Each employee from O₂ is personally responsible for the security of the data entrusted to us. Our Data Protection Officer regularly updates and reviews measures for data protection and procedures for our employees. Since 2007, managers from the relevant divisions have held regular meetings to swap ideas and network on issues relating to data protection regulations. The committee is able to transfer issues relevant to data protection quickly and efficiently to the company and this allows a stable awareness to be created for these issues among all employees. O₂ adopted the relevant policy for data security of Telefónica S.A. in order to comply with all internal data protection precautions. The company also adopted dedicated internal directives for handling employee and customer data.

For us as a telecommunications provider, the Telecommunications Act (Telekommunikationsgesetz, TKG) and the Federal Data Protection Act (Bundesdatenschutzgesetz, BDGS) create the statutory framework for handling the data entrusted to our safe-keeping by customers. The statutory regulations define for us the legal basis for processing and using data. A possible legal platform is provided by obtaining the customer's consent on using and processing their data. We also have to observe the universal principles of data economy and data avoidance which are defined in the Federal Data Protection Act. This means that we only record data that is necessary for concluding the contract and we delete the data when it is no longer required.

The Federal Commissioner for Data Protection and Freedom of Information (BfDI) carried out an official Data Protection Audit at O₂ in 2008 which revealed no significant discrepancies. Our parent company Telefónica S.A. additionally audited us for issues relating to data protection. This also revealed no grounds for objections. There were no complaints regarding data protection about O₂ to the Federal Network Agency last year that would have led to a penalty notice being issued for a fine. We want to continue this good performance. That's why we maintain continual contact with the responsible authorities in order to identify potential problems in good time and we aim to make a commitment beyond the statutory requirements. Over the coming year, we are planning to carry out four data protection audits with the objective of also reviewing our suppliers.

At O₂ we have data on all customers who have taken out a contract with us. Our most important data protection function is protecting these data against unauthorised use. We carry out this function by complying with the appropriate statutory regulations and internal security measures defined within the company. Another key factor is communication with our customers. Our new Internet page www.o2.de/goto/datenschutz/ datenschutz informs our customers about personal data we hold on them and explains the purposes for holding the data. We also provide tips on how they can take steps to provide improved protection for their data.

Our internal measures ensure that our employees are always alert to the potential misuse or loss of customer data. If they find that personal data has been communicated to unauthorised persons, they must report this "data loss" to our Data Officer without delay. The Data Officer will then investigate the incident immediately. We also train our employees to prevent misuse of their own data and customers' data.

In 2008, we set up a dedicated platform for data protection. It provides information about existing rules, as well as new laws and any amendments. All our new employees receive an introduction with the first information on data protection at the Welcome Days for new recruits. They are then given more in-depth knowledge at regular training sessions and they have to complete an annual online training course on data protection. Our aim during the coming year is for 95 percent of our employees to complete this training.

The security of telecommunications services is not simply related to the transfer of data it performs. Other issues relating to safety come into play if someone is making a call when they are driving. We have drawn up a series of helpful notes in a brochure entitled "   Tips for enhanced safety at the wheel" (in German).

However, mobile phones also give assistance for personal security. Anyone can call the emergency centres from a mobile phone at any time and ask for help. Mobile phone owners should also store a number in the address book of their mobile which allows them to reach a relative or friend in an emergency. The use of the international "ICE" (International Case of Emergency) is recommended for this number so that a contact number can be quickly identified by the emergency services.