Last edited on Jul 15, 2024

 

Mediacom Communications Corporation
Biometric Data Policy

I. Purpose and Scope

Mediacom Communications Corporation (the “Company”, “we”, or “us”) takes measures to protect the security of its business, operations, and services.  To this end, the Company utilizes certain biometric technologies that verify and authenticate the identity of an individual (the “User”).

The Company has developed this Biometric Data Policy (the “Policy”) to govern our capture, collection, receipt, storage, use, retention, disclosure, destruction, and other processing of Biometric Data in compliance with applicable federal, state, and local laws, including but not limited to the Illinois Biometric Information Privacy Act (“BIPA”).

This Policy applies to all Biometric Data of Users that is processed by or on behalf of the Company, and supplements our Privacy Notice available at https://mediacomcable.com/legal/privacy-policy/.

II. Definitions

“Biometric Data”means, collectively, all Biometric Identifiers and Biometric Information. 

“Biometric Identifiers”include retina or iris scans, fingerprints, voiceprints, hand geometry scans, or facial geometry scans.

“Biometric Information” means any information that is based on a Biometric Identifier and used to identify an individual. 

III. Collection of Biometric Data

As part of the Company’s security requirements, the Company captures, collects, receives, or otherwise obtains certain Biometric Data of Users to verify and authenticate their identity.

Before a User can register as a customer with the Company for wireless telecommunication services (the “Service”), the User must provide a photograph of their driver’s license, passport, or other government identification document as well as a live-captured photograph of their face.  The Company, through its contracted service provider, then scans the identification document and the live-captured photograph, and temporarily captures facial geometry scans from each.  The facial geometry scan contains certain unique measurements of a User’s face.  The facial geometry scans are then each converted into a 9-byte numerical identification template (their unique “Templates”).  The Company then immediately destroys the facial geometry scans.  No facial geometry scan is retained after its accompanying Template is generated and stored.  The Templates from the User’s identification document and live-capture photo are then compared to one another, and a sufficiently close match verifies and authenticates the User’s identity.

Prior to collecting Biometric Data (which includes the facial geometry scans as a Biometric Identifier and Template as Biometric Information) from the User, the Company provides this Policy and a Consent Form to the User (or their legally authorized representative) and obtains a signed written release from the User (or legally authorized representative) to collect, store, use, and disclose their Biometric Data.

IV. Use of Biometric Data

The Company will use Biometric Data solely for the purposes of verifying and authenticating a User’s identity and, in the event of confirmed fraudulent uses, for the ongoing security of its operations, business, and services and for future fraud detection and mitigation (the “Permitted Purposes”). 

Identity verification via Biometric Data in order to register as a customer of the Company is a condition of the Service.  The Company will consider User requests for accommodation or exemption from this Policy, in whole or in part, on an individual basis and retains complete discretion to grant or deny such requests.

V.  Disclosure of Biometric Data

The Company utilizes a contracted service provider to facilitate the biometric identity verification and authentication process.  Outside of this engagement, the Company will not disclose, re-disclose, or otherwise disseminate any User’s Biometric Data without that User’s prior written consent, unless such disclosure is:

  • Required to complete a financial transaction requested or authorized by the User (or their legally authorized representative);
  • Required by state law, federal law, or municipal ordinance; or
  • Required by valid warrant or subpoena issued by a court of competent jurisdiction.

Likewise, the Company does not sell, lease, trade, or otherwise profit from Biometric Data of any User.

VI. Storage of Biometric Data

When storing Biometric Data, the Company will safeguard such Biometric Data using the reasonable standard of care within its industry and in a manner equally protective as that used to safeguard other sensitive and confidential information.  The Company will employe reasonable security measures that include administrative, physical, and technical safeguards intended to prevent Biometric Data from unauthorized access, modification, deletion, disclosure, or loss.

VII. Retention and Destruction of Biometric Data

Unless otherwise required by law, the Company will retain a User’s Biometric Data until one of the following events occurs:

  • For no longer than 30 days after the User’s last verification and authentication attempt, if the Company has determined that the User’s authentication attempts are not fraudulent;
  • For no longer than three years after the User’s last verification and authentication attempt, if the Company has determined that the User’s authentication attempts are fraudulent; or
  • Upon the User’s withdrawal of consent to collect and store their Biometric Data and submission of a valid request to permanently destroy the User’s Biometric Data.

Upon the occurrence of at least one event listed above, the Company will securely and permanently destroy a User’s Biometric Data.

VIII. How to Contact Us

If you have any questions or concerns about this Policy or the Company’s processing of your Biometric Data, please contact us at mcc_legal@mediacomcc.com.

IX. Policy Updates

This Policy was last updated on July 10, 2024.  The Company reserves the right to amend the Policy at any time for any reason.  An updated version of the Policy will always list the date of last update and will be available at https://mediacomcable.com/legal/ .

X. Severability

If any provision of this Policy (or part thereof) is found to contravene any appliable law, or if the operation of any provision (or part thereof) is determined to be unenforceable under applicable law, then such offending provision or part shall be severed, and the remaining provisions and parts given full force and effect.