CPNI Compliance Statement Net Express Inc.

d/b/a Advent Telecom (Company) does not use, d sclose or perm t access to, Customer !ropr etary Net"or# In$ormat on (C!NI) except as perm tted under %& '.(.C. ) ***(d), except as ot+er" se re,u red by la" pursuant to %& '.(.C. ) ***(c)(-) or except as perm tted under %& '.(.C. )) ***(c)(-)(A) and ***(c)(-)(.). A. Definitions T+e terms used n t+ s (tatement +ave t+e same mean n/ as set $ort+ n %& C.0.1. ) 2%.*334. B. Use of CPNI (-) T+e Company does not use, d sclose, or perm t access to C!NI $or mar#et n/ purposes, and t+e Company does not use, d sclose, or perm t access to C!NI to mar#et serv ce o$$er n/s to a customer t+at re,u re opt5 n or opt5out consent o$ a customer under %& C.0.1. ) 2%.*33- et seq. (*) T+e Company does not use, d sclose or perm t access to C!NI to dent $y or trac# customers t+at call compet n/ serv ce prov ders. (4) Not" t+stand n/ t+e $or/o n/6 It s t+e Company7s pol cy t+at t+e Company may use, d sclose, or perm t access to C!NI to, amon/ ot+er t+ n/s, protect t+e r /+ts or property o$ t+e Company, or to protect users o$ t+ose serv ces and ot+er carr ers $rom $raudulent, abus ve, or unla"$ul use o$, or subscr pt on to, suc+ serv ces. C. Safeguards Required for the Use of CPNI (-) It s t+e pol cy o$ t+e Company to tra n ts personnel as to t+e c rcumstances under "+ c+ C!NI may, and may not, be used or d sclosed. In add t on, t+e Company +as establ s+ed a express d sc pl nary process n nstances "+ere ts personnel do not comply " t+ establ s+ed pol c es. (*) In compl ance " t+ (ect on 2%.*338(e), t+e Company " ll prepare a compl ance cert $ cate s /ned by an o$$ cer on an annual bas s stat n/ t+at t+e o$$ cer +as personal #no"led/e t+at t+e Company +as establ s+ed operat n/ procedures t+at are ade,uate to ensure compl ance " t+ %& C.0.1. ) 2%.*33- et seq. T+e cert $ cate s to be accompan ed by t+ s statement and " ll be $ led n E. 9oc#et No. 32542 annually on :arc+ -, $or data perta n n/ to t+e prev ous calendar year. T+ s $ l n/ " ll nclude an explanat on o$ any act ons ta#en a/a nst data bro#ers and a summary o$ all customer compla nts rece ved n t+e past year concern n/ t+e unaut+or ;ed release o$ C!NI. D. Safeguards on the Disclosure of CPNI It s t+e Company7s pol cy to ta#e reasonable measures to d scover and protect a/a nst attempts to /a n unaut+or ;ed access to C!NI. T+e Company does not +ave access to call deta l n$ormat on (as t s de$ ned n %& C.0.1 ) 2%.*334) and does not prov de t+ s n$ormat on to ts

customers but, "+en appl cable, " ll properly aut+ent cate a customer pr or to d sclos n/ C!NI based on customer5 n t ated telep+one contact descr bed +ere n. (-) Methods of Accessing CPNI. (a) Telephone Access to CPNI. <+en appl cable, t s t+e Company7s pol cy to only d sclose call deta l n$ormat on over t+e telep+one, based on customer5 n t ated telep+one contact, $ t+e customer $ rst prov des t+e Company " t+ a pass"ord, as descr bed n (ect on (*), t+at s not prompted by t+e carr er as# n/ $or read ly ava lable b o/rap+ cal n$ormat on, or account n$ormat on. I$ t+e customer s able to prov de call deta l n$ormat on to t+e Company dur n/ a customer5 n t ated call " t+out t+e Company7s ass stance, t+en t+e Company may d scuss t+e call deta l n$ormat on prov ded by t+e customer. (b) Online Access to CPNI. T+e Company does not prov de onl ne access to customer account n$ormat on. (*) Password Procedures. <+en appl cable, to establ s+ a pass"ord, t+e Company " ll aut+ent cate t+e customer " t+out t+e use o$ read ly ava lable b o/rap+ cal n$ormat on, or account n$ormat on. T+e Company may create a bac#5up customer aut+ent cat on met+od n t+e event o$ lost or $or/otten pass"ords, but suc+ bac#5up customer aut+ent cat on met+od " ll not prompt t+e customer $or read ly ava lable b o/rap+ cal n$ormat on or account n$ormat on. I$ t+e customer cannot prov de t+e correct pass"ord or correct response $or t+e bac#5up customer aut+ent cat on met+od, t+e customer must establ s+ a ne" pass"ord as descr bed n t+ s para/rap+. (4) Notification of Account Changes. <+en appl cable, t+e Company " ll not $y customers mmed ately "+enever a pass"ord, customer response to a bac#5up means o$ aut+ent cat on $or lost or $or/otten pass"ords, onl ne account, or address o$ record s created or c+an/ed. T+ s not $ cat on s not re,u red "+en t+e customer n t ates serv ce, nclud n/ t+e select on o$ a pass"ord at serv ce n t at on. T+ s not $ cat on may be t+rou/+ a Company or / nated vo cema l or text messa/e to t+e telep+one number o$ record, or by ma l to t+e address o$ record, and must not reveal t+e c+an/ed n$ormat on or be sent to t+e ne" account n$ormat on. E. Notification of CPNI Securit Breaches (-) It s t+e Company7s pol cy to not $y la" en$orcement o$ a breac+ n ts customers7 C!NI as prov ded n t+ s sect on. T+e Company " ll not not $y ts customers or d sclose t+e breac+ publ cly unt l t +as completed t+e process o$ not $y n/ la" en$orcement pursuant to para/rap+ (*). (*) As soon as pract cable, and n no event later t+an seven (&) bus ness days, a$ter reasonable determ nat on o$ t+e breac+, t+e Company " ll electron cally not $y t+e 'n ted (tates

(ecret (erv ces ('((() and t+e 0ederal .ureau o$ Invest /at on (0.I) t+rou/+ a central report n/ $ac l ty. (a) Not" t+stand n/ state la" to t+e contrary, t+e Company " ll not not $y customers or d sclose t+e breac+ to t+e publ c unt l & $ull bus ness days +ave passed a$ter not $ cat on to t+e '((( and t+e 0.I, except as prov ded n para/rap+s (b) and (c). (b) I$ t+e Company bel eves t+at t+ere s an extraord nar ly ur/ent need to not $y any class o$ a$$ected customers sooner t+an ot+er" se allo"ed under para/rap+ (a), n order to avo d mmed ate and rreparable +arm, t " ll so nd cate n ts not $ cat on and may proceed to mmed ately not $y ts a$$ected customers only a$ter consultat on " t+ t+e relevant nvest /at on a/ency. T+e Company " ll cooperate " t+ t+e relevant nvest /at n/ a/ency7s re,uest to m n m ;e any adverse e$$ects o$ suc+ customer not $ cat on. (c) I$ t+e relevant nvest /at n/ a/ency determ nes t+at publ c d sclosure or not ce to customer "ould mpede or comprom se an on/o n/ or potent al cr m nal nvest /at on or nat onal secur ty, t+e Company " ll comply " t+ suc+ a/ency7s "r tten d rect ves, nclud n/ d rect ves not to so d sclose or not $y $or an n t al per od o$ up to 43 days, and extended per ods as reasonably necessary n t+e =ud/ment o$ t+e a/ency. (4) A$ter t+e Company +as completed t+e process o$ not $y n/ la" en$orcement pursuant to para/rap+ (*), t " ll not $y ts customers o$ a breac+ o$ t+ose customers7 C!NI. (%) Record keeping. T+e Company " ll ma nta n a record, electron cally or n some ot+er manner, o$ any breac+es d scovered, not $ cat ons made to t+e '((( and t+e 0.I pursuant to para/rap+ (*), and not $ cat ons made to customers. T+e record " ll nclude, $ ava lable, dates o$ d scovery and not $ cat on, a deta led descr pt on o$ t+e C!NI t+at "as t+e sub=ect o$ t+e breac+, and t+e c rcumstances o$ t+e breac+. T+e Company " ll ma nta n t+e record $or a m n mum o$ * years.