The Champlain Telephone Company and its subsidiaries (“CTC”) is committed to respecting and protecting the privacy of our customers. As discussed below, we have strict policies governing access by employees and others to customer communications and information. We access customer accounts, records or reports for authorized business purposes only. We educate our employees about their obligation to safeguard customer information and communications, and we hold them accountable for their actions. In short, privacy is a priority for CTC in all aspects of our business.
GENERAL PRIVACY PRINCIPLES
The following principles express CTC’s commitment to assuring strong and meaningful customer privacy protection, and are intended to guide CTC’s efforts to balance customer privacy with customer interest in receiving quality services. These principles apply to our use of “individual” customer information – that is, information about specific customers. “Individual” customer information includes “personal information” – information particular to you, including your address, phone number, fax number and email address – and “non-personal information” that may include information such as your network traffic data, services and features used or call record details. These policies are fully consistent with applicable laws and regulations governing privacy, including the regulations of the Federal Communications Commission (“FCC”). Individual customer information is distinct from “aggregated” customer information, which does not reveal a customer’s identity. Further, the examples provided below are intended to be illustrative, not all-inclusive.
1. CTC Obtains and Uses Individual Customer Information for Business Purposes Only.
CTC obtains and uses customer information that helps us to provide our customers with quality telecommunications services. In addition to supporting the direct provision of service, this information may be used to protect customers, employees and property against fraud, theft or abuse; to conduct industry or consumer surveys; and to maintain good customer relations. Access to databases containing customer information is limited to employees who need that information to perform their jobs. These employees are required to follow strict rules when handling customer information, and are subject to disciplinary action if they fail to do so.
In order to better serve our customers, we may ask them questions to elicit additional information about their special needs and interests. For example, we may ask whether customers work at home, whether any members of the household have special needs, or whether teenagers reside in the household in order to determine whether customers may be interested in or might benefit from additional lines or services. In all cases, the information we gather is used to facilitate the provision of quality customer service. We do not share this information with third parties to market non-CTC services to our customers.
2. CTC Collects Information from Customers in a Number of Different Ways.
CTC may collect information from you through communications such as via the web, or by phone, email or mail delivery, or through the services provided to you as the customer.
You may visit our site without divulging any personal information; however, there are areas of the website that might require personal information in order to contact CTC directly, specifically, when registering e-mails, obtaining remote access, and contacting online technical support.
Information may also be collected in the following ways:
Browsing Our Site
- IP addresses may be collected for the purposes of system administration, to gather broad demographic information, and to monitor the level of activity on our site.
- Information may be collected regarding the referring URL, which browser you used to come to our site, and the pages of our site that you viewed during your visit and any search terms entered on our site.
- E-mails may be sent by the customer to CTC on this website. CTC may retain the information in any e-mail that you send to us, such as your name, e-mail, address, or telephone number.
Broadband Internet Service
- CTC may monitor the network and take measurements of network performance and the performance of your Internet connection to improve the customer’s, or CTC’s, overall service levels.
- During communications with CTC for service support, we may also access information about your customer premise equipment such as computers and wireless modem devices or other device settings to provide customized technical support or to install specific applications or services for your use.
- CTC reserves the right to access broadband traffic from individual accounts for the purposes of general maintenance and management of the network, as well as upon request by law enforcement officials.
Provision of Information by Third Parties
- CTC may obtain credit information about you from third parties when you purchase products or services from CTC.
Information Collected on Our Websites
- We collect data about visitors to our subscriber website, using some automated means such as Google Analytics, and reserve the right to use other methods such as cookies, clear GIFs, and passive automatic electronic collection. We may work with third-party companies to engage in such collection.
Log Files. Our log tracking collects visitors’ IP addresses to analyze trends, administer our website, track visitor movement, and gather broad demographic information to help determine the type of information visitors are interested in seeing on our website. This tracking only collects IP addresses and not personally identifiable information. Visitors are not personally identifiable within our log files. Big Bend only uses this information for internal purposes and does not share this information with non-affiliated companies or institutions.
3. CTC Informs Customers Regarding How Information Is Used
4. CTC Gives Customers Opportunities To Control Access to Information.
CTC is committed to providing customers with opportunities to control how CTC uses customer information about them. For example, customers may inform us of which telephone listings they want to include in our directories and in directory assistance and may also choose to have a non-published number, or a nonlisted number, or to exclude your address from your listing. Customers in areas where Caller ID services are available have the ability to block the display of their phone numbers and names. (Note that Caller ID blocking does not prevent the transmission of your phone number when you dial certain business numbers, including 911, or 800, 888, 877, and 900 numbers.) Further, customers can express a preference not to be called for marketing purposes (please see Section III, below, for more information on CTC’s “Do Not Call” policy). Customers may also opt out of our direct mailings and other service marketing programs. (Please see Section II, below, for CTC’s policy on the use of “Customer Proprietary Network Information”). A customer may indicate a change in such preferences at any time by contacting CTC customer service.
We do use individual customer information internally for planning purposes – so that we can, for example, develop, test and market new products and services that meet the needs of our customers. Ordinarily, such information is combined into aggregations that do not include individual customer identities. Under certain circumstances, we are required by law to disclose the aggregated information to other companies, but in such cases customer identities are not included.
5. CTC Enables Customers To Control How CTC Discloses Individual Information.
Ordinarily, CTC will only share individual customer information with persons or entities outside the company to assist us in the provision of services to which the customer subscribes, or as required by law or to protect the safety of customers, employees or property. We do not use third-party marketers, nor do we share access to individual customer information derived from the provision of CTC telecommunications services with other companies interested in marketing other services to our customers – and we would not do so without the consent of the customer. CTC is committed to ensuring that customer information is not used without the knowledge and permission of our customers.
However, there are exceptions to our general practice. For example, unless you request otherwise, we may share certain non-sensitive information with our affiliated companies with whom we have established business relationships. In addition, if CTC enters into a merger, acquisition, or sale of all or a portion of its assets, a customer’s personally identifiable information will, in most instances, be transferred as a part of the transaction, subject to required notices to affected customers. In addition, we may, where permitted by law, provide information to credit bureaus, or provide information and/or sell receivables to collection agencies, to obtain payment for CTC billed products and services. We are also required by law to provide billing name and address information to a customer’s long distance carrier and other telephone companies to allow them to bill for telecommunications services. (By law, customers with non-published or unlisted service have the right not to have their billing name and address disclosed when they make a calling card call or accept a collect or third party call. However, if they do restrict disclosure, they will be unable to make calling card calls or accept collect and third party calls.) Similarly, we are required to provide directory publishers with subscriber listing information – name, address and phone number, and for yellow page advertisers, primary advertising classification – for purposes of publishing and delivering directories. In addition, under certain circumstances, we may share customer information with other carriers or with law enforcement, for example, to prevent and investigate fraud or other unlawful use of communications services.
6. All CTC Employees Are Responsible For Safeguarding Customer Communications and Information.
We never tamper with, intrude upon or disclose the existence or contents of any communication or transmission, except as required by law or the proper management of our network. Access to databases containing customer information is limited to employees who need it to perform their jobs – and they follow strict guidelines when handling that information. We use safeguards to increase data accuracy and to identify and authenticate the sources of customer information. We use locks and physical security measures, sign-on and password control procedures, and internal auditing techniques to protect against unauthorized use of terminals and entry into our data systems. CTC requires that records be safeguarded from loss, theft, unauthorized disclosure, and accidental destruction.
In addition, sensitive, confidential, or proprietary records are protected and maintained in a secure environment. It is our policy to destroy records containing sensitive, confidential, or proprietary information in a secure manner. Hard copy confidential, proprietary, or sensitive documents are made unreadable before disposition or recycling, and electronic media must be destroyed using methods that prevent access to information stored in that type of media. Just as employees would report stolen property, missing records and suspicious incidents involving records are referred to CTC Management. We encourage our employees to be proactive in implementing and enforcing CTC’s privacy policies. If employees become aware of practices that raise privacy or security concerns, they are required to report them to their supervisors.
CTC’s regulatory department is responsible for ensuring that all CTC business units and their employees comply with privacy laws and regulations. CTC also requires any consultants, suppliers and contractors that may come into contact with customer proprietary information to observe these privacy rules with respect to any of our customers’ individual customer information. They must abide by these principles when conducting work for us, and they will be held accountable for their actions.
7. CTC Takes Special Care to Protect the Safety and Privacy of Young People Using Its Services.
CTC does not knowingly collect information about children. CTC believes that children should get their parents’ consent before giving out any personal information. CTC encourages parents and legal guardians to participate in their child’s experience using CTC’s services. Children should always ask a parent for permission before sending personal information to CTC.
8. CTC Complies with All Applicable Privacy Laws and Regulations Wherever CTC Does Business.
Customer and policymaker perceptions of privacy have changed over time and will continue to do so. Changes in technology can also alter what is appropriate in protecting privacy. Laws may change accordingly. We regularly examine – and update as necessary –CTC’s privacy policies and internal procedures to ensure compliance with applicable law and evolving technology. CTC also will monitor customer needs and expectations. CTC will work with policymakers and consumers to ensure that we continue to safeguard privacy, giving customers choices, flexibility and control. CTC considers privacy laws and regulations to be the minimum standards to which we will adhere in protecting privacy. In addition to complying with the law, CTC will adhere to its internal privacy policies and procedures wherever we do business.
9. CTC Gives an Authorized Gov’t Agency Access to Customer Information Only Upon Valid Request
CTC may release customer information in response to requests from governmental agencies, including law enforcement and national security agencies, in accordance with federal statutory requirements or pursuant to court order. Before releasing any customer information, CTC will ensure that the underlying governmental request satisfies all procedural and substantive legal requirements and is otherwise proper. For example, CTC will ensure that any court orders are valid, properly issued, and legally enforceable. Except as required by law or with the approval of the customer, CTC will not release any customer information in response to subpoenas or similar requests issued by private parties. Further, CTC will be diligent in authenticating the validity of any “governmental” request to ensure that the request actually originates from an authorized government agency.
10. CTC Uses Customer Proprietary Network Information (CPNI) In Accordance with the Law
Customers count on CTC to respect and protect the privacy of information we obtain in the normal course of providing telecommunications services to our customers. CTC is committed to protecting the privacy of all customer information, and in particular the privacy of customer proprietary network information (or CPNI).
a. Definition of “Customer Proprietary Network Information.”
The term “customer proprietary network information” is defined by federal statute to mean: (i) information that relates to the quantity, technical configuration, type, destination, location, and amount of use of a telecommunications service subscribed to by any customer of a telecommunications carrier, and that is made available to the carrier by the customer solely by virtue of the carrier-customer relationship; and (ii) information contained in the bills pertaining to telephone exchange service or telephone toll service received by a customer of a carrier.
b. Use of Customer Proprietary Network Information.
Under federal law, you have the right to, and we have the duty to protect, the confidentiality of your CPNI. However, we may use CPNI without your consent, in a manner consistent with applicable law, to: (i) initiate, render, bill, and collect for our services; (ii) market services among the categories of service to which you already subscribe; (iii) provide inside wiring installation, maintenance, and repair services; (iv) provide maintenance and technical support for our services; (v) protect our rights and property, and protect users of our services and other carriers from fraudulent, abusive, or unlawful use of, or subscription to, these services; and (vi) provide any inbound telemarketing, referral, or administrative services for the duration of a customer-initiated call.
Further, after providing you with the required notice and opportunity to “opt out,” we may use your CPNI, in a manner consistent with applicable law, to market additional communications-related services to you and conduct surveys in order to improve our service offerings.
CTC will not use your CPNI for purposes other than those described above unless we first obtain your express “opt in” consent. For example, without such consent we will not use CPNI to market services not provided by CTC, and will not share your CPNI with third parties (subject to the limitations discussed below).
c. Limits on the disclosure of CPNI outside CTC.
As a general rule, CTC does not use third-party marketers and will not disclose your CPNI to third party contractors without your explicit “opt in” consent. This means that our records of the services you buy and the calls you make generally will remain private if you choose to keep them so, since we will not ordinarily disclose this information to outside parties without your permission. However, we will release customer information without involving you if disclosure is required by law, or necessary to protect the safety of customers, employees or property. For example: When you dial 911, information about your location may be transmitted automatically to a public safety agency.
Certain information about your long distance calls may be transmitted to your long distance company for billing purposes. We are also required by law to give competitive local exchange carriers access to customer databases for purposes of serving their customers, to exchange credit information with other carriers, and to provide listings (other than certain non-published and non-listed information) to directory publishers. We will disclose information as necessary to comply with law enforcement statutes, such as to comply with valid, properly issued, and legally-enforceable subpoenas, warrants and court orders.
We may, where permitted by law, share CPNI with third parties where necessary to provide the services to which you subscribe, to protect our rights or property, and to protect users of our services and other carriers from fraudulent, abusive or unlawful use of services.
We may, where permitted by law, provide CPNI to third parties such as credit bureaus, or sell receivables to collection agencies, to obtain payment for CTC billed products and services.
d. Authentication to prevent unauthorized access to CPNI.
CTC is committed to ensuring that only properly authorized individuals are able to access CPNI for legitimate purposes. This includes ensuring that any request by a “customer” to access CPNI is valid and properly authenticated, in accordance with applicable law and industry best practices. In general, our internal policies and procedures are designed to ensure that CPNI is not released to unauthorized individuals.
Further, if a “customer” calls us to access “call detail records” (which include the number called, the number from which a call was placed, and the time, location, or duration of any call), we will not release those records unless (i) during the call, the customer provides a pre-established password; (ii) the information is sent to the customer’s address of record; or (iii) after the call, we call the customer’s telephone number of record to provide the requested information. If a “customer” attempts to access CPNI through our website, we will only provide such access if the customer has first established a password and back-up authentication mechanism for the relevant account, in a manner that does not rely on readily available biographical or account information. If a “customer” attempts to access CPNI by visiting a retail location in person, we will only provide such access if the “customer” presents valid photo identification matching the name of record on the account. (Note that different procedures may apply to certain business customers served by a dedicated account representative where the underlying service agreement addresses CPNI protection and authentication.) We also will notify you at your address of record if anyone changes the access authorization or authentication information associated with your account.
e. Notice of unauthorized access to CPNI.
As a company, we are vigilant in our efforts to protect your CPNI. However, should we become aware that your CPNI has been accessed without proper authority, we will take swift action to fully document and address such unauthorized access and provide appropriate notice. In particular, we will (i) notify law enforcement (including the United States Secret Service and the Federal Bureau of Investigation) within seven business days; and (ii) notify you and any other affected customers within seven business days thereafter, unless earlier notification is necessary to avoid immediate and irreparable harm, or we are instructed by law enforcement personnel to refrain from providing such notice.
11. CTC’s “Do Not Call” List
Any CTC customer can express a preference not to be called by us for marketing purposes, and CTC will respect such preference. A customer that does not wish to receive sales calls from CTC specifically may ask to be placed on our company-specific “Do Not Call” list. We will note the customer’s request immediately, although it may take up to 30 days for the customer’s telephone number to be removed from any active lists or sales programs that are currently underway.
Any customer can ask to be put on our “Do Not Call” list by contacting CTC’s customer service department. All customers should call [CONTACT]. The requesting customer should provide, at a minimum, the telephone number that is the subject of the request, although inclusion of the customer’s name and address is also useful. If a customer is served by multiple telephone numbers, the customer should tell us all numbers that should be placed on the “Do Not Call” list.
A residential customer will remain on our “Do Not Call” list for five years, and a business customer will remain on our “Do Not Call” list for one year, unless the customer asks to be removed from the list by contacting our customer service department. If a customer’s telephone number ever changes, the customer must give us updated information in order for the “Do Not Call” status to remain in effect.
Notwithstanding the fact that a customer’s telephone number is on our “Do Not Call” list, we may still contact that customer with respect to surveys, billing, and other service-related matters. Further, the customer should understand that being on our “Do Not Call” list will not prevent calls from other companies unaffiliated with CTC.
While we have made significant efforts to protect your personal information, we cannot ensure or warrant the security of any information you transmit to us, and you do so at your own risk. Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure and we will not be held liable should a third party illegally obtain your personal information via Internet transmission.
The Champlain Telephone Company
Attn: Regulatory Manager
11118 State Route 9
P.O. Box 782
Champlain, NY 12919-0782