STATEMENT EXPLAINING HOW Crosswind Cloud Solutions, LLC OPERATING PROCEDURES ENSURE

COMPLIANCE WITH THE FCCS CPNI RULES

Annual Certification Process Summary

Certification for 2016 Covering Prior Calendar Year 2015

The statements listed below describe and summarize Crosswinds procedures and actions that ensure
compliance with the FCCs CPNI Regulations and Rules:

Employee CPNI Training

Trained Crosswind employees when they are not authorized to use CPNI
Crosswind has informed its employees that compliance with the Communications Act and FCC
Rules are extremely important, and has instituted a disciplinary procedure with regards to any
violations of these CPNI requirements by employees that may lead to strict disciplinary actions
including but not limited to; Unfavorable reviews, suspensions, remedial training and potential
termination all dependent upon the circumstances surrounding a violation.

Opt-In/Opt-Out Process

Crosswind does not utilize 3rd Party Marketing Companies for marketing campaigns directed to
our VOIP Customers and therefore, and Opt-In mechanism is not utilized or required.
When applicable Crosswind uses an Opt-Out mechanism when communicating with our
customers. Per CPNI regulations, Crosswind notifies its customers every (2) years of the
customers Opt-Out rights and methods. In 2015 there were no marketing campaigns requiring
Opt-Out notifications.

Opt-Out Mechanism Failure

Crosswind has established internal procedures whereby the company will provide the FCC with
written notice within five (5) business days of any instance where an opt-out mechanism failed
to work as intended.

Marketing Approval for Direct Campaigns

Any marketing campaign directed at Crosswind customers has to be approved by management

prior to release. Management checks to ensure that the Opt-Out options are in place for its
customer for each marketing campaign.

Action Taken Against Data Brokers

No known violations with regard to Data Brokers have occurred within the period of 2015 that
would necessitate any action.

Attempts to Access CPNI Information

In the period of 2015 there were no known breaches from any data brokers getting access to
CPNI.

Other CPNI Compliance Measures

Access to customers CPNI information is strictly controlled via Crosswinds management

application. Access to the application requires a username and password. Passwords are
generated by the system and are 10 digits long contain a mixture of upper case lower case,
digits and shift key symbols found on the standard US keyboard.
All logins are GEO tagged
Some feature access requires the users IP to be in a whitelist
Granular access control systems are in place to allow access to only what is need to preform
ones job.

Customer CPNI Complaints Unauthorized Release of CPNI

In the period of 2015, there were no customer complaints regarding unauthorized release of
CPNI.

Record-Keeping

Crosswind has established procedures to control, document and file all marketing campaigns the
utilized customers CPNI. In the year 2015 Crosswind did not execute any marketing campaigns
directed to our VOIP Customers nor any 3rd party.
As part of our record keeping policy, all marketing campaigns will be maintained for a minimum
of 1 year.

Customer Notification of CPNI Changes

Crosswind has established procedures to notify its customers of any CPNI changes.