Skip to main content
Trellis Internet

DRAFT — Pending attorney review

This document is a working draft prepared by Trellis Internet staff for review by counsel. It is not a final policy and should not be relied upon as a binding agreement until it is published in non-draft form.

Privacy Policy

Last updated:

Trellis Internet (“Trellis,” “we,” or “us”) provides fixed wireless broadband service in Sonoma and Napa Counties, California. This Privacy Policy explains what information we collect, how we use it, and the rights you have over your information. It is designed to satisfy the California Online Privacy Protection Act (CalOPPA) and applicable Federal Communications Commission (FCC) privacy rules for broadband providers.

1. Overview

We collect only the information we need to deliver internet service, maintain our network, bill accurately, comply with the law, and support our customers. We do not sell your personal information. We do not share the contents of your communications with advertisers. When third parties help us run the business (for example, payment processors or installation contractors), we hold them to written confidentiality and security obligations.

This policy applies to information collected through trellisinternet.com, through your use of Trellis Internet service, and through any other channel where we collect information about you (phone, email, in person). It does not apply to the privacy practices of third-party websites you may access over our network.

2. Information We Collect

2.1 Information you give us directly

  • Account information: name, service address, mailing address, email address, telephone number.
  • Service eligibility data: coordinates of your service address and any line-of-sight notes used to confirm serviceability.
  • Payment information: billing address, the last four digits of your card or bank account, and the tokenized reference issued by our payment processor. We do not store full card numbers on our systems.
  • Identity verification: if we need to verify your identity (for example, before releasing account access) we may request a government-issued ID. We retain only what is needed to evidence the verification.
  • Communications: records of your support tickets, chats, emails, and phone calls with our team. Calls may be recorded for quality assurance; we tell you at the start of the call when this is the case.

2.2 Information we collect automatically

  • Network usage data: the IP address(es) assigned to your connection, total bytes transmitted, and aggregate throughput. We do not log the contents of your communications.
  • Device and session data on our website: the pages you view, the IP address and approximate location of the request, the referrer that brought you to our site, your browser, operating system, and device class.
  • Cookies and similar technologies: see Section 6.

2.3 Information from third parties

  • Mapping and address verification: when you check coverage, we send your address to mapping services to resolve it to coordinates and confirm it is within our coverage area.
  • Credit and fraud screening: if we run a credit or fraud check (we will tell you if we do), we receive the result from the agency we use.

3. How We Use Your Information

We use information for the following purposes:

  • To provision, deliver, and maintain your internet service.
  • To bill you, accept payment, and answer billing questions.
  • To answer support requests, troubleshoot connectivity issues, and manage warranty or equipment replacement.
  • To operate, monitor, and protect our network against abuse, congestion, and security threats.
  • To improve our service, including aggregating de-identified usage statistics to plan capacity.
  • To comply with applicable law, valid legal process, and our regulatory obligations (including FCC Customer Proprietary Network Information rules).
  • To send you service-related notices (outage alerts, billing notices, policy updates). These are not marketing messages and you cannot opt out of them while you remain a customer.
  • To send marketing communications, where you have opted in. You can opt out at any time using the unsubscribe link in any marketing email or by contacting us.

4. How We Share Your Information

We share information only as described below. We do not sell your personal information.

  • Service providers: with vendors who perform services on our behalf, such as payment processing, email delivery, customer support tooling, network monitoring, and installation/field-tech contractors. These vendors are contractually limited to using your information only to perform services for us.
  • Legal compliance: when required by law, court order, subpoena, or other legal process, or when we believe in good faith that disclosure is necessary to protect the rights, property, or safety of Trellis Internet, our customers, or others.
  • Business transfers: in connection with a merger, acquisition, financing, or sale of assets, subject to standard confidentiality protections and applicable law.
  • With your consent: in any other case, only with your prior consent.

5. Customer Proprietary Network Information (CPNI)

Under FCC rules, Customer Proprietary Network Information is data about the type, technical configuration, location, amount of use, and related billing for the telecommunications and broadband services you receive from us. CPNI is sensitive: we restrict access to authorized personnel, require multi-factor authentication for account changes, and notify you of certain account changes by separate channel.

We use CPNI to provide the services you purchased from us, to recommend upgrades within the same category of service you have, and to comply with our legal obligations. We will not use, share, or grant access to CPNI for any other purpose without your prior affirmative consent.

You may restrict our use of your CPNI for marketing of other categories of service at any time by contacting us using the information in Section 14. Restricting CPNI use will not affect the service you currently receive.

6. Cookies and Tracking Technologies

Our website uses a small number of cookies and similar technologies. We use Google Consent Mode v2. Until you accept, analytics and ad-measurement cookies are blocked at the tag layer — the tag loads but does not write cookies or send identifiable data.

Specifically, the following analytics cookies may be set when you consent (Google Analytics 4, property G-1GR3SPQB11):

  • _ga — assigns a randomized client ID used to distinguish visitors. Retention: 2 years from last visit.
  • _ga_1GR3SPQB11 — per-property session state for this Google Analytics 4 property. Retention: 2 years from last visit.

You can clear these cookies at any time through your browser settings or change your choice via Your Privacy Choices.

  • Strictly necessary cookies keep the site working — remembering your dark/light mode preference and keeping you logged in to the customer portal once that exists.
  • Analytics cookies count visits to pages and measure performance so we can find and fix problems. We configure analytics to record only anonymized or aggregated data.
  • Advertising-measurement cookies let us see when someone who clicked a Trellis ad on Google or another platform completes the signup form on our site. We use Google Ads conversion tracking (the gtag.js tag) for this. To improve the accuracy of that measurement, when you submit the signup form we send Google a one-way SHA-256 hash of your name, email, phone number, and ZIP — Google calls this Enhanced Conversions. The original (unhashed) values are never sent to Google for this purpose, and Google uses the hashed values only to match your form submission to the ad click that brought you to our site — not to retarget you or build a profile across other sites. Google's privacy practices are described at policies.google.com/privacy.

We do not permit cross-site behavioral retargeting on our site. You may block cookies through your browser settings; if you do, the advertising-measurement signal above will not fire, but the rest of the site will continue to work normally.

7. Do Not Track Signals

Some browsers send a “Do Not Track” (DNT) signal to websites. Because there is no consistent industry standard for interpreting DNT, our website does not respond differently when DNT is enabled. Regardless of DNT, we do not permit third-party behavioral advertising on our site.

California residents may exercise the rights described in Section 11 regardless of the DNT setting of their browser.

We honor the Global Privacy Control (GPC) signal. If your browser sends Sec-GPC: 1, we automatically opt you out of analytics and ad-measurement sharing without requiring a banner click. This applies on every page load — you do not need to set a cookie or interact with our consent banner for the opt-out to take effect.

8. Data Security

We maintain administrative, technical, and physical safeguards designed to protect the information we hold. These include encryption of customer data in transit and at rest, role-based access controls, least-privilege provisioning for employees and contractors, periodic credential rotation, and logging of access to sensitive systems. Despite these measures, no method of transmission or storage is 100% secure; we cannot guarantee absolute security.

If we determine that a breach of security has occurred and that breach materially affects your information, we will notify you within thirty (30) calendar days of that determination, consistent with FCC rules for broadband providers. If the breach affects 5,000 or more customers, we will also notify the FCC, the Federal Bureau of Investigation, and the United States Secret Service within seven (7) business days.

9. Data Retention

We retain personal information only for as long as it is needed for the purposes described in this policy or as required by applicable law. Specifically:

  • Account and billing records are kept for the life of the account and for at least seven (7) years after termination, to meet tax, accounting, and audit obligations.
  • Network event logs (signal strength, link quality, throughput counters) are kept for up to ninety (90) days for operational troubleshooting and then aggregated or deleted.
  • Support tickets and call recordings are kept for up to two (2) years.
  • Information collected only for analytics is retained in aggregated form; identifiers are removed or hashed.

10. Your Privacy Rights

Regardless of where you live, you may exercise the following rights by contacting us using the information in Section 14:

  • Request a copy of the personal information we hold about you.
  • Request correction of inaccurate information.
  • Restrict our use of your CPNI as described in Section 5.
  • Opt out of marketing communications at any time.

11. California Resident Rights

Trellis is below the revenue and data thresholds that make the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) mandatory. As a matter of policy, we extend equivalent rights to California residents:

  • Right to know: ask us what categories and specific pieces of personal information we have collected about you, the sources, and the purposes.
  • Right to delete: ask us to delete personal information we hold about you, subject to legal and contractual exceptions (for example, we must keep billing records for tax purposes).
  • Right to correct: ask us to correct inaccurate personal information.
  • Right to opt out of “sale” or “sharing”: we do not sell personal information. We share limited data (hashed identifiers via Google Ads Enhanced Conversions) for ad-conversion measurement only when you have consented; you can opt out at any time via Your Privacy Choices in the footer.
  • Right to limit use of sensitive personal information: we use sensitive personal information only to provide the service you requested, comply with the law, and secure our network.
  • Right to non-discrimination: we will not deny, charge different prices for, or provide a different quality of service because you exercised any of these rights.

To exercise these rights, use the Your Privacy Choices link in the site footer, which routes to /privacy/request, or contact us using the information in Section 14. We will verify your identity using information already on file before completing your request.

12. Children’s Privacy

Our service is offered to adults; the account holder must be at least eighteen (18) years old. We do not knowingly collect personal information from children under the age of thirteen (13) and do not direct our marketing to children. If you believe a child under 13 has provided us with personal information, please contact us and we will delete the information.

13. Changes to This Policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top of the page reflects the most recent revision. For material changes, we will notify active customers by email and post a notice on our website at least thirty (30) days before the change takes effect.

14. Contact Us

To exercise any of the rights described in this policy, or with any privacy question: