EOLO SpA is an Italian telecommunications operator and is the main provider of ultra-broadband and wireless internet for both residential and business uses. EOLO supports its 200,000 active customers with its innovative technology, high reliability and flexibility, and coverage in over 6000 municipalities, thanks to a network of over 2,800 BTS and 10,000km of fiber optic backbones.

EOLO believes that the customer should be kept at the center of operations, and the aim to improve the quality of life and value brought to organizations through a reliable connection. 

“Privacy is fundamental for EOLO because we manage a large volume of personal data, I refer both to the personal data of customers, installers and partners, and to the traffic data of customers who use our network. Our customers expect to put their data in good hands,” said Daniele Bianchi, Data Protection Officer at EOLO. 

“From the beginning, we have always tried to distinguish ourselves from other traditional operators, building a close relationship with our customers by creating a brand that respects privacy. Data breaches and security problems have a greater impact on a new brand, therefore being compliant with the GDPR is also a way to protect and strengthen the brand itself.“

A globally connected solution for EOLO’s privacy program

When tackling the GDPR, EOLO needed a tool that could match the breadth of a large privacy program. “The advantage of OneTrust is to have a tool that, with its numerous modules, constitutes a large part of the privacy system,” said Daniele.

EOLO was looking for a scalable, global technology, that could allow the organization’s program capabilities to grow rapidly. After evaluating different software, OneTrust was the top choice for several reasons.

“The decision to choose OneTrust was determined by a key capability: the ability to use questionnaires in multiple departments, thereby demonstrating accountability and adherence to the Privacy by Design principle,” explained Daniele. 

EOLO’s privacy structure includes a Privacy Officer within the legal department and the appointment of 15 privacy champions. This was easy to implement with OneTrust thanks to the ability to be able to create different roles and user groups that perfectly align with the complexity and needs of a sophisticated company like EOLO.

OneTrust’s international structure was also a key factor in EOLO’s decision to invest in their technology. Even though EOLO currently operates in Italy, having a global vision was considered advantageous. In his role as DPO, Daniele finds the OneTrust DataGuidance module a great resource for his regulatory research and keeping on top of global developments.

Answering the call to compliance with OneTrust

EOLO is a dynamic organization and is constantly looking for new ways to implement its privacy system. They have improved their work towards GDPR compliance by using numerous OneTrust modules to create the most complete privacy system possible. EOLO uses Assessment Automation for their PIAs and DPIAs, which allow an effective collaboration between the privacy team and the various stakeholders and a more complete and structured risk assessment.

EOLO also uses the OneTrust Cookie Consent module, which stands out from the crowd because it is easy to use and is integrated into a single environment.

The OneTrust program simplifies the management of requests from interested parties that are internally integrated into EOLO’s intranet, creating a workflow that allows an identity verification process suited to the type of request, the assignment of different tasks and the automatic search for data.

The reporting capabilities in OneTrust are a fundamental benefit. With OneTrust, EOLO is able to report all the activities carried out by the various users with demonstrable evidence. 

“To demonstrate accountability we use a document where periodically, by quarter, we describe all the activities carried out in the privacy field. OneTrust supports us as we can refer directly to all assessments and questionnaires present for new projects, for the management of requests from interested parties, etc.,” Daniele explained.

A great reception for OneTrust, signaling a bright future for compliance

“OneTrust demonstrates that privacy is not something that is inside a legal department, but something alive within the company with the large exchanges between the various departments,” says Daniele.

The partnership with OneTrust was immediately successful, so much so that EOLO has just added the Awareness Training module and is considering expanding their suite of tools to include Third–Party Risk Management, in order to have a system capable of identifying data protection criteria and security incidents, as well as being able to understand the risks associated with the suppliers themselves.

Daniele also noted how useful the OneTrust health check, a service that the OneTrust customer success team performs to help them manage their privacy effectively and completely. EOLO has used this service and managed to make full use of the capabilities of the OneTrust platform. Another greatly appreciated aspect of OneTrust is the ability to send ideas and proposals on new features that are taken into consideration and implemented in the different modules, making for a truly collaborative experience. 

“We love working with OneTrust because the platform combines technical expertise and relationship skills, with excellent customer service and the ability to respond quickly,” said Daniele. He believes that the OneTrust’s team is competent, dynamic and able to provide an efficient response quickly, which also reflect the characteristics of the EOLO culture.