XMission has created this Privacy Policy to demonstrate our firm commitment to privacy. The following discloses our information gathering and dissemination practices. This Privacy Policy applies to any personal information you provide to us or that we collect through our websites, use of services, or other electronic forms of communication. By accessing or using any part of XMission’s sites or services, you agree to the collection and use of information according to this Privacy Policy. This page explains:
- What personally identifiable information is collected from you through our websites and/or services, how it is used, and with whom it may be shared;
- The security procedures in place to protect your personal information;
- What choices are available to you regarding the use of your personal information;
- How you can correct any inaccuracies in your personal information.
- We are committed to respecting and protecting your information and would like you, our valued customers, to understand what information is collected, why we collect it, and how we protect it.
What we gather
While using our websites to browse, create an account, or sign up for services, we may collect the following personal information from you:
- Identifying Information: First, middle, and last name, mailing, shipping, and billing addresses, email addresses, phone numbers, and IP addresses. We use the data to provide you with products and services, order processing, customer support, and marketing.
- Internet Data: Pages viewed, search terms used, web access times, device number, device model, operating system and version, device date and time, and unique device identifiers. We use the data for security, performance on our website, to improve our customers’ experience, and for marketing.
- Commercial Information: Purchase history, account status information, live chat, and email communications. We may collect credit card numbers, security codes, and expiration dates but we do not store full credit card numbers or security codes. We only store tokenized credit card data and expiration dates. We use the data to provide you with the services, order processing, customer support, refunds, and marketing.
- Class Information: Verifying you are over 18 years old, or your age range and gender. We use the data to ensure compliance with applicable laws.
- Audio Information: Audio recordings of your phone communications with customer service. We use the data for customer service training and conflict resolution.
- Customer website client access logs indefinitely for analytics, but will remove or rotate them upon customer request. We retain server logs for up to 30 days for debugging purposes.
This information is necessary to provide you with the requested services and to stay responsive to customers’ needs. It not only helps us personalize offerings, but helps us discover and fight fraud.
How we gather data
XMission collects data to operate effectively and provide you with the best experience possible when using our websites and services. This data is collected in a variety of ways. You provide us with personal information when you create an account, sign up for services, access our colocation and data centers, add hardware to your account, enter our facilities, or correspond with us by email, phone or an online chat. Additionally, we automatically collect data based on how you use our websites and services, how you got to our websites, and other user behavior metrics utilizing analytics and cookies.
Cookies and similar technologies
Cookies are small files stored on your devices that tell websites who you are. XMission uses cookies to track how you use our site to create personalized experiences and for real-time communication such as chat. If you prefer not to use cookies, you may shut them off by changing the appropriate setting in your browser. Without cookies, however, we may not be able to accomplish some of the functions needed to interact with you online.
Law Enforcement guidelines
XMission honors specific law enforcement requests for preservation; however, we require that law enforcement serve warrants signed by a judge for extraction. Our Tor server has zero log retention.
XMission will hold data for up to six months upon receipt of a specific retention request. If a subsequent warrant for the data is not served in that time, the data will be discarded. XMission may hold raw data for unsolicited/unlawful commercial emails, commonly referred to as Spam, for up to six years to assist with its Spam mitigation effort for the benefit of XMission’s customers.
XMission charges $250 per hour for administrative services.
Disclosure of information to third parties
XMission does not sell your personal information to third parties. However, we may disclose your personal information in limited circumstances to our service providers and third-party processors to provide a better experience for customers using our websites, to investigate fraud or unlawful or illegal conduct, or to address other legal issues and remedies. We may also utilize third-party services to provide customized internal site search, to collect and remit sales tax, and to provide the best rates possible.
All information logged by our various systems is also used for internal purposes only and will not be released unless under a court issued warrant with the proper jurisdiction. XMission customers will be notified of all government and law-enforcement requests for their private data, whether done according to U.S. and Utah constitutions with a court issued warrant or improperly without.
If subpoenaed or otherwise legally compelled, we will surrender any relevant personal information to the extent required by law and court order, but only after exhausting remedies available to us to avoid disclosure.
Below is a list of third parties XMission works with. We have organized them into categories based on what they help us with.
Service providers
- UTOPIA Fiber
- Yellowstone Fiber
- Sumo Fiber
- The City of Lehi
- Bonfire
- VoIP Innovations
- GlobalGig
- Lumen
- Verizon
- Comcast
- First Digital
Order processing
- Rev.io (Billing/Invoicing)
- Paya (Merchant Bank)
International transfer of data
Your personal information is stored and processed on servers located in the United States of America for the purposes described in this Privacy Policy. If you are a resident of a country outside of the United States, you agree as a part of this Privacy Policy to the global transfer, process, and storage of your personal information.
How we protect it
Keeping your information secure is as important to us as it is to you. We maintain physical, electronic, and procedural safeguards reasonably necessary to ensure the protection of your personal information against loss, misuse, disclosure, and alteration.
Employees are educated on security protocols to ensure the safe and proper handling of your personal information. Only authorized employees are allowed access to stored personal information, and only for the explicit uses described in this Privacy Policy. Our company, websites, call center, and showrooms comply with Payment Card Industry Data Security Standards (PCI-DSS). Information is encrypted and transmitted on a secured network (SSL); we do not store your credit card numbers in our database or on our servers. Credit card numbers are processed and tokenized by a secure credit card processing company.
Although we do our best to protect your personal information, we cannot guarantee the security of personal information transmitted to us electronically. XMission has established policies and protocols for managing any potential data breach. Please do your part in protecting any other personal information against unauthorized use. Keep your password safe and confidential, and be sure to sign off when finished using a shared computer. Also scan your computers regularly for viruses, malware, and spyware.
By using our website and/or services, or providing personal information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of our websites and services. If we learn of a security breach involving your personal information, we may attempt to notify you electronically by sending an email to you.
How we use it
Your information helps us administer our services in the most effective and efficient manner possible. It also helps understand current consumer trends, to develop or make available additional desirable services, and aids our marketing team in making better business decisions. We use your information only for lawful purposes consistent with our business plan and service offerings.
We do not use your personal information for automated decision making or profiling.
Your access and control over information
If you are a resident of certain states or countries, you may have the right to:
- Obtain information regarding the collection, processing, and sharing of your personal information;
- Access the personal information we have obtained about you, if any;
- Correct your personal information;
- Delete your personal information;
- Request an electronic copy of your personal information;
- Object to the use of your personal information for certain purposes.
You can also access and update your XMission account information by logging in to your account. To submit a data subject request, please contact us by emailing support@xmission.com. We will respond to all valid data subject requests within a reasonable time, unless a specific time period is mandated by law. Please note that certain exemptions, laws, and regulatory requirements may prevent us from complying with your request. XMission will not discriminate against individuals who exercise these rights.
Do not track policy
Some browsers have a “do not track” feature that lets you tell websites that you do not want to have your online activities tracked. We currently do not respond to browser “do not track” signals.
Links to Other Sites and Social Sharing Features
Our websites may contain links to other sites that are not operated by us. If you click on a link to a third-party site, you will be directed to their site. We have no control over these sites and cannot protect any personal data you submit while on their sites. We strongly advise you to review the privacy policy of every site you visit. Our websites may offer social sharing features (such as the Facebook Like button) which lets you share actions you take on our websites with your friends or the public depending on the settings of your social sharing account. For more information about these social sharing features, please visit the privacy policy of the respective entity.
Children’s privacy
We do not knowingly collect or process personally identifiable information from anyone under the age of 13. If a parent or guardian becomes aware that his or her child has provided us with personal information without their consent, please contact us at privacy@xmission.com.
Changes to this Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. If we make any material changes to how we treat our customers’ personal information, we will notify you through a notice on our website’s home page. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
Contact information
XMission, L.C.51 East 400 South, Suite 000
Salt Lake City, UT 84111-3038
Phone: 801.539.0852
Toll-Free: 877.964.7746
Legal: legal@xmission.com
Privacy: privacy@xmission.com