This Data Privacy Framework (“DPF”) Notice sets out the privacy principles Viasat follows with respect to transfers of personal data from the European Economic Area (EEA), the United Kingdom (UK) and Switzerland to the United States, including personal data we process as part of our Mobility Services.

 

Viasat, including those affiliates listed in Annex 1 of this Addendum, complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF (UK-U.S. DPF), and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.* We have certified to the U.S. Department of Commerce that we adhere to: (i) the EU-U.S. Data Privacy Framework Principles with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF; and (ii) the Swiss-U.S. Data Privacy Framework Principles with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF (collectively, the “DPF Principles”). If there is any conflict between the terms in this DPF Notice and the DPF Principles, the DPF Principles shall govern.

 

*We will not rely on the Swiss-US Data Privacy Framework or the UK Extension to the EU-US Data Privacy Framework until each enters into force, but we adhere to their required commitments in anticipation of their doing so.

 

To learn more about the DPF, and to view our certification, please visit https://www.dataprivacyframework.gov/.

 

Types of personal data we collect and use

The types of personal data we may receive in the United States, as well as the purposes for which we collect and use it, will vary depending on the Mobility Services you use. You can find the details applicable to your specific information set out in this Privacy Notice.

 

Your choices

Where appropriate or required to do so, we will give you an opportunity to opt out where personal data we control about you is to be disclosed to an independent third party or is to be used for a purpose that is materially different from those set out in the Privacy Notice. If you otherwise wish to limit the use or disclosure of your personal data, please contact us using the contact details below.

 

Transfers to third parties

Information about the types of third parties to which we disclose personal data and the purposes for which we do so is described in the Privacy Notice.

 

If we have received your personal data in the United States and subsequently transfer that information to a third party acting as an agent, and such third-party agent processes your personal data in a manner inconsistent with the DPF Principles, we will remain liable unless we can prove we are not responsible for the event giving rise to the damage.

 

Your DPF rights

If you are from the EEA, UK or Switzerland, you have the right to request access to the personal data that we hold about you and request that we correct, amend, or delete it if it is inaccurate or processed in violation of the DPF.

 

If you would like to exercise these rights, please write to us at the contact details provided below. We may request specific information from you to confirm your identity and we will respond to your request in accordance with the DPF Principles and applicable data protection laws.

 

You may also opt-out of receiving marketing communications from us by writing to us at the contact details provided below or by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you.

 

Disclosures for national security or law enforcement

Please note that under certain circumstances, we may be required to disclose your personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

 

Viasat publishes annual transparency information reflecting (to the degree permitted by applicable laws) the number and type of data production requests it has received for the corresponding period, the type of data requested and the category of requester.

 

Enforcement

Viasat's compliance with the with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.

 

Questions or complaints

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, we commit to resolve DPF-related complaints about our collection and use of your personal data. EU, UK and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DP and the Swiss-U.S. DPF should first contact us by email at privacy@viasat.com or in writing at:

 

Viasat, Inc.

Attn: Viasat Privacy Office (Legal Dept.)

901 K Street, NW, Suite 400 Washington,

DC 20001

 

We will investigate and attempt to resolve any DPF-related complaints or disputes within forty-five (45) days of receipt. If you have an unresolved DPF complaint that we have not addressed satisfactorily, we commit to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://www.jamsadr.com/DPF-Dispute-Resolution for more information or to file a complaint. These services are provided free of charge to you.

 

You may also have the option to select binding arbitration for the resolution of your complaint under certain circumstances. For further information, please refer to: https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2

 

Changes to this Notice

It may be necessary for Viasat to make changes to this DPF Notice consistent with the DPF's requirements, so please check this page periodically. We will announce any material changes to this DPF Notice via channels appropriate to our relationship with you.

 

Annex 1

 

List of DPF Self-Certified US Entities

 

The following Viasat controlled US affiliates certify compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce:

Automation Communications Engineering Corporation

ComPetro Communications Holdings LLC

ComPetro Communications, LLC

Engreen, Inc.

Frontera LLC

Intelie, Inc.

Landtel Communications, L.L.C.

Landtel, Inc.

mmWaveBroadband Co.

RBS Alpha, LLC

RBS Beta, LLC

RigNet EIS, Inc.

RigNet Global Holdings S.a.r.l. (US Branch)

RigNet Holdings, LLC

RigNet Newco, Inc.

RigNet, Inc.

Safety Controls, Inc.

THEU, LLC

TrellisWare Technologies, Inc.

Viasat Carrier Services, Inc.

Viasat China Services, Inc.

Viasat Global Holdings, LLC

Viasat Services Holding Co.

Viasat Technologies Limited (US Branch)

Viasat Worldwide Limited

Viasat, Inc.

VParent, Inc.

VService, Inc.