GLOBALSTAR CPNI POLICY
Globalstar is committed to maintaining the privacy of its customers’ proprietary information. Herein, we describe what information we protect and how we protect it.
Customers of our services have the right, and Globalstar has a duty, under federal law, to protect the confidentiality of certain types of information known as “Customer Proprietary Network Information,” or “CPNI” for short. CPNI includes information such as: (1) information about the quantity, technical configuration, type, destination, location, and amount of use of services by any specific customer; and (2) information contained on a customer’s bill concerning services he received, including any information that pertains to the transmission of specific telephone calls (referred to as “call detail information”). Examples of CPNI include information typically available from telephone-related details on a customer’s monthly bill, details regarding the calls a customer makes, and information regarding the types of service that a subscriber purchases. CPNI does not include things like customer name, address, or telephone number (referred to as “subscriber list information”), or aggregate information or data that is not specific to a single customer.
Unless Globalstar obtains customer approval, Globalstar will not use CPNI to market products and services to a customer other than to market service offerings (e.g.
, service enhancements) among the categories of service that the customer already purchases from Globalstar.
From time to time, Globalstar would like to use the CPNI it has on file to provide a customer with information about Globalstar’s communications-related products and services or special promotions. Globalstar’s use of CPNI may also enhance its ability to offer products and services tailored to a customer’s specific needs. Accordingly, Globalstar will sometimes contact customers in writing, notify them of their CPNI rights, and seek approval so that Globalstar may use CPNI to let a customer know about communications-related services other than those to which the customer currently subscribes that Globalstar believes may be of interest to the customer. In addition to informing the customer of his rights regarding CPNI disclosure, this contact will specify the types of information that constitute CPNI, specify the entities that will receive the CPNI, describe the purposes for which the CPNI will be used, and notify customers that Globalstar will wait a minimum of thirty (30) days before assuming customer approval. If a customer approves of such use of his CPNI, the customer need not take any action. If a customer does not approve of such use of his CPNI, the customer can object to the proposed use at any time by calling the appropriate number listed below. Updated notices will be sent to customers every two (2) years, and Globalstar maintains records of notification, whether oral, written, or electronic, for at least one (1) year. In the event that an opt-out mechanism does not work properly, Globalstar must notify the Federal Communications Commission within five (5) business days.
Globalstar provides its customers with other methods for restricting the use of, disclosure of, and access to their CPNI. For example, a customer may withdraw Globalstar’s right to use his CPNI at any time by calling one of the following telephone numbers:
North America: 877-452-5782
If a customer denies or restricts his approval for Globalstar to use his CPNI, there is no impact on how Globalstar provides any services to which the customer subscribes. Any denial or restriction of a customer’s approval remains valid until the customer affirmatively revokes or limits such approval or denial.
In some instances, Globalstar will want to share a customer’s CPNI with its independent contractors and joint venture partners in order to provide the customer with information about Globalstar’s communications-related products and services or special promotions. Prior to sharing a customer’s CPNI with its independent contractors or joint venture partners, Globalstar will obtain written permission from the customer to do so.
Federal privacy rules require Globalstar to authenticate the identity of its customer prior to disclosing CPNI. Customers calling Globalstar’s customer service center can discuss their services and billings with a Globalstar representative once that representative has verified the caller’s identity. Globalstar customer service personnel use Interactive Voice Response (IVR) technology to verify the customer’s identity during customer-initiated telephone calls. Globalstar will only release CPNI during a customer-initiated telephone call if the customer’s identity is verified. If Globalstar customer service personnel cannot authenticate the identity of the customer through the IVR system, the Globalstar representative will attempt to verify the customer’s identity through obtaining detailed account information name on account, account address, phone number, email address, and device electronic serial number. If the customer cannot be verified by either IVR or multi-factor account information, the Globalstar representative will only release call detail information by sending it to the customer’s email address of record or by calling the customer at the telephone number of record.
NOTIFICATIONS OF CERTAIN ACCOUNT CHANGES
Globalstar will notify customers immediately of certain account changes, including changes to a customer’s online account, password, password authentication information, or address of record. This notification does not reveal the changed information. This notification, which will take place through voicemail, e-mail, or mail to the relevant telephone number or address of record, provides an additional measure of security against changes to an account without the customer’s knowledge.
Globalstar customer service personnel will respond to requests for changes to a customer’s online accounts, passwords, password authentication information, or address of record during a customer-initiated telephone call only if the customer’s identity has been verified by the IVR system or multi-factor account information. If Globalstar customer service personnel cannot authenticate the identity of the customer through the IVR system or multi-factor account information, they will inform the customer of the need for additional validation in order to proceed. Specifically, customer service personnel will inform the customer that he will need to terminate the customer-initiated telephone call and call the customer back on his telephone number of record before proceeding. If there is no response to this call, Globalstar customer service personnel will send an e-mail to the customer’s e-mail account of record. Written notification to the address of record will only be sent if there is no response to either voice or e-mail requests for confirmation.
DISCLOSURE OF CPNI
Globalstar may disclose CPNI in the following circumstances:
- When the customer has approved use of their CPNI for Globalstar and/or its joint venture partners and independent contractors (as the case may be) for sales or marketing purposes.
- When disclosure is required by law or court order.
- To protect the rights and property of Globalstar or to protect customers and other carriers from fraudulent, abusive, or unlawful use of services.
- To provide services to the customer, including assisting the customer with, for example, repair services.
- To bill or collect for services.
Globalstar uses numerous methods to protect CPNI. These methods include software enhancements that identify whether a customer has approved use of its CPNI (i.e., the status of a customer’s CPNI approval can be clearly established). In addition:
- All online access to CPNI is password protected and the password is not prompted by asking for readily available biographical information or account information;
- All Globalstar customer service personnel are trained on how CPNI is to be protected and when it may or may not be disclosed; and
- All marketing campaigns are reviewed by a Globalstar supervisory committee to ensure that all such campaigns comply with applicable CPNI rules (e.g., sales personnel must obtain supervisory approval of any outbound marketing request for customer approval, records of compliance are retained for a minimum of one (1) year).
Globalstar maintains records of its own sales and marketing campaigns that utilize customer CPNI as well as those of its joint venture partners and/or independent contractors (if applicable). These records include a description of the campaign, the specific CPNI that was used in the campaign, and what products and services were offered as part of each campaign. Globalstar also keeps records of all instances in which CPNI is disclosed to third parties or where third parties were allowed access to customer CPNI. Globalstar retains these records for a minimum of one (1) year.
Globalstar will not release CPNI during customer-initiated telephone contact without first authenticating the customer’s identity in the manner set forth herein. Violation of this CPNI policy by any Globalstar employee will result in disciplinary action against that employee as set forth in the Globalstar Employee Handbook.
BREACH OF CPNI PRIVACY
In the event Globalstar experiences a privacy breach and CPNI is disclosed to unauthorized persons, federal rules require Globalstar to report such breaches to law enforcement. Specifically, Globalstar will notify law enforcement no later than seven (7) business days after a reasonable determination that such breach has occurred by sending electronic notification through a central reporting facility to the United States Secret Service and the Federal Bureau of Investigation. Globalstar generally cannot inform its customers of the CPNI breach until at least seven (7) full days following notification to law enforcement, and may only do so at that time if law enforcement agents have not requested that it further postpone disclosure. Additionally, Globalstar is required to maintain records of any discovered breaches, notifications to law enforcement regarding the breach, law enforcement’s response (if any) to the notifications, and notifications made to customers. These records will include, if available, the date that Globalstar discovered the breach, the date the company notified law enforcement, the date the company notified customers, a detailed description of the CPNI that was breached, and the circumstances of the breach. Globalstar will retain these records for a period of not less than two (2) years.
NOTIFICATION OF CHANGES TO THIS POLICY
If Globalstar changes its CPNI Policy, we will post those changes at https://www.Globalstar.com/CPNI and possibly in other places Globalstar deems appropriate, so that the public can be aware of what information Globalstar collects, how Globalstar uses it, and under what circumstances, if any, Globalstar discloses it. If a customer decides to continue receiving services after Globalstar makes any changes to its CPNI Policy, the customer shall be deemed to have given express consent to the changes in the revised policy.