reasonable period after the end of the Service Contract.

No details are given on how user data and information are stored or protected, except to indicate that Vodafone has “specialized information security teams that continually review and improve our procedures to protect the personal information of our customers from the risks of unauthorized access, loss, detection, or destruction”. In another note it states that, in the event that personal data and information is shared with third parties, Vodafone will ensure that “they have the appropriate security measures, and that they process your information only in the manner permitted, and they will not have the right to use personal information for their own purposes.“

  Users control their data : users’ access to their data, their collection and sharing.

Users cannot see any data and information held by the company nor know its limits, and the company does not provide any kind of procedures to allow users to control their data.

Disclosure procedures :What procedures are used in case government entities request user data.

The company does not provide clear information about procedures in case government entities request user data, except stating that data and information collected can be shared with law enforcement agencies, regulators, courts or other public authorities “provided that the legal requirements are met.”

 Disclosure of requests for information :Transparency of companies in public disclosure of requests by government agencies to obtain user information and informing users..

The company does not disclose government requests for information about users.

 • Communication security measures : policies and procedures followed by companies to secure communications and data storage.

   The Company does not provide information about the protection of communications and data storage, but the Company states on its Terms and Conditions page that it makes no representations or warranties regarding the availability of this Web site or the Internet Service Provider from viruses or other harmful components. Vodafone will not be legally responsible for any loss or damage of any kind arising from the use of this site including but not limited to direct, indirect, emergency, disciplinary and consequential damages. “