Your privacy is very important to us. Accordingly, we have developed this Policy in order for you to understand how we collect, use, communicate and disclose and make use of personal information. The following outlines our privacy policy.

  • Before or at the time of collecting personal information, we will identify the purposes for which information is being collected.
  • We will collect and use of personal information solely with the objective of fulfilling those purposes specified by us and for other compatible purposes, unless we obtain the consent of the individual concerned or as required by law.
  • We will only retain personal information as long as necessary for the fulfillment of those purposes.
  • We will collect personal information by lawful and fair means and, where appropriate, with the knowledge or consent of the individual concerned.
  • Personal data should be relevant to the purposes for which it is to be used, and, to the extent necessary for those purposes, should be accurate, complete, and up-to-date.
  • We will protect personal information by reasonable security safeguards against loss or theft, as well as unauthorized access, disclosure, copying, use or modification.
  • We will make readily available to customers information about our policies and practices relating to the management of personal information.

We are committed to conducting our business in accordance with these principles in order to ensure that the confidentiality of personal information is protected and maintained.

At Mosaic NetworX, we know how important privacy is to our customers and individuals. We have created this privacy statement to explain our approach to the collection, use, and disclosure of customer and an individual’s information through the use of our services, marketing efforts related to our services, or as you interact with our web page.

Article I: Context

Mosaic NetworX provides telecommunications and infrastructure offerings to customers globally. As part of providing those offerings, Mosaic NetworX may act as a processor. Mosaic NetworX collects and stores Personal Data for purposes of providing its offerings, informing customers of additional offerings, tracking use activity on its websites, and marketing efforts related to its offerings. Articles III through VIII of this privacy statement details the specific collection, use and storage for each of Mosaic NetworX’s offerings.

Article II: Definitions

CPNI – customer proprietary network information.

Data – All information of individuals that is processed.

Data Subject – the person who provides (or information is collected from) Personal Data.

Offerings — the communications and products offered by Mosaic NetworX to its customers.

Personal Data or Personal Information – any information that relates to an identified or identifiable living individual. This includes, for example, information such as a name, address, telephone number, email address, and identification number.

Processing – any set of actions which is performed on personal data such as collecting, recording, organizing, structuring, storing, altering, retrieving, using, disclosing, or destroying.

California Consumer Protection Act – TITLE 1.81.5. California Consumer Privacy Act of 2018 [1798.100 – 1798.199.100]

Controller – the entity that determines the processes and means of processing.

GDPR – EU General Data Protection Regulation.

PIPEDA – Canada Personal Information Protection and Electronic Documents Act.

Processor – the entity that processes personal data on behalf of the controller.

Article III: Mosaic NetworX’s Offerings; Interaction with Private Data

For Data Services and Network Infrastructure [including Dark Fiber, Wave, SONET, Ethernet]

Mosaic NetworX provides infrastructure and bandwidth services that permit customers to transport data in accordance with customer contractual requirements. The Customer is responsible for ensuring the data transmitted through these services is appropriately protected and compliant with current privacy legislation. Although the information moving through Company infrastructure may include customer information, Mosaic NetworX is not acting in the role of processor of customer data; Mosaic NetworX does not possess any direct or administrative access to any customer content that is transmitted through our communication infrastructure. This separation is maintained through both technological and security controls implemented on our service architecture.

For Cloud Services [Object Based Storage Services]

Mosaic NetworX provides and operates cloud based capabilities and infrastructure that permit storage and lifecycle management activities for customer content. Mosaic NetworX only permits access by a limited number of employees to customer-stored content at the request of the authorized customer party requesting Mosaic NetworX to access such content, and such access by Mosaic NetworX employees is limited to certain administrative functions, such as resetting passwords to provide the authorized customer party access to customer content. Mosaic NetworX requires these employees to read, understand, and acknowledge compliance with Mosaic NetworX’s policy governing such access. Through the Cloud Services Offering, Mosaic NetworX is acting in the role of a processor on behalf of the Customer (the controller).

For Voice Services [Including VoIP, and UCCV]

Mosaic NetworX provides cloud-based voice and collaboration solutions that deliver voice and PBX features, video meetings and messaging, and contact management features through an intuitive cloud interface. Customers may access a dashboard of reports, and may subscribe to a call recording feature. To access the Customer dashboard a new user receives a system-generated password in a separate email from the application setup instructions. The user is instructed to change the password and neither the Customer administrator nor Mosaic NetworX have access to user passwords. Mosaic NetworX has an application management password for all applications, including our call recording solutions. Mosaic NetworX only permits access by a limited number of employees , for the purpose of providing Customer assistance and troubleshooting. Access to Mosaic NetworX’s highest level master portal is limited to a select few employees. Customer portals for programming phones may be accessed only by select Mosaic NetworX employees upon request of the Customer. These portals are limited to phone systems and do not provide access to applications such as meetings or call recordings.

Article IV: What Personal Data is Processed by Mosaic NetworX

Contact Information – Mosaic NetworX receives Personal Data from Data Subjects in their role as employees of our customers. Information required by Mosaic NetworX to enable communications with customers, administer customer accounts, and in accordance with contractual obligations is limited to name, business address, telephone number, job title, and email address. Mosaic NetworX may also collect certain publicly available social media information to facilitate provisioning of our Offerings and communications with our customers.

Website Application and Other Associated Service Portals – Mosaic NetworX processes Personal Data contact information associated with the creation of application user credentials (eg. Salesforce, Zendesk, Mosaic NetworX service portals, etc.), and collects website visitor information in the form of generic website statistics and cookies including device, operating system and browser type, country and time zone indicators and other system settings.

Mosaic NetworX collects this information directly from Data Subjects through the interaction and use of our websites. See our Mosaic NetworX Cookie Policy for more specific details on data collection & use.

Marketing – Mosaic NetworX utilizes websites for the display of corporate information as well as to market and transact Mosaic NetworX Offerings. Customers and website visitors interact with various functions on these pages that may require the collection and use of Personal Data to complete those functions.

Opt Out – If Mosaic NetworX uses your Personal Data for the purpose of sending you marketing communications, you may manage your receipt of marketing and non-transactional communications from Mosaic NetworX by clicking on the “manage preference” link located on the bottom of Mosaic NetworX marketing emails or by emailing marketing@mosaicnetworx.com (“Opt Out”).

Please note that, notwithstanding the above, you will continue to receive marketing and non-transactional communications from Mosaic NetworX unless you manage your receipt of such communications by clicking on the “manage preference” link.

Opting out of marketing communications does not opt you out of receiving important business communications related to your current relationships with Mosaic NetworX, such as communications about the Offerings Mosaic NetworX provides to your company.

Submission of Personal Data by Customer – In cases where contact information is provided by the customer in accordance with contractual requirements, the customer is responsible for ensuring that any Personal Data submitted to Mosaic NetworX has been obtained in accordance with relevant data protection requirements and that, where applicable, customer has obtained any required consent from the Data Subject prior to providing Personal Data to Mosaic NetworX.

Identity Information – For customers that require access to Mosaic NetworX facilities, Mosaic NetworX collects government issued identity information (e.g., drivers license, passport), palm or fingerprint biometric identifiers, and CCTV video image. Mosaic NetworX collects this information directly from the Data Subject at each designated Mosaic NetworX facility.

Network Traffic Data – Mosaic NetworX collects data that is captured through system logging and data flow management systems including, but not limited to, source and destination Internet Protocol [IP] addresses and domain name, date and time indicators, and other network layer protocol header information as collected based on service capabilities. Although IP addresses are collected within network traffic logs, Mosaic NetworX does not possess the necessary capabilities without the involvement of the impacted customer to identify an individual.

Article V: Why Mosaic NetworX Uses Personal Data

Contract Administration – Mosaic NetworX processes Personal Data contact information as necessary for the performance of Offerings pursuant to a contract between Mosaic NetworX and its customer. Contact information is needed for ongoing contract administration, to provide customer notices and service announcements, to assist with service incident resolution, to install and maintain services on customer premises and to address billing and payment inquiries.

Physical Security Controls – Mosaic NetworX processes identity information as necessary for the performance of a contract between Mosaic NetworX and the customer. Customer contracts require that physical security controls be implemented to prevent unauthorized access to colocation facilities and customer equipment. Identity information is collected to authenticate individuals based on customer approvals.

Traffic Data – Mosaic NetworX monitors and processes network traffic data consistent with its legitimate interests to support the offerings provided pursuant to a contract between Mosaic NetworX and its Customer, to ensure the integrity of services and to support security incident and event management functions.

Website – Mosaic NetworX processes website visitor information and contact information with our legitimate interest to offer and provide products and services, send promotional materials and marketing communications regarding programs, offers and surveys, deliver targeted online advertising, communicate with returning visitors and auto fill web based forms, respond to inquiries and to operate, evaluate and improve our business. Mosaic NetworX processes website application information with our legitimate interest to create and maintain user credentials to allow authenticated user access to self-serve functions related to telecommunication services or to submit recruitment information for consideration of employment.

Article VI: Disclosure of Personal Data

Generally – Mosaic NetworX may disclose Personal Data: (i) as set forth in an agreement between Mosaic NetworX and a customer; (ii) as required by law or legal process; (iii) to law enforcement authorities or other government entities; and (iv) when Mosaic NetworX believes disclosure is necessary or appropriate to prevent harm or financial loss, or in connection with an investigation of alleged fraudulent or illegal activity.

Transfers to Subprocessors – Mosaic NetworX endeavors to limit data transfers wherever possible, however, Mosaic NetworX does provide Personal Data, limited to name, contact information, and title, to its subprocessors to fulfill its obligations to its customers, and for administrative purposes. Where such data transfers are necessary, Mosaic NetworX ensures that recipients of this data have appropriate safeguards and contractual terms in place, including Standard Contractual Clauses under GDPR where applicable. Personal Data transferred to Mosaic NetworX subprocessors are stored on infrastructure located in the United States.

Article VII: Retention of Personal Data

Generally – Mosaic NetworX maintains a corporate records retention policy and schedule. Specific retentions based on data categories are outlined below. However, various data elements when included within corporate documents will be governed by corporate and legal requirements.

Retention of Personal Data – Mosaic NetworX retains Personal Data contact information and website application information for as long as the Customer maintains an active account and for 7 years after account termination in order to comply with legal and financial reporting obligations. In some cases, such as when required by law or rule, Mosaic NetworX will keep Personal Data contact information for longer periods (e.g., E-Rate retention requirements). For all other cases, when Personal Data contact information is no longer required in support of a defined purpose, it will be deleted.

Retention of Network Traffic – Mosaic NetworX retains network traffic data for 90 days, then archived for 1 year before being deleted.

Retention of Website Information – Mosaic NetworX retains website visitor information related to generic website statistics for the life of the website in an archive. Web cookie information is retained in alignment with cookie expiration dates.

Article VIII: Your Rights as a Data Subject

You have the right to:

  • The right to access your personal information
  • The right to rectify any inaccurate personal information
  • The right to the erasure of your personal information
  • The right to restrict the processing of your personal information
  • The right to data portability
  • The right to object to the processing of your personal information
  • The right to opt out of the sale of your personal information (under CCPA)
  • The right to not be discriminated against for exercising your privacy rights (under CCPA)

To update, correct, or remove personal data or to object to the processing of your information related to website visit or web application support, please contact us at privacy@mosaicnetworx.com or through “support” options on portals or applications.

NOTE: Where contact information has been provided by your employer (our customer), direct your request to your employer for corrective action. Due to the nature of Personal Data use, Mosaic NetworX reserves the right to verify any corrections with customer contract authorities prior to making any changes.

For all other inquiries, please contact us, in writing, at privacy@mosaicnetworx.com or write to the physical address listed below. In your request, please clearly articulate the nature of the concern/request as specifically as possible. Prior to release of any information, we may be required to ask for additional information from you in order to verify your identity before disclosure.

If you consider that privacy requests have not been addressed adequately by Mosaic NetworX or the processing of Personal Data infringes GDPR, you have the right to lodge a complaint with the office of the Data Protection Commissioner or Supervisory Authority in the country where you reside.

Article IX: Organization Details and Contact Information

Head Office:
Mosaic NetworX, LLC
700 Larkspur Landing Circle, Suite 214
Larkspur, California 94939

Privacy Office :

privacy@mosaicnetworx.com

Article X: Applicable Law

GDPR applies to any Personal Data collected from a Data Subject and requires Mosaic NetworX to have certain safeguards and process in place to ensure, among other things, that Personal Data is processed for a legitimate purpose, lawfully and transparently, collected for a specific purpose and not used in a manner inconsistent with that purpose, and appropriate safeguards are in place to ensure Personal Data is not processed in a manner that is unauthorized or unlawful. To the extent applicable, Mosaic NetworX performs Offerings in compliance with Article 49(1) of the GDPR.

CCPA provides California consumers certain rights concerning how, when, and why businesses collect personal information. Mosaic NetworX does not resell any Personal Data. If Mosaic NetworX resells Personal Data in the future, this privacy statement will be amended accordingly.

CPNI relates to the quantity, technical configuration, type, destination, and amount of use of a telecommunications service subscribed to by any customer of a telecommunications carrier, and that is made available to the carrier solely by virtue of the customer-carrier-relationship; and information contained in all the bills pertaining to telephone exchange service or telephone toll service received by a customer of a carrier. Mosaic NetworX has a CPNI policy that details how Mosaic NetworX treats CPNI, and when employees or representatives may access and use CPNI.

Failure by any of our employees to comply with Mosaic NetworX’s policies concerning CPNI is subject to disciplinary actions which may, depending upon the severity of the failure, result in termination of employment.

Other Applicable Laws – Mosaic NetworX also monitors and establishes other compliance measures for laws pertaining to privacy other than those set out in this Policy. Concerning such laws, Mosaic NetworX conducts annual training for applicable employees, and requires employees to attest they have completed such training