This statement is made on behalf of Cogent Communications Holdings, Inc. pursuant to section 54(1) of the Modern Slavery Act 2015 (the "Act") and constitutes our slavery and human trafficking statement.

Cogent Communications UK, Ltd. is a UK corporation registered with Commercial Registry under No.: HRB 73 632, with principal place of business located at 20 Mastmaker Court, Mastmaker Road, London, E14 9UB, UK and with VAT #: GB766151326. Cogent Communications UK, Ltd. is part of the Cogent group of companies operating in North America, Europe and Asia and is managed and ultimately owned by Cogent Communications Holdings, Inc.

Cogent Communications Holdings, Inc. is a Delaware corporation with registration number 5504601 and with its headquarters at 2450 N Street, N.W. Washington, DC, 20037. Cogent Communications Holdings, Inc. is a publicly traded corporation with its shares traded on NASDAQ Stock Exchange under symbol CCOI.

Cogent Communications Holdings, Inc. is a facilities-based provider of low-cost, high-speed Internet access and other communications services. We deliver our services primarily to small and medium-sized businesses, communications service providers and other bandwidth-intensive organizations in North America, Europe and Asia. Further information about Cogent Communications UK, Ltd. and Cogent Communications Holdings, Inc. can be found on our website www.cogentco.com.

We are committed to ensuring that there is no modern slavery or human trafficking in any part of our business or in our supply chains.

We are an internet service provider that predominantly employs professionally qualified and highly skilled people. We consider the risk of Modern Slavery occurring within our business to be low. We select suppliers that have the same values as us, including a commitment to the highest professional standards and ethical conduct in their business dealings.

All of our employees are required to comply with our internal policies, procedures and code of conduct. Every employee is expected to practice high standards of business ethics in every business relationship – with each other, with Cogent, with our customers, with our business partners, and with our competitors. Failure to comply with the law or our policies is subject to disciplinary measures and possible termination.

We have in place a policy and procedures for whistleblowing, which are posted on our Intranet and which ensure that employees can confidentially report concerns regarding our compliance with laws, ethical business practices or compliance with our codes of conduct.

Our third party supply chain consists mainly of equipment and services suppliers: suppliers of telecom equipment, suppliers of IT and technology services, office supplies, cleaning, catering facilities, professional services, fiber vendors and owners of buildings in which we operate, etc. We believe that our supply chain is, therefore, low risk as regards slavery and/or human trafficking. We have not identified an immediate need to take any additional action with regard to such relationships.

We review our procurement and supply chain management procedures regularly with a view to further reinforcing our commitment to the ethical conduct of our business.

We intend to raise more awareness internally of this Statement and in relation to modern slavery across all staff by publishing this statement internally on our intranet.

The Cogent Board of Directors approved this statement on behalf of the members on August 7, 2024.

/s/ David Schaeffer
Dave Schaeffer,
Chairman and Chief Executive Officer

As the General Data Protection Regulation (“GDPR”) has come into force, the Cogent companies listed below (“Cogent”, “we”, “us”, “our”) have been GDPR competent since May 2018. 

Cogent provides dedicated Internet access, Internet transit and/or Ethernet transport services to you and our other customers.  Our provision of services to you does not qualify as ‘processing’ of personal data as that term is used in the GDPR, and the obligations that are incumbent upon a data processor of personal data do not apply to Cogent with respect to any personal data that you or your customers transmit using our services.   As always, we encourage you to take active measures to protect the security of any sensitive data that you send using our services.

As part of the process to install, provide and maintain your services with Cogent, we do from time to time, request contact information for billing and technical contacts.  This contact information constitutes personal data as defined by the GDPR (“Business Contact Personal Data”).   When you provide us with Business Contact Personal Data, we (and/or other Cogent-affiliated companies) are the data controller of Business Contact Personal Data processed under each Customer Subscriber Agreement. You warrant that you have obtained all necessary consents from the data subject concerned for the transfer of Business Contact Personal Data to us. 

We will process Business Contact Personal Data as is necessary to maintain our business relationship with you and to meet our obligations to you under each Customer Subscriber Agreement in accordance with the terms of the data protection provisions contained in your Customer Subscriber Agreement.  Please contact your Cogent sales representative for a copy of these provisions.   As part of these provisions, we ask that you provide the link to our privacy notice to each of data subjects for whom you have provided Business Contact Personal Data to Cogent. 

Last updated: April 11, 2023

Introduction

Cogent and its subsidiaries and affiliates (“we”, “our”, “us”) are committed to protecting and respecting your privacy. For the purpose of the General Data Protection Regulation (the “GDPR”), Cogent’s EU Subsidiaries are the data controller.

This policy sets out the basis on which we will process any personal data or usage information we collect from you, or that you provide to us, in connection with your use of the different Cogent websites that link to this policy (the “Websites”). Please read this policy carefully so that you understand your rights in relation to your personal data, and how we will collect, use and process your personal data. If you do not agree with this Privacy Policy in general or any part of it, you should not access the Website in question.

What types of information do we collect and how we use it?

Information you give us.  You may provide information by contacting us via our Websites, email, telephone or by creating an account in our customer portal, eCogent.

As it is in our legitimate interests to be responsive to you and to ensure the proper functioning of our products and organization, we will use your information to:

• communicate with you via email or telephone;
• administer and provide services and customer support to our customers; or
• enforce our Website terms and conditions.

Technical usage information. When you visit the Website, we collect the information sent to us by your computer, mobile phone, or other access device. This information includes:

• your IP address;
• device information including, but not limited to, identifier, name, and type of operating system;
• mobile network information; and
• standard web information, such as your browser type and the pages you access on our Website.

We collect this information in order to:

• personalize our Website to ensure content from the Website is presented in the most effective manner for you and your device;
• monitor and analyze trends, usage and activity in connection with our Website and services to improve the Website;
• administer the Website and for internal operations, in order to conduct troubleshooting, data analysis, testing, research, statistical and survey analysis;
• keep the Website safe and secure; or
• measure and understand the effectiveness of the content we serve to you and others.

Do we use cookies?

We use cookies to collect information about your browsing activities over time and across different portions of the Website. They allow us to recognize and count the number of users and to see how users move around the Website when they are using it. This helps us to improve the services we provide to you and the way the Website works. You can find more information about cookies and how to manage them at http://www.allaboutcookies.org/

We also use Google Analytics which is a web analytics tool that helps us understand how users engage with the Website. Like many services, Google Analytics uses first-party cookies to track user interactions as in our case, where they are used to collect information about how users use our site. This information is used to compile reports and to help us improve our Website. The reports disclose website trends without identifying individual visitors. You can opt out of Google Analytics without affecting how you visit our site – for more information on opting out of being tracked by Google Analytics across all websites you use, visit this Google page: https://tools.google.com/dlpage/gaoptout.

Sensitive Information

We ask that you not send us, and you not share, any sensitive Personal Information (e.g., government-issued or financial account numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, genetic, or biometric data, criminal background or trade union membership).

How do we share your personal data?

Provide Services and Support.  We do not sell, rent or lease your personal information to others except as described in this Privacy Policy. We share your information with selected recipients. These categories of recipients include:

• Cogent-affiliated companies in the United States which store your personal data, to provide for disaster recovery, as well as for the performance of any contract we enter into with you; and
• IT Services providers that provide us with SaaS services, including Salesforce who we use to store our customer relationship management information.

Comply with Legal Requirements and Corporate Transactions. Cogent may disclose your Personal Information as we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence, for national security and/or law enforcement purposes; (d) to enforce our terms and conditions; and (e) to allow us to pursue available remedies or limit the damages that we may sustain. Additionally, in the event of a reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings), we may transfer the Personal Information we have collected to the relevant third party.

Where do we store your personal data?

Cogent has operations in countries throughout the world.  For users outside of the United States, the information that we collect from you will be transferred to, stored at, and processed in the United States. Your personal data may also processed by staff operating outside of your country who work for us or for one of our suppliers. Such staff are engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. We will take all steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this policy.

Cogent has implemented appropriate safeguards for transfers of personal information originating from the European Economic Area (“EEA”) to Cogent affiliates and unaffiliated third parties located outside the EEA.

The security of your personal data

Unfortunately, the transmission of information via the internet or email is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your information transmitted through the Website or over email; any transmission is at your own risk. Once we have received your information, we will take appropriate technical and organizational measures to safeguard your personal data against loss, theft and unauthorized use, access or modification.

We will, from time to time, host links to and from the websites of our affiliates or third parties. If you follow a link to any of these websites, these websites will have their own privacy policies and we do not accept any responsibility or liability for these policies. Please check these policies before you submit any information to those websites.

How long do we store your personal data?

We will retain your Personal Information for as long as our Customer account is active and for a set period afterwards; as needed to provide our Customer products or services; as needed for the purposes outlined in this Policy or at the time of collection; as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements; or to the extent permitted by law.  In general, we will retain your Personal Information for a period of seven years after the termination of service to our Customer.

Your rights

In certain circumstances you have rights in relation to the personal data we hold about you. We set out below an outline of those rights and how to exercise those rights. Please note that we will require you to verify your identity before responding to any requests to exercise your rights. To exercise any of your rights, please email This email address is being protected from spambots. You need JavaScript enabled to view it. or contact our Data Privacy contact at 2450 N. St, NW, Washington, DC 20037.   In your request, please make clear what Personal Information you would like to have changed, or whether you would like to have your Personal Information that you have provided to us erased from our database. Please note that for each of the rights below we may have valid legal reasons to refuse your request, in such instances we will let you know if that is the case.

• Access: You have the right to know whether we process personal data about you, and if we do, to access data we hold about you and certain information about how we use it and who we share it with.
• Correction: You have the right to require us to correct any personal data held about you that is inaccurate and have incomplete data completed.  
• Erasure: You may request that we erase the personal data we hold about you in the following circumstances:  where you believe it is no longer necessary for us to hold the personal data, we are processing it on the basis of your consent and you wish to withdraw your consent, we are processing your data on the basis of our legitimate interest and you object to such processing, you no longer wish us to use your data to send you marketing or you believe we are unlawfully processing your data.).  Please provide as much detail as possible on your reasons for the request to assist us in determining whether you have a valid basis for erasure.

Objection to Marketing

At any time you have the right to object to our processing of data about you in order to send you marketing materials, including where we build profiles for such purposes and we will stop processing the data for that purpose.

Complaints

In the event that you wish to make a complaint about how we process your personal data, please contact us in the first instance at This email address is being protected from spambots. You need JavaScript enabled to view it. and we will endeavor to deal with your request as soon as possible. This is without prejudice to your right to launch a claim with regulatory authority in the country in which you live or work where you think we have infringed data protection laws.

Changes

We may update this policy from time to time.  Any changes we will make to this policy in the future will be posted on this page. Please check back frequently to see any updates or changes to this policy.

Contact Us

Questions, comments and requests regarding this policy are welcomed and should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or by mail to Cogent’s corporate headquarters located at:

Data Privacy Contact
Cogent Communications, LLC.
2450 N. St., NW
Washington, DC 20037

Last updated: April 10, 2024

1. Notice to Data Subjects

The Cogent companies listed at the end of this Notice (“Cogent”, “we”, “us”, “our”) provide Internet access, Internet transit and/or Ethernet transport services to businesses, i.e. our customers, or receive services from businesses, i.e., our vendors (for ease of reference, we refer to both our customers and vendors in this notice as a “Company” or “Companies” and the services provided as “Services”).  As part of the provision of these services to or receipt of services from Companies, you, as an employee or representative of a Company, may be asked to disclose limited personal data (e.g. business contact details) to one or more of us, or your Company may disclose your personal data to Cogent, to enable Cogent to communicate with you in order to provide or receive Services. The Cogent company or companies from whom your Company has ordered Services or to whom your Company provides Services will be the data controller(s) of your data for these purposes and the purposes of the General Data Protection Regulation (GDPR). 

This notice sets out the basis on which we will process your personal data. Please read this notice carefully so that you understand your rights in relation to your personal data, and how we will collect, use and process your personal data. If you do not agree with this notice in general or any part of it, you should inform your Company or Cogent as soon as possible.  

What types of information do we collect and how we use it?

Your Company or you may provide the following types of your personal data to us by contacting us via our customer portal, email, telephone or otherwise: 

• name;
• email address;
• telephone number; and
• job role. 

Purposes of Processing and Legal Basis for Processing

Cogent will process your personal data for the following purposes:

• to contact and interact with you to perform our obligations under our contract with your Company in order to pursue our legitimate interest of communicating with our customers and running an effective business;
• to monitor and record calls for quality, training, analysis and other related purposes in order to pursue our legitimate interest to improve service delivery; and
• enforce our terms and conditions against your Company in order to pursue our legitimate interests of running an effective business.

Recipients of Data and International Transfers

Cogent does not sell, rent or lease your personal information to others except as described in this notice. We share your information with selected recipients. The categories of recipients include:

• IT Services providers that provide us with SaaS services.
• Cogent will share your information with law enforcement agencies, public authorities or other organizations if legally required to do so, or if we have a good faith belief that such use is reasonably necessary to:
• comply with a legal obligation, process or request;
• enforce our terms and conditions and other agreements, including investigation of any potential violation thereof;
• detect, prevent or otherwise address security, fraud or technical issues; or
• protect the rights, property or safety of us, our users, a third party or the public as required or permitted by law (exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction).

Cogent will also disclose your information to third parties:

• in the event that we sell any business or assets, in which case we will disclose your data to the prospective  buyer of such business or assets; or
• if we or substantially all of our assets are acquired by a third party, in which case information held by us about our users will be one of the transferred assets.

Where do we store your personal data?

Your personal data will be transferred within our group to the United States of America, and stored by Cogent’s United States affiliate, Cogent Communications, Inc., located at 2450 N. St., Washington, DC 20037, United States of America. Your personal data is also processed by staff operating outside the European Economic Area (“EEA”) or the United Kingdom (UK) who work for us or for one of our suppliers. Such staff are engaged in, among other things, communicating with you about the fulfilment of your Company's order and the provision of support services. Such countries may not have the same data protection laws as your country but we will take all steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this notice.

For any transfers of data outside the EEA or the UK, the data transfer will be under the European Commission’s model contracts for the transfer of personal data to third countries (i.e., the standard contractual clauses) (the “Model Clauses”), or any equivalent contracts issued by the relevant competent authority of the UK, as relevant, unless the data transfer is to a country that has been determined by the European Commission or the relevant UK authorities (as applicable) to provide an adequate level of protection for individuals’ rights and freedoms for their personal data.

Please contact our data privacy contact at This email address is being protected from spambots. You need JavaScript enabled to view it. for copies of the standard contractual clauses.

Retention Period

We may retain your personal data for as long as required to perform the Services and/or the purposes of processing set out above.

We will retain your information until we are notified that you no longer work for your Company or for a period of seven (7) years after your Company has terminated its contractual relationship with Cogent. 

Your rights

In certain circumstances you have rights in relation to the personal data we hold about you. We set out below an outline of those rights and how to exercise those rights. Please note that we will require you to verify your identity before responding to any requests to exercise your rights by providing reasonably acceptable verification of your identity.  To exercise any of your rights, please email This email address is being protected from spambots. You need JavaScript enabled to view it.. Please note that for each of the rights below we may have valid legal reasons to refuse your request, in such instances we will let you know if that is the case.

• Access: You have the right to know whether we process personal data about you, and if we do, to access data we hold about you and certain information about how we use it and who we share it with.
• Correction: You have the right to require us to correct any personal data held about you that is inaccurate and have incomplete data completed.
• Erasure: You may request that we erase the personal data we hold about you in the following circumstances:  where you believe it is no longer necessary for us to hold the personal data, we are processing your data on the basis of our legitimate interest and you object to such processing, you no longer wish us to use your data to send you marketing or you believe we are unlawfully processing your data.).  Please provide as much detail as possible on your reasons for the request to assist us in determining whether you have a valid basis for erasure.
• Restriction of Processing to Storage Only: You have a right to require us to stop processing the personal data we hold about you other than for storage purposes in the following circumstances: you believe the personal data is not accurate for the period it takes for us to verify whether the data is accurate, we wish to erase the personal data as the processing we are doing is unlawful but you want us to simply restrict the use of that data; we no longer need the personal data for the purposes of the processing but you require us to retain the data for the establishment, exercise or defense of legal claims; and you have objected to us processing personal data we hold about you on the basis of our legitimate interest and you wish us to stop processing the personal data whilst we determine whether there is an overriding interest in us retaining such personal data.
• Objection: You have the right to object to our processing of data about you and we will consider your request.  Please provide us with detail as to your reasoning so that we can assess whether there is a compelling overriding interest in us continuing to process such data or we need to process it in relation to legal claims.

Objection to Marketing

At any time you have the right to object to our processing of data about you in order to send you marketing or promotional material, including where we build profiles for such purposes and we will stop processing the data for that purpose. Please email us at This email address is being protected from spambots. You need JavaScript enabled to view it. if you would like to object to receiving marketing communications from us.

Complaints

In the event that you wish to make a complaint about how we process your personal data, please contact us in the first instance at This email address is being protected from spambots. You need JavaScript enabled to view it. and we will endeavor to deal with your request. This is without prejudice to your right to raise a claim with a supervisory authority.

How to contact us

If you have any questions about our use of your personal data, please contact This email address is being protected from spambots. You need JavaScript enabled to view it..

Last updated: December 1, 2022