CPNI Policy

Last updated: January 2, 2026

On this page

This Customer Proprietary Network Information (CPNI) Policy explains how Cosmo Suite LLC ("Company", "we", "us", or "our") handles your CPNI in compliance with the Federal Communications Commission (FCC) regulations under 47 U.S.C. § 222 and 47 C.F.R. Part 64, Subpart U.

What Is CPNI?

Customer Proprietary Network Information (CPNI) is information that telecommunications carriers obtain about their customers as a result of providing telecommunications services. This is sensitive data protected by federal law.

CPNI Includes

CategoryExamples
Call Detail InformationNumbers you call, numbers that call you, call duration, time of calls
Service Usage DataTypes of services used, frequency of use, quantity of use
Billing InformationPayment amounts, payment history related to telecommunications services
Network InformationTechnical information about how you use the network

CPNI Does NOT Include

  • Your name
  • Your address
  • Your phone number (as a customer identifier)
  • Aggregate data that cannot identify you
  • Publicly available information

How We Collect CPNI

We collect CPNI when you use Sonafone for voice calling services:

  • Call Records: When you make or receive calls, we record call metadata (destination number, duration, timestamp, caller ID used)
  • Usage Data: Information about your usage patterns and service features
  • Billing Data: Information generated when processing your payments and account balance

How We Use CPNI

Permitted Uses Without Consent

Under FCC regulations, we may use your CPNI without your specific consent for:

  1. Providing Your Current Services

    • Processing and completing your calls
    • Managing your account and balance
    • Providing customer support for services you use

  2. Billing and Collections

    • Generating invoices and receipts
    • Processing payments
    • Collecting amounts owed

  3. Protection Against Fraud

    • Detecting fraudulent activity
    • Preventing unauthorized use
    • Protecting our network and customers

  4. Legal Requirements

    • Responding to lawful requests from law enforcement
    • Complying with court orders and subpoenas
    • Meeting regulatory requirements

Uses Requiring Consent

We will NOT use your CPNI for the following purposes without your approval:

  • Marketing services other than those you currently have
  • Sharing with third parties for their marketing purposes
  • Any use not directly related to providing your telecommunications service

Your CPNI Rights

Right to Restrict CPNI Use

You have the right to restrict how we use your CPNI for marketing purposes. You may:

  • Opt-Out: Request that we not use your CPNI to market additional services
  • Opt-In: Provide consent for us to use your CPNI for marketing

Your decision to restrict or allow CPNI use will not affect the quality of services you receive.

Right to Access

You may request access to your CPNI by:

  1. Logging into your Sonafone account to view call history
  2. Contacting support@sonafone.com with a written request
  3. Providing identity verification as required

Right to Correct

If you believe your CPNI records contain errors, you may request corrections by contacting us.

How We Protect CPNI

Administrative Safeguards

  • Employee training on CPNI regulations and handling
  • Limited access to CPNI on a need-to-know basis
  • Internal policies governing CPNI use and disclosure
  • Regular audits of CPNI access and use

Technical Safeguards

  • Encryption of CPNI in transit and at rest
  • Secure authentication for system access
  • Access logging and monitoring
  • Automatic session timeouts

Authentication Requirements

Before disclosing CPNI (even to you), we verify your identity through:

  • Account login credentials
  • Verification of account information
  • Additional authentication for sensitive requests

We will NEVER disclose CPNI in response to:

  • Email requests without verification
  • Phone calls without proper authentication
  • Third-party requests without legal authority

Third-Party Disclosure

When We May Disclose CPNI

We may disclose your CPNI to third parties only:

  1. With Your Consent: When you have explicitly authorized disclosure
  2. To Our Service Providers: Third parties helping us provide service (e.g., Twilio for call routing), bound by confidentiality agreements
  3. Legal Process: In response to valid legal orders, subpoenas, or warrants
  4. Emergency Situations: To protect safety when there is an immediate threat

Twilio and CPNI

Our voice services are powered by Twilio. When you make calls, certain CPNI is shared with Twilio to complete your calls. Twilio handles this data in accordance with:

Data Retention

We retain CPNI for the following periods:

Data TypeRetention PeriodReason
Call records7 yearsRegulatory requirements, billing disputes
Usage summaries7 yearsRegulatory requirements
Billing records7 yearsTax and legal requirements

After the retention period, CPNI is securely deleted or anonymized.

CPNI Breach Notification

Our Obligations

In the event of a CPNI breach, we will:

  1. Notify the FBI and U.S. Secret Service within 7 business days of reasonably determining a breach occurred
  2. Notify Affected Customers after the required waiting period (unless law enforcement requests delay)
  3. Document the Breach including the date, circumstances, and response

What Constitutes a Breach

A CPNI breach includes:

  • Unauthorized access to CPNI
  • Unauthorized disclosure of CPNI
  • Loss of CPNI due to security incident
  • Pretexting attempts that successfully obtain CPNI

Pretexting Protection

"Pretexting" is when someone tries to obtain your CPNI by pretending to be you or by making false statements. We protect against pretexting by:

  • Never disclosing CPNI based solely on possession of your phone number
  • Requiring authentication for all CPNI requests
  • Training employees to recognize and refuse pretexting attempts
  • Logging all access to CPNI records

If someone contacts you claiming to be from Sonafone and asks for sensitive information, please verify by contacting us directly at support@sonafone.com.

Exercising Your Rights

To Opt-Out of CPNI Marketing Use

Contact us with your request:

  • Email: support@sonafone.com (Subject: "CPNI Opt-Out")
  • Include your account email and phone number for verification

To Request CPNI Access

Submit a written request to:

  • Email: support@sonafone.com (Subject: "CPNI Access Request")
  • Provide identity verification as requested

We will respond within 30 days.

To Report Unauthorized Access

If you believe your CPNI has been accessed without authorization:

  • Contact us immediately at support@sonafone.com
  • Change your account password
  • Review your call history for unauthorized activity

Annual CPNI Certification

As required by FCC regulations, we maintain records of our CPNI compliance, including:

  • Operating procedures for CPNI handling
  • Record of customer complaints regarding CPNI
  • Actions taken to address any compliance issues
  • Training records for employees with CPNI access

Regulatory Authority

This CPNI Policy is governed by:

  • 47 U.S.C. § 222 - Privacy of Customer Information
  • 47 C.F.R. Part 64, Subpart U - CPNI regulations
  • FCC Orders and guidance on CPNI protection

For information about FCC CPNI regulations, visit: FCC CPNI Information

Changes to This Policy

We may update this CPNI Policy to reflect changes in regulations or our practices. Material changes will be communicated via email or prominent notice on the Service.

Contact Information

For questions about this CPNI Policy or to exercise your CPNI rights:

Cosmo Suite LLC 525 Randall Ave #245 Cheyenne, WY

Email: support@sonafone.com (Subject: "CPNI Inquiry") Website: sonafone.com

Related Policies

Last updated: January 2, 2026