top of page

1. General Information

Permission Association, a Swiss Association (in the German language: Verein), located at Baarerstrasse 10, 6300 Zug, Switzerland (the “Association,” “we” or “us”) is the operator of this website, together with the Permission/ASK Bridge (reachable under: https://askbridge.io) (each a “Website” and together, our “Websites”). As the operator of the sites, we take the protection of your Personal Data very seriously. We collect, process and use your Personal Data in accordance with this privacy policy and in compliance with the Swiss Federal Act on Data Protection (“FADP”), the Swiss Ordinance to the Federal Act on Data Protection (“OFADP”) and the General European Data Protection Regulation (“GDPR”).

This privacy policy (“Privacy Policy”) will provide you with information about the collection, processing, and use of your Personal Data when using our Websites.

In case you provide us with the Personal Data of third persons (such as family members, work colleagues, etc.), you should make sure that these persons are familiar with this Privacy Policy, and you should only share their Personal Data if you have permission to do so.

We take confidentiality and privacy issues very seriously. We therefore ensure that your personal information is secure; we communicate our privacy and security guidelines and practices to all our employees and service providers and strictly enforce privacy safeguards within our organization. This Privacy Policy applies only to the actions of Permission and of users with respect to our Websites. It does not extend to websites that can be accessed from our Websites, including, but not limited to, any links we may provide to social media websites.

2. Definitions and Interpretation

2.1 In this Privacy Policy, the following definitions are used:

Data: all information that you submit to us via our Websites.

Personal Data: all information making you directly or indirectly identifiable (e.g., your name, first name, address, phone number or email address, but also the IP address of your computer, for example, or the information relating to your browsing of our Websites).

Cookies: A small text file placed on your computer by our Websites when you visit certain parts of our Websites and/or when you use certain features of the Websites. Please refer to the Cookie Policy for more information.

Data Controller: The processing of any Personal Data provided or collected on the Website/Platform/App is carried out under the supervision of Permission Association, Baarerstrasse 10, 6300 Zug, E-Mail: contact@permissionassociation.org.

GDPR: The “General Data Protection Regulation” (EU Regulation 2016/679) as well as any national legislation adopted in accordance therewith.

Websites: The Website: www.permissionassociation.org and all subdomains of this Website, including the Permission/ASK Bridge (reachable under: https://askbridge.io, unless they are expressly excluded from the scope of this Privacy Policy by their own terms and conditions.

2.2 In this Privacy Policy, unless the context requires a different interpretation:

The singular includes the plural and vice versa;
References to sections, clauses, appendices refer to the sections, clauses, appendices of this Privacy Policy;
A reference to a person includes firms, companies, government entities, trusts, and partnerships;
“Including” means “including, but not limited to”;
A reference to any legislative provision includes all amendments thereto; and
Headings and subheadings are not part of this Privacy Policy.

3. Responsible Person

For any matters relating to data protection you may contact notices@permissionassociation.org in writing by e-mail or letter to the following address:

Permission Association Baarerstrasse 10 
6300 Zug, Switzerland


Email: notices@permissionassociation.org

Our representative in the EU according to article 27 GDPR is:

Permission Association
Baarerstrasse 10 
6300 Zug, Switzerland

4. Data Processing in Connection with the Sites

4.1 Visiting our Websites

When you visit our Website, the hosting provider of our Website, Amazon Web Services (AWS), automatically collects and stores various information in so-called server log files that your browser transmits to us. The information/data mentioned is neither assigned to specific persons nor linked to data from other sources. The following technical data will be recorded by us, as usual with every connection with a web server, without your intervention, and stored by us until automatic deletion:
 

  • IP Address

  • User Agent 

  • Operating System
     

Browser Name, Version and Date/Time of Visit
The collection and processing of this technical data is for the purpose of enabling the use of our Website, continuously ensuring system security and stability, optimising our Website, and for internal statistical purposes. This is our legitimate interest in the processing of data in the sense of Art. 6 Par. 1 lit. f GDPR.

Furthermore, the IP addresses will be evaluated, together with other data, in case of attacks on the network infrastructure or other unauthorized use or misuse of the website, for the purpose of intelligence and protection, and if appropriate, used in criminal proceedings for identification and civil and criminal proceedings against the relevant users. This is our legitimate interest in the processing of data in the sense of Art. 6 Par. 1 lit. f GDPR.

4.2 Use of Websites Cookies

 

The Websites use cookies. Cookies are text files that are stored in a computer system via an Internet browser. More detailed information on cookies and how they work can be found at: http://www.allaboutcookies.org.

 

Many Internet sites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a character string through which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This allows visited Internet sites and servers to differentiate the individual browser of the data subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified using the unique cookie ID.

 

When you visit our Websites, we may collect information from you automatically through cookies. You may prevent the setting of cookies through our Websites by means of a corresponding setting of the Internet browser used, and may thus permanently deny the setting of cookies. Furthermore, previously set cookies may be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers. If you deactivate the setting of cookies in the Internet Browser used, it may not be possible to use all the functions of our Websites.

 

If you do not agree to our use of cookies, you should set your browser settings accordingly as described above or not use our Websites. By continuing to use our Websites without changing your settings, you are agreeing to our use of cookies and the terms with regard to cookies of this Privacy Policy.

 

Through the use of cookies, the Association can provide the users of this Website with more user-friendly services that would not be possible without the cookie setting.

 

Cookies allow us, as previously mentioned, to recognize our website users. The purpose of this recognition is to make it easier for users to utilize our website. The Website user that uses cookies, e.g., does not have to enter access data each time the website is accessed, because this is taken over by the website, and the cookie is thus stored on the user’s computer system.

Note: You should be aware that getting a new computer, installing a new Internet browser, upgrading an existing browser, or erasing or otherwise altering your Internet browser’s cookies may also clear certain opt-out cookies, plugins or settings.

 

Permission Association may use the following “cookies” to track your visit:

Provider

Auth0

Google Analytics

Facebook

X/Twitter

YouTube

LinkedIn

Medium

Reddit

Telegram

Purpose

To handle user authentication.

To ensure system security and optimise the use of our website.

To enable functionality with social media features.

To enable functionality with social media features.

To enable functionality with social media features.

To enable functionality with social media features.

To enable functionality with social media features.

To enable functionality with social media features.

To enable functionality with social media features.

4.3 Opening an account with Permission.io

 

Should your use of our Websites and services involve registering with Permission.io, you may be required to provide Permission.io with an email address and password. Once you have created an account, in order to set up your wallet, you will need to provide a photo of yourself, as well as a photo of your government-issued identification, and any other information required under applicable law to verify your identity. In order to receive our ASK tokens, you may also choose to provide additional information to Permission.io, including but not limited to:

a. Due to legal obligations:

  • identity checks, fraud and financial crime and market abuse prevention or detection. If a potential fraud is detected, any person connected to it or you could be refused certain or all services.

  • fulfilling control and reporting obligations under applicable financial regulations including, without limitation, securities and financial crime regulations

  • fulfilling requirements related to our licenses and regulatory permissions

  • complying with regulatory record keeping obligations

  • complying with regulatory obligations in relation to measuring and managing relevant risks

b. For purposes of legitimate business and other interests pursued by us or a third party (including sharing of data) in:

  • carrying on business relationships with clients and other parties

  • providing services to clients

  • validating the authority of signatories (e.g., when concluding agreements and transactions)

  • performing obligations and exercising rights under and otherwise carrying out contracts, or taking pre-contractual measures
     

(If you are our client, the level and nature of processing of your Personal Data that we may carry out pursuant to this paragraph will likely depend on the specific product or service to be provided to you and can include needs assessments and other assessments to provide advice and support to you, as well as to carry out transactions contemplated in, or necessary to fulfill, such legal agreement).
 

  • consulting with credit rating agencies to investigate creditworthiness and credit risks where we may have an exposure to you

  • developing, deploying and supporting our products and services

  • developing and furthering our business and business relationships, and keeping our clients and other stakeholders satisfied

  • reviewing and optimizing procedures for needs assessment for the purpose of direct client discussions

  • marketing or market and opinion research

  • protecting our businesses and the integrity of the relevant markets

  • obtaining Personal Data from publicly available sources for client acquisition purposes

  • compliance with licencing, permission and / or licencing exemption requirements and regulatory requests or guidance related to such licences, permissions or exemptions

  • due diligence

  • facilitation of and responding to, regulatory requests and supervisory visits, and otherwise acting in open and collaborative manner with competent regulatory authorities

  • prevention of and investigations related to financial crime, including fraud, financing of terrorism and money laundering, and compliance with sanctions, including know your customer (KYC) and regular politically exposed persons (PEP) screening

  • asserting legal claims and defences in legal disputes

  • carrying out conflict checks

  • handling client complaints

  • managing risk and securing our systems, assets, infrastructure and premises

  • asserting legal claims and defences in legal disputes

  • exercising and defending our legal rights and position anywhere in the world

  • compliance with regulatory guidance, policy statements, best practice and associated policy requirements and controls in connection with the carrying on business

  • complying with legal and regulatory obligations and cooperating with regulatory, judicial and other authorities and bodies around the world

c. As a result of your consent:

  • There may be circumstances where we ask for your consent to process your Personal Data. As long as you have granted us this consent, this processing is legal on the basis of that consent.

  • You can withdraw your consent at any time.

  • Withdrawal of consent does not affect the legality of data processing carried out prior to withdrawal.

  • personal details relating to you (name, date and place of birth, nationality, gender, domicile)

  • contact details, including private and / or business phone numbers, postal and email addresses

  • identification data such as passports, National Insurance or Social Security numbers, driving license, ID cards, social network user names, customer identifiers (CIF, IBAN / BIC), relationship identifiers (e.g., client segment and account balance), photographs

  • marital status, name of spouse, number of children (if applicable)

  • tax status (e.g., tax ID)

  • order data (e.g., payment data and account information)

  • data from the fulfillment of our contractual obligations

  • information about your financial situation (e.g., source of wealth, incomes, benefits, mortgage information, shareholdings)

  • video and telephone / audio recordings

  • data relating to criminal convictions and offences (including excerpts of criminal register)

  • data related to designation of your status as a politically exposed person (PEP) and related information

  • marketing and sales data (e.g., customer relationship documentation)

  • data relating to your habits and preferences

  • data from your interactions with us, our internet websites, our apps, our social media pages, meetings, calls, chats, emails, interviews and phone conversations

  • documentation data (e.g., file notes or meeting minutes from a consultation, client needs and product usage)

  • data relating to your current and past professional roles and employment, and education (e.g., corporate title, membership of professional associations or bodies, career histories or biographies, job function, knowledge and experience in investment matters, qualifications and skills)

  • other data similar to the broad categories mentioned above.

Data

Purpose of Processing

You are free to change or completely remove any information shared with Permission.io at any time. However, refusing to provide requested Personal Data might prevent you from using certain features of Permission.io’s Services. If you use Permission.io’s Services to withdraw and/or transfer your ASK tokens to another ASK-compatible wallet, Permission.io or its service providers may collect additional information to verify your identity in accordance with its legal obligations.

 

This processing of your Personal Data lays in the responsibility of Permission.io and occurs according to their privacy policy. Please check with Permission.io regarding their privacy policy.

 

This is our legitimate interest in the processing of Data in the sense of Art. 6 Par. 1 GDPR.

4.4 Contact possibility via the website

 

You may contact us via our website’s contact page or by email to the following e-mail address: support@permissionassociation.org. For this, we require the following information: Name, Subject, E-Mail address, message.

 

Additionally, whenever you access or interact with our services, we collect some general data and information about the request and store the relevant details in server or system log files. This data includes details like your IP address, your browser type and version used, mobile identifiers, MAC address, your device type and operating system, the time and date you accessed the services, and the pages you viewed directly before and after accessing our services. Additional details may be collected or derived from this information for use in the event of an attack on our information technology systems.

 

To support these efforts, we analyze de-identified or aggregated collected data and information statistically, with the aim of increasing the data protection and security of the Association, and to maintain an optimal level of protection for the Personal Data we process.

 

We use this data, which you may give voluntarily, only in order to answer your contact question or to reply to your email in the best possible manner. Therefore, the processing of this data is in our legitimate interest in accordance with Art. 6 Par. 1 lit. f GDPR and you have provided consent in accordance with Art. 6 Par. 1 lit. a GDPR.

 

4.5 Personal Data and the Blockchain 

 

Blockchain technology may be used as part of the services. Blockchains are decentralized and made up of digitally recorded data in a chain of packages called “blocks.” The manner in which these blocks are linked is chronological, meaning that the data is very difficult to alter once recorded. Since the ledger may be distributed all over the world, this means there is no single person making decisions or otherwise administering the system (such as an operator of a cloud computing system), and that there is no centralized place where it is located either.

 

Accordingly, by design, a blockchain’s data cannot be changed or deleted and is said to be “immutable.” This may affect your ability to exercise your rights such as your right to erase (“right to be forgotten”), or your rights to object or restrict processing of your Personal Data. Data on the blockchain cannot be erased and cannot be changed. Although smart contracts may be used to revoke certain access rights, and some content may be made invisible to others, it is not deleted.

 

In certain circumstances, in order to effect delivery of tokens or provision of other services, it will be necessary to collect certain Personal Data, such as your wallet address, onto the blockchain; this is done through a smart contract and requires you to execute such transactions using your wallet’s private key.

 

The ultimate decision to (a) transact on the blockchain using your wallet address, as well as (b) share the public key relating to your wallet address with anyone (including us) rests with you. IF YOU WANT TO ENSURE YOUR PRIVACY RIGHTS ARE NOT AFFECTED IN ANY WAY, YOU SHOULD NOT TRANSACT ON BLOCKCHAINS AS CERTAIN RIGHTS MAY NOT BE FULLY AVAILABLE OR EXERCISABLE BY YOU OR US DUE TO THE TECHNOLOGICAL INFRASTRUCTURE OF THE BLOCKCHAIN. IN PARTICULAR, THE BLOCKCHAIN IS AVAILABLE TO THE PUBLIC AND ANY PERSONAL DATA SHARED ON THE BLOCKCHAIN WILL BECOME PUBLICLY AVAILABLE.

 

By using any of our services that involve blockchain technology, including use of the Permission/ASK Bridge, you give us your consent to process the given data in order to perform the requested activity. This consent constitutes the legal basis for our processing of the above information in the sense of Art. 6 Par. 1 GDPR.

 

4.6 ASK Bridge

 

Should you choose to use the Permission/ASK Bridge, some of your Personal Data will be collected and shared, per the table below:

Permission Association & its AWS Database

Permission.io & its AWS Database

Fireblocks, Inc.

Public Ethereum address, amount of ASK being transferred, current balance of ASK in wallet, IP address, user agent, transaction date and time, transaction number, block number, and gas fee.

Public Ethereum address, amount of ASK being transferred, current balance of ASK in wallet, IP address, user agent, transaction date and time, transaction number, block number, and gas fee.

Amount of tokens to mint to addresses.

By using any of our services that involve blockchain technology, including use of the ASK Bridge, you give us your consent to process the given data in order to perform the requested activity. This consent constitutes the legal basis for our processing of the above information in the sense of Art. 6 Par. 1 lit. a GDPR. 

4.7 Other parties who have access to information we collect

 

With the exceptions described in this section, we do not make your Personal Data available to third parties unless you have expressly consented to it, if we are legally obligated to, or if it is necessary to enforce our rights concerning a contractual relationship.

 

We transmit your Data only to our employees who are authorized to process it as part of their duties.

 

We may grant access to Personal Data about you:
 

  • to public entities and institutions (e.g., regulatory, quasi-regulatory, tax or other authorities, law enforcement agencies, courts, arbitrational bodies, fraud prevention agencies)

  • to credit and financial service institutions or comparable institutions in order to carry on a business relationship with you depending on the contract with you

  • to third parties in connection with transactions that are involved in (e.g., correspondent banks, brokers, exchanges, processing units and third-party custodians, issuers, investors, prospective buyers and other transaction participants and their representatives)

  • to prospective buyers as part of a sale, merger or other disposal of any of our business or assets to a natural or legal person, public authority, regulatory agency or body for which you have given us your consent to transfer Personal Data to

  • to professional advisors including law firms, accountants, auditors and tax advisors

  • to insurers

  • to service providers and agents appointed by us for the purposes given. These are companies in the categories of IT services, logistics, printing services, telecommunications, advice and consulting, and sales and marketing and translation services in relation to Website/Platform/App on our behalf, and we ensure that they provide for the necessary guarantees with respect to the Swiss Federal Act on Data Protection, the Swiss Ordinance to the Federal Act on Data Protection and the GDPR. The transfer of this data is for the purpose of providing and maintaining the functionality of our Website. This is our legitimate interest in the sense of Art. 6 Par.1 lit. b and lit. f GDPR.
     

In principle, we process your Data in Switzerland. In case it is necessary to transfer your Data to third parties outside Switzerland and the EU, the Data will only be transferred to countries and/or parties that provide an adequate level of protection in accordance with the Swiss and European standards.

 

If the level of data protection in a country where a service provider is located does not correspond to the Swiss and European data protection level, we contractually ensure that the protection of your Personal Data corresponds to that in Switzerland and the EU at all times, by concluding agreements using the standard contractual clauses complying with the GDPR. You understand that the data protection legislation in such other countries may not give you as much protection as the data protection legislation in the country where you are located.

All Personal Data used by these third parties is solely used for the purposes of the services provided at your request. Any use for other purposes is strictly prohibited. In addition, any Personal Data processed by third parties will be in accordance with the terms of this Privacy Policy and in compliance with the Swiss Federal Act on Data Protection and the GDPR. The third party providers we use will only collect and use your information to the extent necessary to enable them to perform the services they provide to us.

5. Data Security

Permission Association takes reasonable administrative, technical and physical security measures to help protect your Personal Data from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction. We follow generally accepted standards to protect the Personal Data submitted to us, both during transmission and once it is received, taking into account the nature of such data and the risks involved in processing, and comply with applicable laws and regulations.

While we have taken reasonable steps to secure the Personal Data you provide to us, please be aware that no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse. Any information disclosed online is vulnerable to interception and misuse by unauthorized parties. Therefore, we cannot guarantee complete security if you provide Personal Data via our Websites.

 

Any data transmission on the Internet is generally not secure, and we accept no liability for data transmitted to us via the Internet. Unfortunately, absolute protection is not technically possible.

This information does not apply to the websites of third parties and the corresponding links given on our websites. The Association assumes no responsibility and liability for these.

6. Your Rights Regarding Your Data

6.1 Right to confirmation

 

You have the right to obtain confirmation from the Association as to whether or not Personal Data concerning you is being processed. If you wish to avail yourself of this right of confirmation, you may, at any time, contact the responsible person as stated in section 3 of this Privacy Policy.

 

6.2 Right to access

 

You have the right to obtain from the Association free information about your Personal Data stored at any time and a copy of this information. Furthermore, you will have access to the following information:

 

  • the purposes of the processing;

  • the categories of Personal Data concerned;

  • the recipients or categories of recipients to whom the Personal Data have been or will be disclosed, in particular recipients in third countries or international organizations;

  • where possible, the envisaged period for which the Personal Data will be stored, or, if not possible, the criteria used to determine that period;

  • the existence of the right to request from the Association rectification or erasure of Personal Data, or restriction of processing of Personal Data concerning you, or to object to such processing;

  • the existence of the right to lodge a complaint with a supervisory authority;

  • where the Personal Data are not collected directly from you, any available information as to their source; and

  • the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing for you.

 

If you wish to avail yourself of this right of access, you may at any time contact the responsible person as stated in section 3 of this Privacy Policy.

 

6.3 Right to rectification

 

You have the right to obtain from the Association, without undue delay, the rectification of inaccurate Personal Data concerning you. Taking into account the purposes of the processing, you shall have the right to have incomplete Personal Data completed, including by means of providing a supplementary statement. If you wish to exercise this right to rectification, you may, at any time, contact the responsible person as stated in section 3 of this Privacy Policy.

 

6.4 Right to erasure (right to be forgotten)

 

You have the right to obtain from the Association the erasure of Personal Data concerning you as soon as possible, and the Association shall have the obligation to erase Personal Data without undue delay where one of the following grounds applies:

 

  • The Personal Data is no longer necessary in relation to the purposes for which they were collected or otherwise processed;

  • You withdraw consent to which the processing is based according to point (a) of Article 6(1) of the GDPR, or point (a) of Article 9(2) of the GDPR, and where there is no other legal ground for the processing;

  • The data subject objects to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) of the GDPR;

  • The Personal Data has been unlawfully processed;

  • The Personal Data must be erased for compliance with a legal obligation in accordance with the applicable law to which the Association is subject; and/or

  • The Personal Data has been collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR.

 

If any one of the aforementioned reasons applies, and you wish to request the erasure of Personal Data stored by the Association, you may at any time contact the responsible person as stated in section 3 of this Privacy Policy. The responsible person at the Association shall promptly ensure that the erasure request is complied with as soon as possible.

 

6.5 Right to restriction of processing

 

You have the right to obtain from the Association restriction of processing where one of the following applies:

 

  • the accuracy of the Personal Data is contested by you, for a period enabling the Association to verify the accuracy of the Personal Data;

  • the processing is unlawful and you oppose the erasure of the Personal Data and requests instead the restriction of their use instead;

  • the Association no longer needs the Personal Data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims; and/or

  • the data subject has objected to processing pursuant to Article 21(1) of the GDPR pending the verification whether the legitimate grounds of the Association override those of the data subject.

 

If any one of the aforementioned conditions is met, and you wish to request the restriction of the processing of Personal Data stored by the Association, you may at any time contact the Association’s responsible person. The responsible person will arrange the restriction of the processing.

 

6.6 Right to object

 

You have the right to object, on grounds relating to your particular situation, at any time, to the processing of Personal Data concerning you, which is based on point (e) or (f) of Article 6(1) of the GDPR. This also applies to profiling based on these provisions.

 

The Association shall no longer process the Personal Data in the event of the objection, unless the Association can demonstrate reasonable grounds for the processing, which override the interests, rights and freedoms of you, or for the establishment, exercise or defense of legal claims. In order to exercise the right to object, you may directly contact the responsible person.

 

6.7 Automated individual decision-making, including profiling

 

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you, or similarly significantly affects you, as long as the decision (1) is not necessary for entering into, or the performance of, a contract between you and the Association, or (2) is not authorized by the applicable law and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or (3) is not based on your explicit consent.

 

If the decision (1) is necessary for entering into, or the performance of, a contract between you and the Association, or (2) it is based on your explicit consent, the Association shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express their point of view and contest the decision.

 

Please note that the Association does not use automatic decision-making but we may use profiling according to these Privacy Policy rules.

 

6.8 Right to withdraw data protection consent

 

You have the right to withdraw your consent to processing of your Personal Data at any time.

 

If you wish to exercise the right to withdraw the consent, you may at any time directly contact the responsible person as stated in section 3.

7. California Privacy Rights

This Supplemental California Privacy Notice only applies to our processing of Personal Data that is subject to the California Consumer Privacy Act of 2018 (“CCPA”). The CCPA provides California residents with the right to know what categories of Personal Data the Association has collected about them and whether the Association disclosed that personal information for a business purpose (e.g., to a service provider) in the preceding 12 months. California residents can find this information below:

Category of Personal Information Collected by Permission

Identifiers.

A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, or other similar identifiers.

Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))

A name, signature, Social Security number, physical characteristics or description, address, telephone number, driver’s license or state identification card number, employment, employment history, credit card number, debit card number, or any other financial information.

Protected classification characteristics under California or federal law

Age, national origin, marital status, sex (including gender).

Commercial information

Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

Biometric information

Physiological or biological characteristics that can be used to establish individual identity, such as the user’s face, from which an identifier template such as a faceprint, can be extracted.

Internet or other electronic network activity

Browsing history, search history, information on a consumer’s interaction with an internet website, application, or advertisement.

Inferences drawn from other personal information to create a profile about a consumer

Profile reflecting a consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Category of Third Parties Information is Disclosed to for a Business Purpose

• Advertising networks
• Data analytics providers
• Consumer data resellers (not including SSN)
• Service providers

 Advertising networks
• Data analytics providers
• Consumer data resellers (not including SSN)
• Service providers

• Advertising networks
• Data analytics providers
• Consumer data resellers
• Service providers

• Advertising networks
• Data analytics providers
• Consumer data resellers
• Service providers

Not shared

• Advertising networks
• Data analytics providers
• Consumer data resellers
• Service providers

• Advertising networks
• Data analytics providers
• Consumer data resellers
• Service providers

The categories of sources from which we collect Personal Data and our business and commercial purposes for using Personal Data are set forth in “Data processing in connection with the Sites” above. 

 

California residents have the right not to receive discriminatory treatment by us for the exercise of their rights conferred by applicable law. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your Personal Data. You may also make a verifiable consumer request on behalf of your minor child. To designate an authorized agent, you may contact the responsible person as stated in section 3 of this Privacy Policy and provide written authorization signed by you and your designated agent. To protect your privacy, we will take the following steps to verify your identity before fulfilling your request. When you make a request, we will ask you to provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Data or an authorized representative, which may include asking you to answer questions regarding your use of our services.

 

California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits California residents to request and obtain from us, once a year and free of charge, information about categories of Personal Data (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared Personal Data in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to the responsible person as stated in section 3 of this Privacy Policy.

8. Duration of the Storage

The Association will process and store the Personal Data of the data subject only for the period necessary to achieve the purpose of storage, or as far as this is granted by the applicable laws or regulations. If the storage purpose is not applicable, or if a storage period prescribed by the applicable laws expires, the Personal Data is routinely erased in accordance with the legal requirements.

9. Minors

The Association does not knowingly collect or use any Personal Data from minors. A minor may be able to willingly share personal information with others, depending on the products and/or media channels used. If a minor provides us with their information without the consent of their parent or guardian, we will ask the parent or guardian to contact us for the purpose of deleting that information.

10. Updates to the Privacy Policy

The Association may update this Privacy Policy from time to time and inform you on the Websites that the policy has been amended. The current version of the Privacy Policy, as published on our Website, is applicable. With each update to our policies, we will note which sections have been updated.

11. More Information About Privacy Regulations

For more information on applicable privacy regulations, you may refer to:

 

 

Please do not hesitate to contact us at support@permissionassociation.org if you have any questions regarding this Privacy Policy.

 

Last updated: April 15, 2022

bottom of page