76-77 / 111
In 2018, one of the main challenges for the entire
company was the preparation for the new European
Regulation (EU) 2016/679, concerning the protection of
individuals with regard to the processing of their personal
data – GDPR (General Data Protection Regulation), which
came into force. The topic is gaining increasing popularity
and importance for all interested parties. Our company
has always strictly complied with the requirements of the
national legislation on the collection and processing of
personal data, works closely with the competent body –
the Commission for Personal Data Protection (CPDP), and
continues to make the necessary efforts to protect the
data of all its clients and partners.
The new regulation required a review and change of many
internal processes, policies, procedures and systems,
as well as of relationships with external organizations
involved in the processing of personal data.
The alignment with Regulation (EU) 2016/679 affected the
activities not only of all directorates having direct contact
with the company’s clients such as Customer Service,
Sales, Technical Directorate, but also almost all supporting
functions such as Finance, Customer Experience, Marketing
Communications, Corporate Communications, etc. Each of
them reviewed their processes and, together with the
Data Protection Officer, made the necessary adjustments
to meet the new European requirements. The process of
preparing for the entry into force of the Regulation began
in 2017 and in 2018 each employee of the company went
through two trainings on the topic – one common for the
entire organization affecting the principles of GDPR, and
one specialized on changes in his/her specific function.
Both trainings were completed with mandatory tests to
verify the knowledge that all employees successfully
passed.
Revision and change also underwent the processes of
the Human Resources Directorate, especially in relation to
the processing of data for job applicants and employees.
They also achieved a high level of compliance with the
requirements of Regulation (EU) 2016/679.
For the reporting period, only 20 records have been filed
in CPDP for complaints from our customers and there are
no established confirmed cases of theft or loss of data of
a client.
4.4.2.
Regulation and Management of Personal Data
Maintaining honest and open communication with
employees is one of the main priorities of the company’s
top management. Board members stay firmly behind
the belief that employees in an organization should be
its ambassadors and promote it in their circle. And this
can only happen if they feel informed about everything
current and important in a timely manner.
Therefore, in 2018, we built up the already established
internal campaigns ‘For VIVACOM with Atanas Dobrev’
and Tech Talk with the Chief Technical Officer, as we held
meetings with the directors of two other departments
– Marketing and Sales. The goal of the events was
managers of various functions to present in more detail
the work, achievements and plans for the development
of their units.
The Marketing Directorate colleagues presented the
exciting activities related to ad creation and positioning of
the VIVACOM brand, the challenging task of keeping the
company's official website always up-to-date and increase
customer satisfaction, as well as the responsibility to
create customer-oriented tariff plans.
The representatives of Sales Directorate shared how
they manage to attract new customers and to keep their
current ones satisfied with a personal approach to the
needs of each client and assistance in choosing among
the variety of telecom services and devices.
Each meeting was streamed live online on the company's
internal portal and had an average viewing rate of about
2,000 people, and the 100-person auditorium hall was
filled to capacity.
A similar type of initiative was also held on a smaller
scale – especially for the needs of our IT unit. Its main
goal was the managers of the department to introduce
the key projects and to get concrete proposals from their
employees to increase efficiency into the entire structure.
These meetings were also streamed live online so that
maximum number of people could join.
As a telecommunication company, it is extremely
important for us to maintain an open dialogue in society
about the opportunities and the dangers of the Internet,
especially for the vulnerable child audience. We believe
that all users must be well informed on this subject in
order to be able to protect both themselves and the
children around them.
That is why we used the festive mood around June 1st
(Children's Day) to bring our employees' attention to the
current and important topic of safe Internet. The campaign
had two parts. The first one was a public lecture for adults
with useful tips on what to watch out for online and how
to protect children around them. The second part was a
special event for the employees' children, in which the
various ‘faces’ of the network were presented through
entertaining presentations with game elements. Partners
of the initiative were the Directorate of Computer Crimes
at the Directorate-General for Combating Organized
Crime, Safer Internet Center, Bulbera safe Internet surfing
application, Cartoon Network and Buba Play. The event
was attended by more than 100 children.
4.4.3.
Internal Employee Initiatives
Georgi Sredkov,
Corporate Information Protection Manager at
VIVACOM:
‘In accordance with the new data protection rules that came into force with
Regulation (EU) 2016/679 (GDPR), significant work was done in 2018 on all
aspects: administrative, process organizational, legal and technological. True to the
principles of transparent and lawful processing of personal data and maintenance
of accountability, during the year we introduced appropriate technical and
organizational measures, trainings and courses, with which BTC consistently
follows the path of building and maintaining a comprehensive data protection
management system.’
ANNUALREPORT
2018
INTEGRATED
4.
PERFORMANCE
4.4.
Honest
76
77