CPNI

Conexa Home Technologies is committed to maintaining the privacy of its customers’ proprietary  information. Herein, we describe what information we protect and how we protect it. 

CPNI PROTECTIONS 

Customers of our services have the right, and Conexa has a duty, under federal law, to protect the  confidentiality of certain types of information known as “Customer Proprietary Network Information,”  or “CPNI” for short. CPNI includes information such as: (1) information about the quantity, technical  configuration, type, destination, location, and amount of use of services by any specific customer; and  (2) information contained on a customer’s bill concerning services he received, including any  information that pertains to the transmission of specific telephone calls (referred to as “call detail  information”). Examples of CPNI include information typically available from telephone-related details  on a customer’s monthly bill, details regarding the calls a customer makes, and information regarding the types of service that a subscriber purchases. CPNI does not include things like customer name,  address, or telephone number (referred to as “subscriber list information”), or aggregate information or  data that is not specific to a single customer. 

Unless Conexa obtains customer approval, Conexa will not use CPNI to market products and services to  a customer other than to market service offerings (e.g., service enhancements) among the categories of  service that the customer already purchases from Conexa. 

APPROVAL 

From time to time, Conexa would like to use the CPNI it has on file to provide a customer with  information about Conexa communications-related products and services or special promotions.  Conexa’s use of CPNI may also enhance its ability to offer products and services tailored to a customer’s  specific needs. Accordingly, Conexa will sometimes contact customers in writing, notify them of their  CPNI rights, and seek approval so that Conexa may use CPNI to let a customer know about  communications-related services other than those to which the customer currently subscribes that  Conexa believes may be of interest to the customer. In addition to informing the customer of his rights  regarding CPNI disclosure, this contact will specify the types of information that constitute CPNI, specify  the entities that will receive the CPNI, describe the purposes for which the CPNI will be used, and notify  customers that Conexa will wait a minimum of thirty (30) days before assuming customer approval. If a  customer approves of such use of his CPNI, the customer need not take any action. If a customer does  not approve of such use of his CPNI, the customer can object to the proposed use at any time by calling  the appropriate number listed below. Updated notices will be sent to customers every two (2) years,  and Conexa maintains records of notification, whether oral, written, or electronic, for at least one (1)  year. If an opt-out mechanism does not work properly, Conexa must notify the Federal Communications  Commission within five (5) business days. 

Conexa provides its customers with other methods for restricting the use of, disclosure of, and access to  their CPNI. For example, a customer may withdraw Conexa’s right to use his CPNI at any time by calling one of the following telephone numbers: 

Conexa Customers:  North America: 833-326-6392 

If a customer denies or restricts his approval for Conexa to use his CPNI, there is no impact on how  Conexa provides any services to which the customer subscribes. Any denial or restriction of a customer’s  approval remains valid until the customer affirmatively revokes or limits such approval or denial. 

In some instances, Conexa will want to share a customer’s CPNI with its independent contractors and  joint venture partners to provide the customer with information about Conexa’s communications related products and services or special promotions. Prior to sharing a customer’s CPNI with its  independent contractors or joint venture partners, Conexa will obtain written permission from the  customer to do so. 

CUSTOMER AUTHENTICATION

Federal privacy rules require Conexa to authenticate the identity of its customer prior to disclosing CPNI.  Customers calling Conexa’s customer service center can discuss their services and billings with a Conexa representative once that representative has verified the caller’s identity. Conexa customer service  personnel use Interactive Voice Response (IVR) technology to verify the customer’s identity during  customer-initiated telephone calls. Conexa will only release CPNI during a customer-initiated telephone  call if the customer’s identity is verified. If Conexa customer service personnel cannot authenticate the  identity of the customer through the IVR system, the Conexa representative will attempt to verify the  customer’s identity through obtaining detailed account information name on account, account address,  phone number, email address, and device electronic serial number. If the customer cannot be verified  by either IVR or multi-factor account information, the Conexa representative will only release call detail  information by sending it to the customer’s email address of record or by calling the customer at the  telephone number of record. 

NOTIFICATIONS OF CERTAIN ACCOUNT CHANGES 

Conexa will notify customers immediately of certain account changes, including changes to a customer’s  online account, password, password authentication information, or address of record. This notification  does not reveal the changed information. This notification, which will take place through voicemail, e mail, or mail to the relevant telephone number or address of record, provides an additional measure of  security against changes to an account without the customer’s knowledge. 

Conexa customer service personnel will respond to requests for changes to a customer’s online  accounts, passwords, password authentication information, or address of record during a customer-initiated telephone call only if the customer’s identity has been verified by the IVR system or  multi-factor account information. If Conexa customer service personnel cannot authenticate the identity of the customer through the IVR system or multi-factor account information, they will inform. The customer of the need for additional validation in order to proceed. Specifically, customer service  personnel will inform the customer that he will need to terminate the customer-initiated telephone call  and call the customer back on his telephone number of record before proceeding. If there is no  response to this call, Conexa customer service personnel will send an e-mail to the customer’s e-mail  account of record. Written notification to the address of record will only be sent if there is no response  to either voice or e-mail requests for confirmation. 

DISCLOSURE OF CPNI 

Conexa may disclose CPNI in the following circumstances: 

  • When the customer has approved use of their CPNI for Conexa and/or its joint venture partners  and independent contractors (as the case may be) for sales or marketing purposes. 
  • When disclosure is required by law or court order. 
  • To protect the rights and property of Conexa or to protect customers and other carriers from  fraudulent, abusive, or unlawful use of services. 
  • To provide services to the customer, including assisting the customer with, for example, repair  services. 
  • To bill or collect for services. 

PROTECTING CPNI 

Conexa uses numerous methods to protect CPNI. These methods include software enhancements that  identify whether a customer has approved use of its CPNI (i.e., the status of a customer’s CPNI approval  can be clearly established). In addition: 

  • All online access to CPNI is password protected and the password is not prompted by asking for  readily available biographical information or account information. 
  • All Conexa customer service personnel are trained on how CPNI is to be protected and when it  may or may not be disclosed; and 
  • All marketing campaigns are reviewed by a Conexa supervisory committee to ensure that all  such campaigns comply with applicable CPNI rules (e.g., sales personnel must obtain supervisory  approval of any outbound marketing request for customer approval, records of compliance are  retained for a minimum of one (1) year). 

Conexa maintains records of its own sales and marketing campaigns that utilize customer CPNI as well as  those of its joint venture partners and/or independent contractors (if applicable). These records include  a description of the campaign, the specific CPNI that was used in the campaign, and what products and  services were offered as part of each campaign. Conexa also keeps records of all instances in which CPNI  is disclosed to third parties or where third parties were allowed access to customer CPNI. Conexa retains these records for a minimum of one (1) year. Conexa will not release CPNI during customer-initiated telephone contact without first authenticating  the customer’s identity in the manner set forth herein. Violation of this CPNI policy by any Conexa employee will result in disciplinary action against that employee as set forth in the Conexa Employee  Handbook. 

BREACH OF CPNI PRIVACY 

In the event Conexa experiences a privacy breach and CPNI is disclosed to unauthorized persons, federal  rules require Conexa to report such breaches to law enforcement. Specifically, Conexa will notify law  enforcement no later than seven (7) business days after a reasonable determination that such breach  has occurred by sending electronic notification through a central reporting facility to the United States  Secret Service and the Federal Bureau of Investigation. Conexa generally cannot inform its customers of  the CPNI breach until at least seven (7) full days following notification to law enforcement and may only  do so at that time if law enforcement agents have not requested that it further postpone disclosure.  Additionally, Conexa is required to maintain records of any discovered breaches, notifications to law  enforcement regarding the breach, law enforcement’s response (if any) to the notifications, and  notifications made to customers. These records will include, if available, the date that Conexa discovered the breach, the date the company notified law enforcement, the date the company notified  customers, a detailed description of the CPNI that was breached, and the circumstances of the breach.  Conexa will retain these records for a period of not less than two (2) years.  

NOTIFICATION OF CHANGES TO THIS POLICY 

If Conexa changes its CPNI Policy, we will post those changes at https://www.conexatechnologies.com/CPNI and possibly in other places Conexa deems appropriate,  so that the public can be aware of what information Conexa collects, how Conexa uses it, and under  what circumstances, if any, Conexa discloses it. If a customer decides to continue receiving services after  Conexa makes any changes to its CPNI Policy, the customer shall be deemed to have given express  consent to the changes in the revised policy.