Privacy Agreement ("PA")

Midstate Broadband considers user privacy paramount, and Midstate Broadband utilizes great care in keeping the information of the users of the Site (including Customers) (“Users” or “You”) private and secure. Midstate Broadband adheres to the U.S.-Swiss Safe Harbor Framework as well as the Safe Harbor Principles as agreed to and set forth by the United States Department of Commerce and the European Union (“EU”), http://export.gov/safeharbor/. To demonstrate our firm commitment to privacy, the following agreement has been created to explain our policies and procedures in relation to all data collected. In this Privacy Agreement (“PA”) we describe the information that we collect; how we use, disclose, and share your information; and how we protect your information. Capitalized terms not defined in the PA are defined in the Terms of Service. This PA does not apply to Third Party Services which are governed by their own privacy policies.

Types of Data Collected

Midstate Broadband collects data related to our users through the following methods:

Automated means such as communication protocols and cookies
Online registration and online signup forms
Sales inquiries and transactions
Online Customer communications
Offline communications and interactions
Third party sources of information

Depending upon the method of collection and use, the data collected may include information about the User from forms, registrations and transactions (such as name, title, address, company, phone number and e-mail address), financial/transaction information (such as credit card, card verification value (cvv), and payment information), information about use of Site (such as electronic communications protocols, web pages visited, and cookies) and User preferences and privileges.

Electronic Communications Protocols and Cookies

Midstate Broadband may receive data from you as part of the communication connection itself through the standard electronic greeting between your computer and our servers. This information often consists of network routing (where you came from), equipment information (browser type), internet protocol address, date and time. At this time our server will also query your computer to see if there are "cookies" previously set by Midstate Broadband.com to facilitate log in or other site navigation procedures. A "cookie" is a small piece of information sent by a web server to store in a web browser so it can later be read back from that browser.

Cookies: Some parts of the Site may use cookies (including signup forms) to collect information about visitors' use of the Site and to facilitate return visits. The information collected from cookies is tracked to enhance security and/or to improve the functionality of the Site by avoiding duplicate data entry, facilitating navigation, and increasing the relevance of content. Cookies on the Site may collect the following information: a unique identifier, User preferences and profile information used to personalize the content that is shown, and User information to access Midstate Broadband's user forums. Some cookies used by Midstate Broadband.com may remain on the user's computer after they leave the Site, but the majority are set to expire within three hundred sixty five (365) days. There may be some cookies on certain tools that are of longer duration. Cookies may also be of benefit to you by creating a more streamlined login process, keeping track of shopping cart additions or preserving order information between sessions. In the future, as we enable further customization of the Site, cookies will help in ensuring that information provided to you will be the most relevant to your needs. Browsers provide you with information and control over cookies. You can set your web browser to alert you when a cookie is being used. You can also get information on the duration of the cookie and what server your data is being returned to. You then have the opportunity to accept or reject the cookie. Additionally, you can set your browser to refuse all cookies or accept only cookies returned to the originating servers. You can generally disable the cookie feature on their browser without affecting their ability to use the Site, except in some cases where cookies are used as an essential security feature or to provide functionality necessary for transaction completion. Users visiting the website through an IP address that is associated with a member state of the European Union ("EU Users") will by default only receive cookies that expire once they leave the website. This may result in reduced website functionality. EU Users may opt-in to the receipt of cookies of a longer duration by giving their consent in a pop-up window or bar shown at the homepage of the website. Following their consent, EU Users will receive all cookies discussed above and full website functionality will be available. EU Users may choose to revoke their consent at any time by deleting all cookies associated with Midstate Broadband through their browser settings (as discussed above). We may also engage Third Parties to track and analyze non-personally and personally identifiable website data and to serve advertisements. To do so we may permit Third Parties to place cookies on devices of to Users of our Site, where permitted by law, and, subject to your right to opt-out through the Site “insert link”. We use the data collected by such Third Parties to help us administer and improve the quality of the Site and to analyze Site usage. Such Third Parties may combine the information that we provide about you with other information that they have collected. These Third Parties are required to use your information in accordance with this PA.

Customer is solely responsible for any processing or international transfer of all PII (Personally Identifiable Information) in the Customer Content and agrees to comply with all applicable rules, laws and regulations in any and all applicable regions or countries related to the transfer of such PII. To the extent PII is subject to rules, laws, regulations or the like implementing EU Data Protection Directive 95/46/EC, Midstate Broadband will be considered a "data processor" and will, as such, act on

Customer’s instructions and implement security measures in accordance with the MSA.

The Data We Collect and How We Use It

Midstate Broadband collects data from users for the following purposes:

To engage in transactions for service. Name, address, email, purchase details, and credit card/payment information may be collected and stored as part of the transaction history. The majority of the data collected under this category is contact information. Midstate Broadband may need to share some of this data (address, payment) with credit card clearing houses, banking institutions, and other similarly situated Agents, who may require the information in order to complete the transaction (as used here, “Agents” are persons or companies who act on behalf of or under the direction of Midstate Broadband). Midstate Broadband will not transfer information to any of its Agents unless it first either ascertains that the Agent subscribes to the Safe Harbor Principles or is subject to the EU Directive on Data Protection or another adequacy finding or enters into a written agreement with such Agent requiring that the Agent provide at least the same level of privacy protection as is required by the relevant Safe Harbor Principles.
To provide future service and support. Information collected for this purpose is both contact data and information related to products and service/support requested. This information is also used to provide service, product update, and similar notices.
To select content, data may be collected to help create Site content and navigation that is most relevant and user friendly. This includes data collected as a result of site navigation, as well as data provided in forms.
To respond to user inquiries and requests for information. This data includes registrations for online newsletters, opt-in mailing lists and specific requests for further information.
To respond to law enforcement organizations, government officials, third parties when compelled by subpoena, court order, or applicable law, or to report or prevent suspected fraudulent or illegal activity in the use of the Services. Midstate Broadband will notify Customer of the information request or submission as, and if, allowed.
To our contractors who provide services or perform functions on our behalf.
To our Affiliates, if we do so their use and disclosure of your PII will be subject to this PA.
If we are acquired by or merged with another company, if substantially all of our assets are transferred to another company, or as part of a bankruptcy proceeding, we may transfer the information we have collected from you to another entity if applicable.
To provide various Midstate Broadband communities, such as resellers, with relevant product alerts and updates. These updates are related to product releases, prices, terms, special offers and associated campaigns. This data is sent when the program member signs up for the relevant program or online account.
To better tailor marketing to User needs. We may use information from User purchases and User-specified requirements to provide you with timely and pertinent notices of Midstate Broadband product releases and service developments that address your needs and specified requirements and/or which are similar to products and services previously purchased by the User from Midstate Broadband.
To better respond to requests for service or quotes for product and equipment purchase. Midstate Broadband will pass contact information to the appropriate Midstate Broadband sales person, or reseller for follow-up related to Midstate Broadband products or services.
From referral "tell a friend" function. If a User elects to use our referral service for informing a friend about our Site, we ask them for the friend's name and email address. Midstate Broadband will automatically send the friend a one-time email inviting them to visit the Site and send a copy of said e-mail to the User. The e-mail(s) sent shall clearly identify the sender of such email(s). Midstate Broadband uses this data for the sole purpose of sending this onetime email. Such email sent to a friend at User’s request will not be stored for additional processing.
As a result of your participation in interactive discussions and public forums, if there are parts of the Site that permit you to participate in interactive discussions. Some of these may be moderated; all are subject to access for technical reasons. Midstate Broadband does not control the content that Users may post and some may serve as public discussion forums. As in any interactive forum open to many Users, you should carefully consider whether you wish to submit data and should tailor any other content submitted accordingly.

Customer Portal, Customer Customization, Preferences and Opt-Out

New Customers are automatically registered for access at https://support.midstatebroadband.com. The Customer Portal allows customers to update contact information, manage billing information, submit and manage support tickets and see data usage. The Customer Portal provides the Customers with control over their preferences for electronic information delivery. Midstate Broadband has also provided the Customer’s master user the ability to manage the Customer’s Account Information. We maintain the data and allow the Customer’s master user to update it at any time. To change this information, you must be a current Customer and login with a user ID and password and follow the prompts to "update my profile" on the Customer Portal. We continue to expand the profile of Services and information that you may access and update. Please note that some email communications are not subject to general opt-out. These include communications related to downloads; communications about sales transactions; information about software updates, patches and fixes; disclosures to comply with legal requirements; and network upgrades or other related maintenance for Service.If an individual’s PII is to be (a) disclosed to a Third Party who is not an Agent; or (b) used for a purpose that is incompatible with the purpose(s) for which it was originally collected or subsequently authorized by the individual, then the individual will be notified prior to such disclosure and may opt-out of having the PII disclosed by responding to the email and/or author of the notification, where such information shall be clearly set forth.

Security

Midstate Broadband is concerned with the security of the data we have collected and utilizes commercially reasonable measures to prevent unauthorized access to that information. These measures include policies, procedures, employee training, physical access and technical elements relating to data access controls. In addition, Midstate Broadband uses standard security protocols and mechanisms to facilitate the exchange and the transmission of sensitive data, such as credit card details. Midstate Broadband does not process PII (Personally Identifiable Information) in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by the individual. In the event that PII is acquired, or is reasonably believed to have been acquired, by an unauthorized person and applicable law requires notification, Midstate Broadband will notify the affected individual of the breach by email or ticket on the Customer Portal or, if Midstate Broadband is unable to contact the individual by email or ticket on the Customer Portal, then by regular mail. Notice will be given promptly, consistent with the legitimate needs of law enforcement and any measures necessary for Midstate Broadband or law enforcement to determine the scope of the breach and to ensure or restore the integrity of the data system. Midstate Broadband may delay notification if Midstate Broadband or a law enforcement agency determines that the notification will impede a criminal investigation, and in such case, notification will not be provided unless and until Midstate Broadband or the agency determines that notification will not compromise the investigation.

Enforcement

Midstate Broadband has established internal mechanisms to verify its ongoing adherence to its privacy policy, including the Safe Harbor Principles. Midstate Broadband also encourages individuals covered by this privacy policy to raise any concerns about our processing of personal information by contacting Midstate Broadband at the address below. Midstate Broadband will seek to resolve any concerns. Midstate Broadband has also agreed to participate in the dispute resolution program provided by the European Data Protection Authorities.

Policy Updates

If we are going to use your PII in a manner different from that stated at the time of collection, we will notify you via email. In addition, if we make any material changes in our privacy practices that do not affect the PII already stored in our database, we will notify you by email or post a prominent notice on the Customer Portal notifying users of the change. In some cases, when we post the notice, we will also email users who have opted to receive communications from us, notifying them of the changes in our privacy practices. We may update this policy from time to time to describe how new site features affect our use of your PII and to let you know of new control and preference features that we provide.