CPNI Privacy Policy
Skye Telecom LLC CPNI Policy
In accordance with Section 222 of the Communications Act and the Federal Communications Commission’s (“FCC”) Protecting Customer Information Rules (47 C.F.R. § 64.2001, et seq.), Skye Telecom LLC (“Skye Telecom” or “Company”) has established the policies and procedures outlined below for collecting, accessing, using, and storing Customer Proprietary Information (“Customer PI”). Skye Telecom provides telecommunications services to retail customers. Therefore, because Skye Telecom may collect, access, use, or store Customer PI when providing these types of services, the Company hereby notifies its customers of its privacy notice and associated privacy policies.
Types of Customer PI Skye Telecom Collects and How it is Used
Customer PI is certain customer information obtained by a telecommunications provider during the course of providing telecommunications services to a customer. Customer PI includes (i) individually identifiable customer proprietary network information (“CPNI”); (ii) personally identifiable information (“PII”); and (iii) the content of communications.
- CPNI refers to information relating to the quantity, technical configuration, type, destination, location, and amount of use of a telecommunications service subscribed to by any customer of a telecommunications carrier. Examples of CPNI include information typically available from telephone-related details on a monthly bill such as the types of services purchased by a customer, numbers called, duration of calls, directory-assistance charges, calling patterns, call detail information, web browsing history, application usage history, and the functional equivalents, geo-location information, IP addresses and domain name information, MAC addresses and other device identifiers, traffic statistics, port information, customer premises equipment and other customer-device information.
- PII refers to any information that is linked or reasonably linkable to an individual or device. Examples of PII include name, physical address, e-mail address, telephone number, other physical or online contact information, date of birth, Social Security Number, government- issued identifiers, financial information, unique device identifiers, IP addresses, and persistent or unique advertising identifiers.
- Content of communications refers to any part of the substance, purport or meaning of a communication. Examples of content of communications include the text of an email or instant message, streaming video content, audiovisual content from a video chat, maps from a ride-share app, application header, communications on social media, search terms, website comments, items in shopping carts, application payload of an IP packet, and voice recordings.
Skye Telecom may collect the Costumer PI described above in connection with the contracting and provision of the telecommunications services it provides to its customers, as well as when its customers communicate with Skye Telecom.
It is the policy of Skye Telecom not to use Customer PI for any activity other than that permitted by applicable law and in accordance with its customers’ choice. The Customer PI collected by Skye Telecom is disclosed, accessed and used exclusively for the following purposes:
- The provision of the telecommunications services contracted for by the customer;
- To initiate, render, bill, and collect for Skye Telecom’s telecommunications and related services;
- To protect the rights or property of Skye Telecom, or to protect users of the telecommunications service and other providers from fraudulent, abusive, or unlawful use of Skye Telecom’s service;
- To provide any inbound marketing, referral or administrative services to the customer for the duration of a real-time interaction, provided that such interaction was initiated by the customer;
- To provide location information and/or non-sensitive Customer PI information to:
- A public safety answering point, emergency medical service provider or emergency dispatch provider, public safety, fire service, or law enforcement official, or hospital emergency or trauma care facility, in order to respond to the user’s request for emergency services;
- Inform the user’s legal guardian or members of the user’s immediate family of the user’s location in an emergency situation that involves the risk of death or serious physical harm; or
- Providers of information or database management services solely for purposes of assisting in the delivery of emergency services in response to an emergency
- Skye Telecom marketing campaigns as allowed by applicable law;
- As otherwise required or authorized by law.
Third-Party Use of Customer PI
Skye Telecom may share Customer PI to other parties, such as affiliates, vendors and agents, only when necessary to conduct a legitimate business activity related to the services already provided by Skye Telecom to the customer and in connection with the purposes indicated in this Notice.
To safeguard Customer PI, before allowing joint venturers or independent contractors access to Customer PI, they shall enter into a confidentiality agreement that ensures compliance with this Policy, and, when required by applicable law, Skye Telecom will also obtain opt-in consent from a customer prior to disclosing such information to such third parties. In addition, Skye Telecom requires all outside agents to acknowledge and certify that they may only use Customer PI for the purpose for which that information has been provided and the customer has agreed to. When required by applicable law, Skye Telecom will obtain express written authorization from the customer before sharing Customer PI with other carriers, except as otherwise required by law.
Skye Telecom does not market or sell Customer PI information to any third party.
Customers’ rights regarding their Customer PI
Customer PI Security
Skye Telecom follows reasonable data security practices to prevent unauthorized use, disclosure or access to Customer PI. However, Skye Telecom cannot guarantee that these practices will prevent every unauthorized attempt to access, use, or disclose Customer PI.
Skye Telecom will not use, disclose, or permit access to Customer PI without the approval of a customer to the extent required by applicable law. By contracting with Skye Telecom and using the telecommunications services provided by it, Customer agrees that Skye Telecom may use Customer PI indicated as provided for in this Privacy Notice and for the purposes detailed herein.
If the Customer does not agree or at any time desires to withdraw or limit the approval for Skye Telecom to use Customer PI pursuant to this Privacy Notice, Customer may opt-out at any time by sending an email to [email protected] clearly indicating Customer’s denial or withdrawal of approval to the extent allowed by law.
A Customer’s denial or withdrawal of approval to use, disclose, or permit access to Customer PI will not affect the provision of any telecommunications services of which he or she is a customer.
Any grant, denial or withdrawal of approval for the use, disclosure, or permission of access to Customer PI is valid and will remain in effect until the customer affirmatively revokes such grant, denial, or withdrawal, and Skye Telecom hereby informs the customer of their right to deny or withdraw access to such Customer PI at any time.
Skye Telecom does not and will not collect or use any sensitive Customer PI for which it requires customer approval without first obtaining opt-in approval to the extent such approval is required by law.
Customer and Law Enforcement Notification of Unauthorized Disclosure
Skye Telecom will notify affected customers of any breach without unreasonable delay and in any event no later than 30 calendar days after it reasonably determines that a breach has occurred, subject to law enforcement needs, unless Skye Telecom can reasonably determine that no harm to customers is reasonably likely to occur as a result of the breach.
Skye Telecom will notify the FCC of any breach affecting 5,000 or more customers no later than 7 business days after reasonably determining that a breach has occurred and at least 3 business days before notification to the affected customers, unless Skye Telecom can reasonably determine that no harm to customers is reasonably likely to occur as a result of the breach. Skye Telecom will notify the FCC of any breach affecting fewer than 5,000 customers without unreasonable delay and no later than 30 calendar days after it reasonably determines that a breach has occurred, unless Skye Telecom can reasonably determine that no harm to customers is reasonably likely to occur as a result of the breach.
Skye Telecom will notify the Federal Bureau of Investigation (FBI) and the U.S. Secret Service (Secret Service) of a breach that affects 5,000 or more customers no later than 7 business days after Skye Telecom reasonably determines that such a breach has occurred and at least 3 business days before notification to the affected customers, unless Skye Telecom can reasonably determine that no harm to customers is reasonably likely to occur as a result of the breach.
Skye Telecom shall maintain records of discovered breaches for a period of at least two years.
Material Changes to this Customer PI Privacy Notice
Skye Telecom will provide advance notice of material changes to its privacy policies to its existing customers, via email or another means of active communication agreed upon by the customer.