Last updated: January 24, 2024
Scope of this Privacy Notice
This Privacy Notice applies to the personal data that Viasat and its affiliates collect, use, and share when you access or use our global mobility services including our inflight (aviation), maritime, rail, bus (or other transportation service) satellite broadband internet connectivity, communications, content and advertising-supported services (collectively, the “Mobility Services”). Viasat’s use of personal data for other Viasat services, websites, or practices (separate from the Mobility Services) are covered under different privacy notices available when you interact with us, including on Viasat’s Privacy Center at fgfsxg.400online.net/privacy.
The term “Viasat” (or “us,” “we”, or “our”) in this Privacy Notice means Viasat, Inc., Inmarsat Global Limited and our affiliated group companies around the world. Information on the group company that is the owner (or data “controller” or similarly defined term under applicable laws) of the Mobility Service you are using is available in the “Viasat Controller Entities Addendum” included with this Privacy Notice.
Please read this entire Privacy Notice to be fully informed about how we treat your personal data and your rights. This includes information in the “Additional Information Based on Your Location” section of this Privacy Notice that include details on our personal data processing that apply depending on your location, e.g., region, country, or state.
We collect personal data about you from the following sources in relation to the Mobility Services:
The following table describes the personal data we collect from and about you depending on the Mobility Service, some of which we combine in our systems.
Personal Data Description |
Information Source |
---|---|
Identifiers such as your name or alias, Mobility Service account credentials like username and password, online identifiers (e.g., cookies and similar tracking technology), airline frequent flyer account number or pilot and crew identifiers (for our inflight internet services), and other similar identifiers |
|
Contact details such as address, phone number and email address used for contact or service support purposes |
|
Financial and related information like your credit card number for payments and payment transaction related details |
|
National identification numbers such as your tax identification number that we associate with your access to Mobility Services in certain countries |
|
Customer transaction information such as records of the Mobility Services you purchase from us, including payment amount, type(s) of Mobility Services, and records of our interactions with you, including when and how you contact us and the content of those interactions |
|
Service usage information on your interactions with our Mobility Services, such as the date and time you access the Mobility Services |
|
Online usage information including Internet and other network activity data that we capture as an internet service provider (ISP), including the website domains you visit, the date and time of visits, and related network metadata, details of mobile apps on your device that make use of the Mobility Services, malicious traffic your device may encounter when visiting websites, and crash reports |
|
Device information including IP address, device type, unique device ID numbers like your device MAC Address, modem and router information, operating platform and system, and browser-type, browser plug-in types and versions |
|
Geolocation information using IP address, WiFi access points and GPS that gives your general geographic location, e.g., location of the aircraft or ship on which you’re traveling, and other technical information that associates your location to your use of the Mobility Services |
|
Sensory information such as audio recordings of customer service calls in relation to the Mobility Services |
|
Characteristics such as date of birth, job title, and gender that we collect in relation to your account (such as through our maritime Fleet Hotspot Service) |
|
Inferences derived from personal data such as purchase preferences and interests to form a view on what we think you may want or what may be of interest, for our or our customer’s (e.g., airline) marketing and commercial purposes |
|
Interests and membership information including loyalty or frequent flyer membership status and interests that we may collect in connection with our inflight WiFi and related content and ad-supported services |
|
Travel data such as details on the origin, destination, current location, departure and arrival time, and other details about your flight or travel route (maritime, rail, buses, etc.) that features our Mobility Services |
|
Marketing and communications preferences including your interest in receiving marketing from us and our third parties and your communication preferences |
|
Social media content such as comments that you post on public pages or our Mobility Services or Third-Party Services that are publicly available and may be processed by Viasat |
|
We use the personal data that we collect from and about you for the purposes described in this Privacy Notice or for purposes that we explain to you at the time we collect your information.
Laws in some locations where we operate require that we disclose our legal basis to process your personal data, which includes the following bases depending on the Mobility Service:
If we rely on our (or a third party’s) legitimate interests to collect and use your personal data, these interests normally will be to operate and provide our Mobility Services, communicate with you and respond to your questions, improve our Mobility Services or use the insights to improve or develop new services, market or promote either our Mobility Services or the services of a third-party that are closely partnered with our Mobility Services, or to detect or prevent illegal activities.
If we need to collect personal data by law, or under the terms of a contract between you and us and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to execute with you (to provide you with Mobility Services). In this case, we may have to cancel your Mobility Service with us, and we will notify you if this is the case.
The following table provides more details on our purposes for processing your personal data and the related legal bases.
Purpose |
Personal Data |
Legal basis |
---|---|---|
Register you as a customer, administer our contract with you and provide the requested Mobility Services to you, including to develop or deliver other products or services in collaboration with your travel or transportation provider (such as your airline) |
|
Contract |
Communicate with you about the Mobility Services, product and service updates and availability, updates to our terms of service |
|
Contract |
Respond to inquiries and requests from current and prospective customers, including for customer support quality assurance and training purposes, and related recordkeeping |
|
Legitimate Interests of Viasat |
Secure the personal data of Mobility Service users and customers, prevent fraud, and address threats to your safety or the safety of others. For example, we may use malware and spyware monitoring tools to detect suspicious activity or unauthorised access to our Mobility Services |
|
Legitimate interests of Viasat |
Manage compliance with our service terms, or to bring and defend legal claims, including recovery of debts |
|
Legitimate interests of Viasat
|
Maintain, support, and improve our IT systems, including to repair and debug our systems |
|
Legitimate interests of Viasat |
Learn about our current and prospective customers and Mobility Services users to improve our Mobility Services, and to develop new products and services and improve our marketing, customer relationships and experiences. This includes identifying usage trends and patterns and evaluating this information on an aggregated, specific group(s), and individual basis |
|
Legitimate interests of Viasat |
Contact current and prospective customers about products, services, and events we think may be of interest to you, including with promotional mailers and electronic communications (where authorized to do so by law and by our travel partners and customers) |
|
Consent (where required); otherwise, legitimate interests of Viasat |
Personalize and customize your experience with our Mobility Services, including to provide local or otherwise targeted content and information, e.g., using browser or WiFi terminal/device-related location data to customize Viasat information presented when using our Mobility Services |
|
Consent (where required); otherwise, legitimate interests of Viasat |
Administer surveys to collect customer perceptions and measure satisfaction (where permitted by our travel partners and customers) |
|
Legitimate interests of Viasat |
Manage our use of cookies and tracking technologies used with our Mobility Services, and enable you to manage your cookie preferences |
|
Consent (where required); otherwise, legitimate interests of Viasat |
Comply with the legal obligations to which we are subject and to support our general business operations |
|
Legal obligation |
Fulfill arrangements with our business partners, which may include sharing personal data with our partners and customers, such as the airline or other transport mode on which you are traveling, to contact you for their promotional and informational purposes |
|
Consent (where required); otherwise, legitimate interests of Viasat and third parties |
We may disclose your personal data to the following categories of recipients:
We also may share your information with third parties when we have reason to believe that a disclosure is necessary to address potential or actual injury or interference with our rights, property, operations, users, or others who may be harmed or may suffer loss or damage. We may share your information when we believe that it is necessary to protect our rights, investigate, or enforce our policies, terms or other legal document or contract, or to comply with a judicial proceeding, court order, or legal process served on Viasat. We may share your data with public authorities such as tax authorities, to comply with our legal obligations.
We also may share your information when we have reason to believe it is necessary to investigate or enforce our policies, terms, or other legal document or contract related to the Mobility Services or rights of a third party.
Cookies are small data files placed on your computer or mobile device when you visit a website or online platform. We use cookies and similar tracking technology like pixels and web beacons (collectively, “Cookies”) including those of third-party service providers to operate and enhance our Mobility Services and understand how you navigate our Mobility Services, to maintain user preferences or settings, combat fraud, help to ensure compliance with our policies and terms of use, and in some cases support our online advertising for the Mobility Services. We ask you to provide your consent to use Cookies when required by law.
For information about the types of Cookies we use, why, and how you can control Cookies, please see the Cookie Notice presented on the Mobility Service you are using (where applicable based on local laws).
The Mobility Services may include hyperlinks to or include on or in connection with the Mobility Services (e.g., apps and plug-ins), websites, locations, platforms, or services operated by third parties, including airlines or other transportation partners (“Third-Party Services”), and you can use the Mobility Services to navigate to access and use Third-Party Services. These Third-Party Services may use their own Cookies to independently collect information about you and may solicit personal data from you.
When you access these Third-Party Services, the applicable third party’s policies and terms and conditions govern those services. We are not responsible for and makes no representations or warranties regarding the policies or business practices of any third parties, including, without limitation, any informational content, products, services, software, or other materials available on a third-party website. We encourage you to familiarize yourself with the third party’s privacy policies and terms of use.
We take our responsibility to protect your information seriously and use appropriate technical, physical, and organizational measures to safeguard the information that we process through our Mobility Services. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal data. No security system is 100% secure, however, and we cannot guarantee our security measures will not be compromised.
Your personal data may be transferred to, and processed in, countries other than the country in which you reside. These countries may have data protection laws that are different than the laws of your country (and, in some cases, may not be as protective).
The servers that process personal data related to our Mobility Services are primarily located in the United States, UK, Ireland, and the Netherlands though personal data also may be transferred to India, Australia and the countries in which our business is established, or our Mobility Services are available, and potentially other countries. This means that when we collect your personal data, we or our service providers will process it in different countries. Please see the Privacy Notice section "When We Share Your Personal Data" for further information on third parties with whom we may share your personal data.
We take appropriate safeguards to help ensure that your personal data remains protected in accordance with this Privacy Notice. These include, for example, implementing the UK and European Commission’s Standard Contractual Clauses for transfers of personal data between our group companies, which require group companies that are parties to these agreements to protect personal data they process from the European Economic Area, Switzerland, and the UK in accordance with data protection laws in those areas. Where appropriate, we also put in place additional safeguards to protect your personal data when it is transferred to countries considered to be less protective.
Information on the Standard Contractual Clauses we have in place between our Viasat group companies can be provided on request. We have implemented similar appropriate safeguards with our third-party service providers and partners.
Viasat, Inc. participates in the EU-US Data Privacy Framework, the UK Extension to the EU-US Data Privacy Framework, and the Swiss-US Data Privacy Framework. Please review the Data Privacy Framework Addendum included in this Privacy Notice to learn more.*
*Viasat, Inc. will not rely on the Swiss-US Data Privacy Framework or the UK Extension to the EU-US Data Privacy Framework until they enter into force, but Viasat, Inc. will adhere to their required commitments in anticipation of their effective date.
Where Viasat, Inc. relies on the EU EU-US Data Privacy Framework, the UK Extension to the EU-US Data Privacy Framework, and the Swiss-US Data Privacy Framework, these will apply to transfers of personal data to Viasat, Inc. instead of the Standard Contractual Clauses in place between the Viasat group companies.
If you are in one of the locations listed below, please review the “Location-specific Addendum” portion of this Privacy Notice for location specific information about our collection and use of your personal data and your related rights.
We retain the personal data we collect from you where we have an ongoing legitimate purpose to do so as described in the “How We Use Your Personal Data and Our Legal Bases” section above. For example, where we process your information based on a contract with you, we generally will retain the information for the length of the contract to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements.
When we no longer have an ongoing legitimate business need to process your personal data, we will either delete or anonymize it or, if this is not possible (for example, because your personal data has been stored in backup archives), we will securely store your personal data and isolate it from any further processing until deletion is possible.
We do not use your personal data to engage in automated decision-making that will have a significant effect on you (legally or otherwise).
Depending on your location, the privacy laws that apply to our Mobility Services give you certain rights over the personal data we process about you. These rights are in addition to your right to know or be informed about how we process your data, which we honor through this Privacy Notice. Your data protection rights may include:
Requests to exercise your data protection rights |
Please submit a request using our Privacy Rights Request Form to exercise your data protection rights. You also can contact us at privacy@400online.net at any time. While your location determines what rights are available to you, we respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. |
Requests to stop sending directed marketing |
You can unsubscribe from marketing emails by clicking the unsubscribe link at the bottom of the email. You also can use our Privacy Rights Request Form to instruct us to remove you from our marketing campaigns. |
The Mobility Services are not directed to children under 13 years old (or older, if applicable law provides for different protections), and we do not intentionally collect personal data from children. If you become aware that we have inadvertently collected personal data from a child, please notify us using the contact details under the “How to Contact Us” section below.
We may update this Privacy Notice from time to time in response to changing business, technical or legal developments. When we update this Privacy Notice, we take the necessary measures to inform you and provide you with appropriate choice, consistent with the significance of the changes we make, and in compliance with applicable data protection laws.
The “Last Updated” date displayed at the top of this Privacy Notice indicates when this Privacy Notice was last updated.
If you have any questions or concerns about our use of your personal data, please contact us using the following details:
Viasat, Inc.
Attn: Viasat Privacy Office
901 K Street, NW, Suite 400
Washington, DC 20001
Email: privacy@400online.net
Notice Addendums
Viasat, Inc. and/or its affiliated entities act as the data “controllers” (or a similarly defined term in applicable privacy laws) of your personal data and are responsible for its processing, unless we state otherwise in this Privacy Notice. While Viasat, Inc. generally will operate as the main decision maker as to the processing of personal data subject to this Privacy Notice, the following table provides additional details on Viasat entities that are controllers of your personal data for certain Mobility Services. For clarity, this Privacy Notice does not apply where Viasat processes personal data in the role of a data processor (as this and similar terms are defined in various privacy laws) on behalf of our customers.
Contact us at privacy@400online.net with questions on any of the entities listed below.
Viasat Entity | Data Controller Status / Services |
Viasat, Inc. (U.S.) 6155 El Camino Real Carlsbad, CA 92009-1699 |
Data controller for Mobility Services offered in the U.S., the European Economic Area, and other geographies where the Mobility Services are available, except as otherwise stated in this Addendum. |
Inmarsat Global Ltd. 99 City Road London, EC1Y 1AX |
Data controller for Mobility Services provided to end users under the Inmarsat Global Ltd Terms of Service. |
Viasat Brasil Serviços de Comunicações Ltda. (Brazil) Av. Engenheiro Luís Carlos Berrini 105 Unit 301 - 30th Flr, Tower 04 - Cidade Monções São Paulo - SP 04571-010 |
Data controller for the Mobility Services offered by Viasat in Brazil. |
Viasat Tecnología, S.A. de C.V (Mexico) Montes Urales 754, piso 3, colonia Lomas de Chapultepec, alcaldía Miguel Hidalgo, C.P. 11000 Mexico City, Mexico |
Data controller for the Mobility Services offered by Viasat in Mexico. |
Viasat Malaysia Sdn. Bhd. (Malaysia) Suite 3158 SPACES Menara Prestige No. 1 Jalan Pinang 50450 Kuala Lumpur Phone: +60122929067 |
Data user, or the nominated representative of Viasat, Inc. for Mobility Services offered by Viasat in Malaysia. |
Certain regions, countries and U.S. states have enacted privacy laws that require that we provide residents of those locations with additional information not found in the main Privacy Notice, including information on location-specific choices or rights. You can learn more about your rights and choices for the following locations in this section, including the effective dates of certain rights.
California Notice of Collection of Personal Information: This notice to California residents is provided under California law, explains your privacy rights as a California resident, provides our “notice at collection,” and provides certain mandatory disclosures about our treatment of California residents’ personal information, both online and offline.
The information in this section applies to the personal information we’ve collected from California residents during the 12 months prior to the effective date of this Privacy Notice.
The following table describes the categories of Personal Information that Viasat collects, the sources from which the Personal Information is collected and the categories of third parties to whom Personal Information is disclosed.
Categories of Personal Information |
Personal Information Sources |
Categories of Recipients |
Identifiers (name, contact information, unique identifiers, cookies, IP address, and other similar identifiers) |
You (directly and indirectly) |
|
Any personal information described in subdivision (e) of Section 1798.80, e.g., credit card number |
|
|
Characteristics of protected classifications under California or federal law (age, gender, and other demographic data) |
You (directly) |
|
Commercial information (your service usage information, history and preferences; purchase history) |
You (directly and indirectly) |
|
Internet or other electronic network activity information (your online usage information and online interactions with the Services) |
|
|
Professional or employment-related information (as part of the characteristics information we collect about you) |
|
|
Geolocation data |
You (indirectly) |
|
Audio, electronic, visual, thermal, olfactory, or similar information such as recordings of customer service calls |
You (indirectly) |
|
Inferences drawn from the above categories (inferences we draw from your information and activity through the Services to help create a personalized profile so we can better identify services that may be of interest) |
You (directly and indirectly) |
|
Our specific business and commercial purposes for collecting your personal information is described in the “How We Use Your Personal Data and our Legal Bases” section of the Privacy Notice.
We may retain each category of personal information we collect as long as necessary to provide our Services to you, after which we delete your data in accordance with our corporate retention policy. For more information, please see the “How Long We Keep Your Information” section of the Privacy Notice.
Categories of Personal Information Sold or Shared
In the last 12 months, we have not “sold” or “shared” (as these words are defined under California law) your personal information.
Use and Disclosure of Sensitive Personal Information:
We do not collect, use, or share “sensitive personal information” as that term is defined under California law in relation to the Mobility Services.
California Privacy Rights
(a) Right to Access
You have the right to request, up to two times each year, access to categories and specific pieces of personal information about you that we collect, use, disclose, sell, and share, such information to be provided to you in a readily useable format.
(b) Right to Delete
You have the right to request that we delete personal information that we collect from you, subject to applicable legal exceptions.
(c) Right to Correct
You have the right to request that we correct inaccurate personal information that we maintain about you, subject to applicable legal exceptions.
(d) Right to Opt-Out of Sale or Sharing of Personal Information
You have the right to opt-out of the “sale” or “sharing” of your personal information, as such terms are defined under California law. We do not sell your personal information, as “sale” is defined under California law.
(e) Right to Non-Discrimination
You have the right not to be treated in a discriminatory manner for exercising your privacy rights. We do not use the fact that you have exercised or requested to exercise any rights for any purpose other than facilitating a response to your request.
(f) Right to Limit Use and Disclosure of Sensitive Personal Information
You have the right to limit our use and disclosure of sensitive personal information, such as your credit card information with security code, where we use such information to draw inferences or for nonpermitted purposes under California law. We limit our use or disclosure of sensitive personal information to permitted business purposes.
Exercising your California Privacy Rights
To exercise your rights, please visit our Privacy Rights Request Form, call us at 1-855-463-9333, or send an email to privacy@400online.net.
To process certain rights requests described in this section, we may need to verify that you are the person that is the subject of the request. This verification process consists of matching identifying information provided by you with the information we have about you in our records. When making a request, you may be asked to provide your name, email address, contact and request details. A confirmation email will be sent to the email address you provide. If we cannot verify your identity, we may not be able to respond to your request. We use the information that we collect about you during the verification process only for verification purposes.
Instructions for Authorized Agents Making Requests
You may authorize someone to make a privacy rights request on your behalf (an authorized agent). Authorized agents may submit a request using the Privacy Rights Request Form and will need to demonstrate that you’ve authorized them to act on your behalf or must demonstrate they have power of attorney pursuant to applicable probate law. We retain the right to request confirmation directly from you confirming that the agent is authorized to make such a request, or to request additional information to confirm the agent’s identity. An authorized agent is prohibited from using a consumer’s personal information, or any information collected from or about the consumer, for any purpose other than to fulfill the consumer’s requests, for verification, or for fraud prevention.
We reserve the right to deny requests in certain circumstances, such as where we have a reasonable belief that the request is fraudulent.
Do Not Track
California law requires us to let you know how we respond to web browser Do Not Track (DNT) signals. Because there currently isn't an industry standard for recognizing or honoring DNT signals, we do not respond to them at this time.
Effective July 1, 2023
This section provides supplemental information to residents of the State of Colorado, whose personal data we process in connection with the Services.
Please see the main Privacy Notice for a description of the personal data we collect, the purposes for which we use it, and how and with whom we share it.
Colorado Privacy Rights
(a) Right to Access
You have the right to know and access the personal data we process concerning you.
(b) Right to Delete
You have the right to delete personal data concerning you.
(c) Right to Opt-Out
You have the right to opt out of targeted advertising and the sale of your data (as defined under Colorado law).
(d) Right to Correct
You have the right to correct inaccuracies in the personal data, taking into account the nature of the personal data and the purposes of the processing.
(e) Right to Portability
You have the right to obtain a portable copy of the personal data we process concerning you.
Exercising Your Colorado Privacy Rights
To exercise your rights, please visit our Privacy Rights Request Form or email privacy@400online.net.
To process your request, we may need to verify that you are the person that is the subject of the request. This verification process consists of matching identifying information provided by you with the information we have about you in our records. When making a request, you may be asked to provide your name, email address, contact and request details. A confirmation email will be sent to the email address you provide. If we cannot verify your identity, we may not be able to respond to your request. We use the information that we collect about you during the verification process only for verification purposes.
Instructions for Authorized Agents Making Requests
You may authorize someone to make a privacy rights request on your behalf (an authorized agent). Authorized agents may submit a request using the Privacy Rights Request Form and will need to demonstrate that you’ve authorized them to act on your behalf or must demonstrate they have power of attorney pursuant to applicable probate law. We retain the right to request confirmation directly from you confirming that the agent is authorized to make such a request, or to request additional information to confirm the agent’s identity. An authorized agent is prohibited from using a consumer’s personal information, or any information collected from or about the consumer, for any purpose other than to fulfill the consumer’s requests, for verification, or for fraud prevention.
To appeal our decision regarding a request related to these rights, you may email us at privacy@400online.net
We do not process the personal data of children under 13 years of age.
Effective July 1, 2023
This section provides supplemental information to residents of the State of Connecticut, whose personal data we process in connection with the Services.
Please see the Privacy Notice for a description of the personal data we collect, the purposes for which we use it, and how and with whom we share it.
Connecticut Privacy Rights
(a) Right to Access
You have the right to know and access the personal data we process about you.
(b) Right to Delete
You have the right to delete the personal data provided by or obtained about you.
(c) Right to Opt-Out
You have the right to opt out of targeted advertising and the sale of your data (as defined under Connecticut law).
(d) Right to Correct
You have the right to correct inaccuracies in the personal data, taking into account the nature of the personal data and the purposes of the processing.
(e) Right to Portability
You have the right to obtain a portable copy of your data processed by us.
Exercising Your Connecticut Privacy Rights
To exercise your rights, please visit our Privacy Rights Request Form or email privacy@400online.net.
To appeal our decision regarding a request related to these rights, you may email us at privacy@400online.net
The Categories of Personally Identifiable Information We Collect Through Our Website and Online Services
For information about the categories of Personally Identifiable Information we collect through our website and online, please see the “Personal Data We Collect and Sources of Information” section of our Privacy Notice.
The Categories of Third Parties with Whom We Share Personally Identifiable Information
For information regarding the categories of third parties with whom we may share your personally identifiable information, and those that may collect personally identifiable information regarding your online activities over time, please see the “When We Share Your Personal Data” section of our Privacy Notice.
Opt-out Requests
We do not sell your personally identifiable information, as “sale” is defined under Nevada law. Nonetheless, Nevada law allows you to submit a request directing us not to sell any personally identifiable information we have collected or will collect from you. If you wish to submit a request, please visit our Privacy Rights Request Form.
How We Notify You of Changes to Our Privacy Policy
Please see the “Updates to this Privacy Notice” section of our Privacy Notice.
Effective December 31, 2023
This section provides supplemental information to residents of the State of Utah, whose personal data we process in connection with the Services.
Please see the Privacy Notice for a description of the personal data we collect, the purposes for which we use it, and how and with whom we share it.
Utah Privacy Rights
(a) Right to Access
You have the right to know and access the personal data we process about you.
(b) Right to Delete
You have the right to delete the personal data you provided to us.
(c) Right to Opt-Out
You have the right to opt-out of targeted advertising (as defined under Utah law). We do not sell personal data as “sale” is defined under Utah law.
(d) Right to Portability
You have the right to obtain a portable copy of the personal data you provided to us.
Exercising Your Utah Privacy Rights
To exercise your rights, please visit our Privacy Rights Request Form or email privacy@400online.net.
Effective January 1, 2023
This section provides supplemental information to residents of the State of Virginia, whose personal data we process in connection with the Services.
Please see the Privacy Notice for a description of the personal data we collect, the purposes for which we use it, and how and with whom we share it.
Virginia Privacy Rights
(a) Right to Access
You have the right to confirm whether we are processing your personal data and to access such personal data.
(b) Right to Delete
You have the right to delete personal data provided by or obtained by you.
(c) Right to Opt-Out
You have the right to opt out of targeted advertising (as defined under Virginia law). We do not sell personal data as “sale” is defined under Virginia law.
(d) Right to Correct
You have the right to correct inaccuracies in the personal data, taking into account the nature of the personal data and the purposes of the processing.
(e) Right to Portability
You have the right to obtain a portable copy of the personal data that you provided to us.
Exercising Your Virginia Privacy Rights
To exercise your rights, please contact us at our Privacy Rights Request Form or privacy@400online.net.
To appeal our decision regarding a request related to these rights, email us at privacy@400online.net.
Viasat commits to resolve complaints about your privacy and our collection or use of your personal data. In addition to contacting us through the “How to Contact Us” section of the Privacy Notice, inquires or concerns regarding this Privacy Notice or Viasat’s data handling practices should be directed to our Data Protection Officer, using the following information:
European Economic Area
Fieldfisher LLP
Data Protection Officer
United Kingdom
Fieldfisher LLP
Data Protection Officer
ViasatDPO@fieldfisher.com
You also can contact us through our representatives using the information below if you are in the UK or European Economic Area (EEA):
UK Representative
Lionheart Squared Ltd (FAO Viasat)
Attn: Data Privacy
17 Glasshouse Studios
Fryern Court Road
Fordingbridge
Hampshire, SP6 1QX UK
Viasat@LionheartSquared.co.uk
EEA Representative
Lionheart Squared Ltd (FAO Viasat)
Attn: Data Privacy
2 Pembroke House
Upper Pembroke Street 28-32
Dublín
DO2 EK84
Republic of Ireland
Email: viasat@LionheartSquared.eu
How We Use Your Personal Data
If you use Viasat’s Mobility Services in Brazil (“Services”), your personal data is jointly controlled by Viasat, Inc. and Viasat Brasil Serviços de Comunicações Ltda., the provider of the telecommunications services in this country.
Your personal data is primarily used to provide you with the Viasat products and services you request. It may also be used to comply with legal obligations we are subject to, bring or defend ourselves in legal claims, or to fulfill our legitimate interests, such as to personalize your experience, develop and improve our services, or detect illegal activities, which may also be done to protect your vital interests. Viasat may also process personal data for purposes of complying with applicable Federal and State laws and regulations in Brazil where our products and services are offered. With your prior consent or whenever there is a legitimate interest at stake, it may also be used to send you offers and promotions.
To the fullest extent not prohibited by applicable laws, we may disclose the personal data we collect from and about you for business and commercial purposes to the following categories of recipients: (i) Viasat group companies, (ii) third-party service providers, (iii) credit agencies or bureaus, (iv) authorized retailers and distributors, (v) third-party ad platforms or networks, (vi) entities involved in a corporate transaction, (vii) law enforcement, governmental judicial and related entities, (viii) third parties who receive aggregate or anonymous information, and (ix) other persons with our consent.
We may transfer your personal data outside your local territory. These international data transfers are carried out in accordance with applicable data protection legislation and with the adoption of all the necessary safeguards.
We will retain your personal data for the period necessary to fulfill the purposes outlined hereto and/or in our main Privacy Notice, as needed to provide Services and/or to comply with our legal obligations.
For more information about Viasat’s data collection and use practices please read our main Privacy Notice.
Know Your Data Protection Rights
You have several rights outlined in Brazil’s data protection legislation including but not limited to the right to confirm the existence of the processing of your personal data, request access to, change, or remove your personal data, change your marketing preferences (including withdrawing your consent at any time), and to petition before the national data protection authority, as set out in Article 18 of Brazil’s General Data Protection Law and other applicable laws.
Please review the Privacy Notice to learn more about managing your marketing preferences or deleting the account you created to access our services.
Contact Information for Data Protection Office
Viasat Brasil Serviços de Comunicações Ltda.
Avenida Presidente Vargas, n.º 309
21º andar, Centro
Rio de Janeiro/RJ, Brasil
CEP 20.040-010
Viasat, Inc.
Attn: Viasat Privacy Office
901 K Street, NW, Suite 400
Washington, DC 20001
Our Data Protection Officer can be contacted by emailing: privacy@400online.net
How to Make a Request
To make a request, please visit our Privacy Rights Request Form or contact us at privacy@400online.net.
Data Owners from Mexico may have the following rights under the FPDL:
To exercise the above rights, please visit the Privacy Rights Request Form or contact us at privacy@400online.net. We will notify you within twenty (20) days of receipt of your request with a determination on your request. If more time is required to fulfill your request, we will notify you with a justification for the extension. Please be aware that under certain circumstances, the FPDL may limit your exercise of these rights.
This Data Privacy Framework (“DPF”) Notice sets out the privacy principles Viasat follows with respect to transfers of personal data from the European Economic Area (EEA), the United Kingdom (UK) and Switzerland to the United States, including personal data we process as part of our Mobility Services.
Viasat, including those affiliates listed in Annex 1 of this Addendum, complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF (UK-U.S. DPF), and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.* We have certified to the U.S. Department of Commerce that we adhere to: (i) the EU-U.S. Data Privacy Framework Principles with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF; and (ii) the Swiss-U.S. Data Privacy Framework Principles with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF (collectively, the “DPF Principles”). If there is any conflict between the terms in this DPF Notice and the DPF Principles, the DPF Principles shall govern.
*We will not rely on the Swiss-US Data Privacy Framework or the UK Extension to the EU-US Data Privacy Framework until each enters into force, but we adhere to their required commitments in anticipation of their doing so.
To learn more about the DPF, and to view our certification, please visit http://www.dataprivacyframework.gov/.
Types of personal data we collect and use
The types of personal data we may receive in the United States, as well as the purposes for which we collect and use it, will vary depending on the Mobility Services you use. You can find the details applicable to your specific information set out in this Privacy Notice.
Your choices
Where appropriate or required to do so, we will give you an opportunity to opt out where personal data we control about you is to be disclosed to an independent third party or is to be used for a purpose that is materially different from those set out in the Privacy Notice. If you otherwise wish to limit the use or disclosure of your personal data, please contact us using the contact details below.
Transfers to third parties
Information about the types of third parties to which we disclose personal data and the purposes for which we do so is described in the Privacy Notice.
If we have received your personal data in the United States and subsequently transfer that information to a third party acting as an agent, and such third-party agent processes your personal data in a manner inconsistent with the DPF Principles, we will remain liable unless we can prove we are not responsible for the event giving rise to the damage.
Your DPF rights
If you are from the EEA, UK or Switzerland, you have the right to request access to the personal data that we hold about you and request that we correct, amend, or delete it if it is inaccurate or processed in violation of the DPF.
If you would like to exercise these rights, please write to us at the contact details provided below. We may request specific information from you to confirm your identity and we will respond to your request in accordance with the DPF Principles and applicable data protection laws.
You may also opt-out of receiving marketing communications from us by writing to us at the contact details provided below or by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you.
Disclosures for national security or law enforcement
Please note that under certain circumstances, we may be required to disclose your personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Viasat publishes annual transparency information reflecting (to the degree permitted by applicable laws) the number and type of data production requests it has received for the corresponding period, the type of data requested and the category of requester.
Enforcement
Viasat's compliance with the with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.
Questions or complaints
In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, we commit to resolve DPF-related complaints about our collection and use of your personal data. EU, UK and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DP and the Swiss-U.S. DPF should first contact us by email at privacy@400online.net or in writing at:
Viasat, Inc.
Attn: Viasat Privacy Office (Legal Dept.)
901 K Street, NW, Suite 400 Washington,
DC 20001
We will investigate and attempt to resolve any DPF-related complaints or disputes within forty-five (45) days of receipt. If you have an unresolved DPF complaint that we have not addressed satisfactorily, we commit to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit http://www.jamsadr.com/DPF-Dispute-Resolution for more information or to file a complaint. These services are provided free of charge to you.
You may also have the option to select binding arbitration for the resolution of your complaint under certain circumstances. For further information, please refer to: http://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2
Changes to this Notice
It may be necessary for Viasat to make changes to this DPF Notice consistent with the DPF's requirements, so please check this page periodically. We will announce any material changes to this DPF Notice via channels appropriate to our relationship with you.
Annex 1
List of DPF Self-Certified US Entities
The following Viasat controlled US affiliates certify compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce:
Automation Communications Engineering Corporation
ComPetro Communications Holdings LLC
ComPetro Communications, LLC
Engreen, Inc.
Frontera LLC
Intelie, Inc.
Landtel Communications, L.L.C.
Landtel, Inc.
mmWaveBroadband Co.
RBS Alpha, LLC
RBS Beta, LLC
RigNet EIS, Inc.
RigNet Global Holdings S.a.r.l. (US Branch)
RigNet Holdings, LLC
RigNet Newco, Inc.
RigNet, Inc.
Safety Controls, Inc.
THEU, LLC
TrellisWare Technologies, Inc.
Viasat Carrier Services, Inc.
Viasat China Services, Inc.
Viasat Global Holdings, LLC
Viasat Services Holding Co.
Viasat Technologies Limited (US Branch)
Viasat Worldwide Limited
Viasat, Inc.
VParent, Inc.
VService, Inc.