AT&T International Public Affairs Website Privacy Statement


All visits to this Public Affairs Website and sending to you of the Communications Tools are subject to this Privacy Statement. In addition, visits to this Public Affairs Website are also subject to the AT&T Public Affairs Website Terms of Use.

AT&T’s Commitment to Data Protection

AT&T is committed to fulfilling our responsibilities in relation to collection, retention, use, and other Processing of Personal Data that is within the scope of the European Union’s General Data Protection Regulation (GDPR). Personal Data will be Processed only for lawful and appropriate purposes. AT&T has implemented measures designed to ensure security of Personal Data and to prevent unauthorized or accidental access, erasure, or other misuse. AT&T will facilitate exercise of data subject rights in an effective and transparent manner.

In this Privacy Statement, terms such as “Processing,” and “Personal Data” will have the meanings used in GDPR.

Who is responsible for Processing your Personal Data?

The joint data controllers of your personal data when you use the Public Affairs Website or the Communications Tools are:

(1) AT&T Services, Inc., having its registered office at One AT&T Plaza, South Akard Street 208, TX 75202 Dallas, USA; and

(2) AT&T Global Network Services Belgium Luxembourg BVBA/SPRL, having its registered office at Medialaan 36 1800, Vilvoorde, Belgium.

The above controllers are referred to as “AT&T”, “we”, “our” and “us” in this Privacy Statement.

What Personal Data about you does AT&T Process?

We process Personal Data based on your use of the Public Affairs Website and/or in order to send you the Communication Tools, including:

  • contact information that allows us to communicate with you such as your name, title, affiliation, address, telephone number, and e-mail address;
  • equipment, performance, AT&T website usage, viewing and other technical information about your use of the Public Affairs Website;
  • your electronic identification data (such as IP addresses and cookies stored on your equipment); and
  • your political opinions and views, to the extent you provide these by using the Public Affairs Website.

Information that you provide to non-AT&T companies is not covered by this Privacy Statement.

  • when you navigate to a non-AT&T company (e.g., social network sites) from the Public Affairs Website (by clicking on a link or using website plug-in, for example), the non-AT&T company acts as data controller of such personal data independent from AT&T and such processing is governed by the non-AT&T company’s privacy policy and the relevant data protection legislation, not by this Privacy Statement; and

Why does AT&T Process Personal Data about you?

AT&T Processes your Personal Data for delivery of public affairs and public relations services.  AT&T Processes Personal Data pursuant to established and appropriate lawful bases for Processing. These are:

  • Processing for one or more specific purposes for which you have given consent listed below. You may withdraw your consent for one or more of these purposes at any time by contacting us at [email protected].
  • Processing necessary for the legitimate interests pursued by AT&T. AT&T has certain legitimate and lawful interests in Processing Personal Data; these could include Processing for public affairs and public relations purposes, internal administrative purposes, personal and network security, marketing, and other purposes.
  • Compliance with a legal obligation to which AT&T is subject. EU and Member State laws require AT&T to Process certain Personal Data for certain purposes.

Who has access to Personal Data about you?

Personal Data will be disclosed, to the extent required for the above purposes, to appropriate and authorized recipients. Recipients may include AT&T personnel and third party service providers and subcontractors that support AT&T.

AT&T will not sell your personal information to anyone or share it with third parties for any purpose other than those mentioned above.

Third parties given access to Personal Data will be required to use appropriate security measures consistent with legal requirements when Processing Personal Data and, where the third party is Processing such Personal Data on behalf of AT&T, to do so only pursuant to AT&T’s instructions.

AT&T may disclose Personal Data if compelled to do so by a court of law or lawfully requested to do so by a relevant governmental authority using the appropriate means of request or if AT&T determines it is necessary or appropriate to comply with the law or to protect or defend AT&T’s rights, property or employees.

Where is Personal Data about you Processed?

AT&T has centralized administrative activities to better manage our global business. That centralization may result in the transfer of Personal Data to countries outside of the European Economic Area (EEA). For example, your Personal Data may be transferred for Processing in the United States of America.

AT&T generally transfers Personal Data between AT&T affiliates on the basis of our Intra-Group Agreement, which is based on the EU’s standard contractual clauses for export of Personal Data to third countries. A Data Subject may request to access or review the safeguards AT&T uses for cross border transfers.

When is Personal Data about you deleted?

Personal Data will be retained for no longer than required by law or needed for our public affairs and relations purposes, as set forth in the consent statement.

How may you manage Processing of Personal Data?

You have certain rights regarding Processing of Personal Data. AT&T is committed to honoring these rights and has established clear and accessible policies and procedures. Your rights with respect to your own Data may include:

  • Right of Notice. AT&T provides you with this Privacy Statement detailing how your Personal Data is Processed.
  • Right of Access. You may obtain from AT&T confirmation as to whether your Personal Data is being Processed and, if it is, access to the Personal Data and additional information about the Processing of that Data.
  • Right to Rectification. You may have inaccurate Personal Data corrected and have incomplete Personal Data made complete.
  • Right to Erasure. You may have Personal Data erased in certain circumstances.
  • Right to Restriction of Processing. You may have additional Processing of Personal Data temporarily prohibited while the accuracy or Processing of the Personal Data is contested.
  • Right to Data Portability. You may be able to receive Personal Data for the purpose of providing that Personal Data to another controller, either by you or directly by AT&T.
  • Right to Object. You may object, at any time and on grounds relating to your particular situation, to Processing of Personal Data.
  • Right to Avoid Automated Individual Decision-Making. You may not be subjected to a decision based solely on automated processing, including profiling, that has legal or similar affect.

Whether and how a right applies will depend upon the lawful basis by which the data is Processed, the nature of the Personal Data requested, and AT&T’s ability to determine that it holds responsive Personal Data. AT&T’s provision of Personal Data in response to your request shall not adversely affect the rights and freedoms of others.

You may file a complaint with the relevant data protection regulator, also known as a “supervisory authority.” The relevant supervisory authority would most likely be, but is not necessarily limited to, the supervisory authority of the country in which you are located. You may additionally or alternatively seek judicial redress for alleged infringements of applicable law by AT&T. If you have any questions in relation to this Privacy Statement please contact us at [email protected].