You are on page 1of 3

Attachment 1

Bug Tussel Wireless, LLC
1. Bug Tussel Wireless, LLC, (hereinafter the “Company”) shall provide ,
pursuant to all applicable laws and regulations, notice to the required law
enforcement agencies should a security breach resulting in the disclosure of
CPNI occur. After notifying the required law enforcement agencies, Company
shall notify affected customers. Company will maintain a record of any CPNI
related security breaches for a period of at least 2 years.
2. Company has implemented a system whereby the status of the customer’s
CPNI status approval can be determined prior to use of CPNI.
3. Company provides training to employees concerning CPNI compliance.
Trained employees are required to maintain the confidentiality of information
including customer information that is obtained as a result of their
employment. Employees that do not abide by these policies or otherwise
permit the unauthorized use or disclosure of CPNI will be subject to discipline,
including possible termination.
4. The Company does not engage in marketing when a customer makes an
inbound call to Company. Should Company change this practice, the
Company will, in accordance with the applicable CPNI rules, obtain a
customer’s authorization so that Company’s customer service representative
may access customer’s CPNI during the course of the telephone conversation,
solely for the duration of that conversation.
5. The Company will provide a customer’s phone records or other CPNI to a law
enforcement agency in accordance with applicable legal requirements.
6. Company may use, disclose or permit access to CPNI to protect the
Company’s rights or property, or to protect users of those services and other
services from fraudulent, abusive or unlawful use of such services.
7. The Company does not share CPNI data between affiliates nor does it share
customer CPNI data with any third parties employed to perform marketing
8. The Company does not engage in any out-bound marketing campaigns to
customers and therefore did not and will not use, disclose, or permit access
to CPNI in connection with same. If the Company were to engage in an outbound marketing campaign, said campaign would need supervisory approval.
Furthermore, a record of said campaign would be kept by the Company’s
CPNI Compliance Officer including: (i) a description of the campaign; (ii) the
specific CPNI that was used in the campaign; (iii) the date and the purpose of

the campaign; and (iv) what products and services were offered as part of the
campaign. This record would be kept for a minimum of one (1) year.
9. At customer sign up, each customer is provided a notification of his or her
rights regarding CPNI data and is asked whether he or she would like to “Optin” or “Opt-out” of receiving solicitations for additional products or services
from the Company. The Company maintains appropriate paper and/or
electronic records that allow its employees to establish the status of each
customer’s Opt-out and/or Opt-in approvals (if any) prior to use of the
customer’s CPNI.
10.The Company’s employees and billing agents may use CPNI to initiate,
render, bill and collect for telecommunications services. The Company may
obtain information from new or existing customers that may constitute CPNI
as part of applications or requests for new, additional or modified services,
and its employees and agents may use such customer information (without
further customer approval) to initiate and provide the services. Likewise, the
Company’s employees and billing agents may use customer service and
calling records (without customer approval): (a) to bill customers for services
rendered to them; (b) to investigate and resolve disputes with customers
regarding their bills; and (c) to pursue legal, arbitration, or other processes to
collect late or unpaid bills from customers.
11.The Company’s employees and billing agents may NOT use CPNI to identify or
track customers who have made calls to, or received calls from, competing
carriers. Nor may the Company’s employees or billing agents use or disclose
CPNI for personal reasons or profit.
12.The Company maintains CPNI files in a secure manner such that they cannot
be used, accessed, disclosed or distributed by unauthorized individuals or in
an unauthorized manner.
13.Paper files containing CPNI are kept in secure areas, and may not be used,
removed, or copied in an unauthorized manner.
14.The Company has implemented procedures to properly authenticate
customers prior to disclosing CPNI over the phone and at its retail locations.
In connection with these procedures, the Company has established a system
of passwords and backup authentication methods for all customers in
compliance with the applicable commission rules. If a customer cannot
verify a password or answer the backup authentication security question, the
Company will call the customer back at the number of record on the account.
The Company will provide customers with access to CPNI at its retail locations
if the customer presents a valid photo ID and the valid photo ID matches the
name on the account.
15.The Company has established procedures whereby a customer will be
immediately notified of account changes to passwords, backup means of
authentication for lost or forgotten passwords or addresses of record.

16.In addition to the specific matters required to be reviewed and approved by
the Company’s CPNI Compliance Officer, employees are strongly encouraged
to bring any and all other questions, issues, or uncertainties regarding the
use, disclosure, or access to CPNI to the attention of the Company’s CPNI
Compliance Officer for appropriate investigation, review and guidance.
17.The Company has no new or additional information with respect to processes
pretexters are using to access CPNI.
The Company has had no issues with data brokers in 2015, therefore no
action was required.
In 2015, the Company had no customer complaints regarding unauthorized
access or release of CPNI.