Privacy Policy

Last updated: February 11, 2021

https://gitlab.com/permission/privacy/blob/master/privacy-policy.md

Permission.io, Inc. (“Permission”, “we”, “us” or “our”) respects the privacy of our users (“user”, “you”, or “your”). This Policy applies to information we collect when you use our websites https://Permission.io and all subdomains of https://Permission.io including any other media form, media channel, forums, mobile website, or mobile application related or connected thereto provided or officially sponsored by Permission, any other Permission websites that link to this Policy (collectively, the “Websites”) or Permission Services.

Our belief is that any personal information provided to us by you is just that: personal and private. This Privacy Policy (“Privacy Policy”, “Policy”), explains how we collect, use, disclose, and safeguard your information when you visit our Websites, and your rights under applicable law. Please read this Privacy Policy carefully.

  1. Definitions
  2. Automated website analytics and cookies
  3. We use tracking pixels for email updates and newsletters
  4. Do-Not-Track signals
  5. Personal Data We Collect
  6. How long do we keep your data?
  7. How do we use your information?
  8. When do we share your information?
  9. What are my rights with personal data?
  10. How do you protect my information?
  11. Policy For Minors
  12. California Privacy Rights
  13. Supplemental Notice for Nevada Residents
  14. Notice to All Non-US Residents
  15. Changes to This Policy
  16. How Can You Contact Us About This Policy

1. Definitions

We believe that our policies should be legible and easy to understand for the general public, as well as our customers and business partners. All terms used below have the definitions provided under applicable laws, such as the EU General Data Protection Regulation (GDPR).

2. Automated website analytics and cookies

We partner with selected third-party vendors, described below, which may allow tracking technologies and remarketing services on our Websites through the use of first-party cookies and third-party cookies, to, among other things, analyze and track users’ use of our Websites, determine the popularity of certain content, better understand online activity, and serve targeted advertisements. You are encouraged to review their privacy policies and contact them directly for responses to your questions.

Note: You should be aware that getting a new computer, installing a new Internet browser, upgrading an existing browser, or erasing or otherwise altering your Internet browser’s cookies may also clear certain opt-out cookies, plugins or settings.

We may use cookies, web beacons, tracking pixels, and other tracking technologies on our Websites to help customize the Websites and improve your experience.
To improve our Websites, Permission may use the following “cookies” to track your visit:

Provider Purpose
Auth0 To handle user registration, login, and authentication.
Google Analytics To measure effectiveness of advertising and users’ interaction with content.
Facebook To enable functionality with social media features.
Twitter To enable functionality with social media features.
Youtube To enable functionality with social media features.
Linkedin To enable functionality with social media features.
Medium To enable functionality with social media features.
Reddit To enable functionality with social media features.
Telegram To enable functionality with social media features.
GitLab To enable functionality and link to our code repository
SendGrid To orchestrate email communication with Members
Sendinblue For targeted advertising.
AddThis For targeted advertising.
Google Ad Exchange/DoubleClick For targeted advertising.

3. We use tracking pixels for email updates and newsletters

Our newsletter and emails sent from or on behalf of Permission may contain tracking pixels, or a transparent image embedded in emails to enable log file recording and analysis. We use information collected in this manner to perform statistical analysis of the success or failure of online marketing and customer outreach efforts. Based on the embedded tracking pixel, we may be able to determine if and when an email was opened, and which links in the email were accessed.

Personal data collected using tracking pixels is stored and analyzed by us to optimize the delivery of our newsletters and emails, and to improve the relevance of the distributed content. Many email clients and web browsers support functionality to opt out or prevent the use of these tracking mechanisms, however, users are entitled to revoke their consent to receiving our newsletter at any time.

4. Do-Not-Track signals

Many web browsers and some mobile operating systems include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. We do not currently respond to DNT browser signals.

5. Personal Data We Collect

When you access or register with the Websites, you may be required to provide an email address and password. Once you have created an account, in order to set up your wallet, you will need to provide a photo of yourself, as well as a photo of your government-issued identification. In order to receive our ASK currency, you may also choose to provide additional information to us, including but not limited to:

  • your first and last name,
  • your postal address,
  • email address, phone number and other similar contact data,
  • your age,
  • your gender,
  • your nationality,
  • your occupation,
  • your annual household income,
  • your marital status,
  • your number of children,
  • your hometown, place of employment and interests.

You are free to change or completely remove any information shared with us at any time. However, refusing to provide requested personal data might prevent you from using certain features of the Websites. If you use our Websites to withdraw and/or transfer your ASK currency to another ASK-compatible wallet, we or our service providers may collect additional information to verify your identity in accordance with our legal obligations.

We may provide you with the option to register using social media account details, like Facebook, LinkedIn, Twitter or other social media accounts. Where you choose to do this, we will receive certain profile information about you from your social media provider. The profile information we receive may vary depending on the social media provider concerned, but will often include your name, email address, friends list, profile picture as well as other information you choose to share with us. We will use the information we receive only for the purposes that are described in this privacy policy or that are otherwise made clear to you on the Websites. Please note that we do not control, and are not responsible for, other uses of your personal information by your third-party social media provider. We recommend that you review their privacy policy to understand how they collect, use and share your personal information, and how you can set your privacy preferences on their sites and apps.

If you consent to our collection of biometric information, you agree that we may collect your facial geometry from your photograph in order to verify that it matches your government-issued ID. Your biometric information is not shared with any third party, and is deleted after the verification is complete.

You might provide financial data

When you purchase, order, return, exchange or request information about our services from the Websites, you may be asked to share financial data with us related to your payment method. This information may include your valid credit card number, card brand, and expiration date, as well as other details necessary to process your payment information. This financial information is processed and stored by our payment processors, such as Stripe and PayPal. We encourage you to review their privacy policies and contact them directly for responses to your questions.

You might voluntarily share additional data when communicating with us

You may choose to contact us by email or through our Websites for a variety of purposes such as product or company inquiries, customer support inquiries and sales requests. When you do this, we collect any information you voluntarily submit to us, such as your first and last name, email address, phone number, job title and company name. Throughout our Websites, we may also provide the opportunity to register for events or conferences, order or request white papers, or participate in online surveys. When we collect this type of information, we will notify you as to why we are asking for information and how this information will be used. It is completely up to you to choose whether or not you want to provide it.

We do collect some general data

Whenever you (or any other manual or automated system) accesses our Websites, we collect some general data and information about the request and store the relevant details in server or system log files. This data includes details like your IP address, your browser type and version used, mobile identifiers, MAC address, your device type and operating system, the time and date you accessed the Websites, and the pages you viewed directly before and after accessing the Websites. Additional detail may be collected or derived from this information for use in the event of an attack on our information technology systems.

To support these efforts, we analyze de-identified or aggregated collected data and information statistically, with the aim of increasing the data protection and security of our company, and to maintain an optimal level of protection for the personal data we process.

6. How long do we keep your data?

We only process and keep any personal data that you share with us for as long as needed to achieve the purpose of storage, as long as consent is maintained, or as long as is granted by laws or regulations we are subject to. The exact length of time we keep personal data depends on the respective statutory retention period for that type of information. After that period of time passes, or if storage of personal data is not applicable, personal data is routinely blocked, deleted or erased.

If you would at any time like to review or change the information in your account or terminate your account, you can do so by logging into your account settings and updating your user account. Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, some information may be retained in our files to prevent fraud, troubleshoot problems, assist with any investigations, comply with legal requirements and/or enforce our Terms of Use.

To opt out of newsletters and/or email marketing from us, you may indicate your preference by following the unsubscribe instructions provided in the newsletter, or by changing your preferences within your account settings. Despite your indicated email preferences, we may send you notices of any updates to our Terms of Use or Privacy Policy where permitted by law.

7. How do we use your information?

Having accurate information about you helps us provide a smooth, efficient, and customized experience. Generally speaking, we use any information we collect to provide services to you, keep our Websites running smoothly, and protect us legally. More specifically, we may use information collected about you to:

  • Create and manage your account
  • Contact you about your account or orders
  • Send you a newsletter once you successfully subscribe
  • Respond to your comments, questions and requests and provide customer service
  • Send you technical notices, updates, security alerts and support and administrative messages
  • Compile aggregated or de-identified statistical data for use internally or with third parties
  • Maintain and improve the efficiency and operation of our Websites and products
  • Assist with the development of our products and other purposes related to Permission’s business
  • Monitor and analyze usage and trends to improve your experience with our Websites and products
  • Process and deliver contest entries and rewards
  • Assist law enforcement and respond to subpoenas, and to resolve disputes and troubleshoot problems
  • To prevent account fraud and for security purposes

In accordance with applicable law, information covered by this Policy may be transferred to, and processed in, the United States or any other country in which Permission or its affiliates, subsidiaries or service providers maintain facilities, even if the level of data privacy required in that country is less than that required by the European Union or other jurisdictions. We endeavor to protect your data in compliance with all applicable laws. We may engage in automated decision making, including profiling. Our processing of your personal information will not result in a decision based solely on automated processing that significantly affects you unless such a decision is necessary as part of a contract we have with you, we have your consent, or we are permitted by law to engage in such automated decision making. If you have questions about our automated decision making, you may contact us as set forth below.

8. When do we share your information?

To obey the law or protect rights

If we believe the release of information about you is necessary under any applicable law, rule or regulation, to respond to legal process, to investigate or remedy potential violations of our policies or fraudulent activities, or when we believe in good faith that disclosure is necessary to protect our rights, property, and safety, we may share your information, including exchanging information with other entities for fraud protection and credit risk reduction.

With Service Providers to support necessary business activities and our Advertising Partners

We may share your personal with third parties necessary to provide you with services you have requested, such as our hosting, identity verification services (including KYC verification where required under applicable law), email service, analytics, customer service, parcel delivery service, event or campaign management providers. These parties are authorized to use your personal data only as necessary to provide these services to us or on our behalf.

We may also share your personal information with third-party advertising partners. These third-party advertising partners may set Technologies and other tracking tools on our Services to collect information regarding your activities and your device (e.g., your IP address, cookie identifiers, page(s) visited, location, time of day). These advertising partners may use this information (and similar information collected from other services) for purposes of delivering personalized advertisements to you when you visit digital properties within their networks. This practice is commonly referred to as “interest-based advertising” or “personalized advertising.

If you choose to share it

Our Websites offer publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog or community forum, contact us at dpo@permission.io.

We also provide certain social media features on our Websites, such as the Facebook Like button and widgets, such as the “Share This” button or other interactive mini-programs that run on our Websites. These features may collect your IP address, which page you are visiting on our Websites, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Websites. Your interactions with these features are governed by the privacy policy of the company providing the feature.

Additionally, certain features on our Websites, specifically those for applying to a job opening at Permission, you may use sign-in services such as LinkedIn or other OpenID providers. These services will authenticate your identity, provide you with the option to share certain personal information (such as your name and email address) with us, and to pre-populate our application form. Services like LinkedIn often give you the option to post information about your activities on our Websites to your profile page to share with others within your network.

We may also partner with other companies that offer products or services related to ours or that host or sponsor-related events. In such instances, we may share your information with these business partners if you provide your personal information to event sponsors at their booths or presentations.

If you leave the Websites to visit a third-party site

Our Websites may contain links to third-party websites and applications of interest, including advertisements, affiliate links and external services, that may or may not be connected with us. Additionally, some of our Websites may use framing techniques to serve content to or from our partners while preserving the look and feel of our Websites. Once you have used these links, any information you provide to these third parties is not covered by this Privacy Policy, and we cannot guarantee the safety and privacy of your information. Before visiting and providing any information to any third-party websites, we encourage you to inform yourself of the privacy policies and practices (if any) of the third party responsible for that website. You should take those steps necessary to protect the privacy of your information as you see fit. We are not responsible for the content or privacy and security practices and policies of any third parties, including other websites, services or applications that may be linked to or from the Websites.

Note: Permission does not endorse or make any representations about third-party websites. We encourage you to carefully read the privacy policy of any website you visit.

In the event of a merger or acquisition

If Permission is involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, your information may be shared with the successor entity or third party. Where required by law, you will be notified by email and/or a prominent notice on our Websites of any change in ownership or uses of your personal data, as well as any choices you may have regarding your personal data.

9. What are my rights with personal data?

We recognize that you have certain rights in regards to your personal data. We feel that your privacy and ability to preserve and exercise your rights is very important. You are encouraged to review and understand these rights as they pertain to you and your personal data. Subject to applicable law, you may have the following rights:

  • Access Personal Information about you, including: (i) confirming whether we are processing your personal information; (ii) obtaining access to or a copy of your personal information; and (iii) receiving an electronic copy of personal information that you have provided to us, or asking us to send that information to another company (the “right of data portability”);
  • Request Correction of your personal information where it is inaccurate or incomplete. In some cases, we may provide self-service tools that enable you to update your personal information;
  • Request Deletion of your personal information;
  • Request Restriction of or Object to our processing of your personal information; and
  • Withdraw your Consent to our processing of your personal information.

In support of these rights, upon request and subject to applicable law, Permission will provide you with information about whether we hold any of your personal data if you contact us as provided below in “How Can You Contact Us About This Policy.” You may update, correct or delete information about you at any time logging into your account and updating your preferences. If you wish to delete or suspend your account, please do so under your account settings page, but note that we may retain certain information as required by law or for legitimate business purposes. If you have become aware that an account has been created about you without your knowledge or consent, you may contact us at dpo@permission.io to request deletion of that account.

For your protection, we may only implement requests with respect to the personal information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request, such as by asking you to provide information you used to create your account, or by asking you questions about your use of our Services. We will process all requests in accordance with applicable law.

Note: We will retain and use your information, including cached or archived copies, as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

10. How do you protect my information?

Permission takes reasonable administrative, technical and physical security measures to help protect your personal data from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction. We follow generally accepted standards to protect the personal data submitted to us, both during transmission and once it is received, taking into account the nature of such data and the risks involved in processing, and comply with applicable laws and regulations.

While we have taken reasonable steps to secure the personal data you provide to us, please be aware that no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse. Any information disclosed online is vulnerable to interception and misuse by unauthorized parties. Therefore, we cannot guarantee complete security if you provide personal data via our Websites.

If you have any questions about security or any reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please contact us at security@permission.io.

11. Policy For Minors

We do not knowingly solicit information from or market to children under the age of thirteen (13). By using the Websites, you represent that you are at least 13 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Websites. If we learn that personal information from users less than 13 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records, except where we are required to retain it under applicable law. If you are a parent or guardian and believe we have collected from your child under age 13, please contact us with the information below.

Our Websites and products are not intended for, nor designed to attract individuals under the age of thirteen (13). Permission does not knowingly collect personally identifiable information from any person under the age of thirteen.

12. California Privacy Rights

This Supplemental California Privacy Notice only applies to our processing of personal information that is subject to the California Consumer Privacy Act of 2018 (“CCPA”). The CCPA provides California residents with the right to know what categories of personal information Permission has collected about them and whether Permission disclosed that personal information for a business purpose (e.g., to a service provider) in the preceding 12 months. California residents can find this information below:

Category of Personal Information Collected by Permission Category of Third Parties Information is Disclosed to for a Business Purpose
Identifiers.
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, or other similar identifiers.
• Advertising networks
• Data analytics providers
• Consumer data resellers (not including SSN)
• Service providers
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
A name, signature, Social Security number, physical characteristics or description, address, telephone number, driver’s license or state identification card number, employment, employment history, credit card number, debit card number, or any other financial information.
• Advertising networks
• Data analytics providers
• Consumer data resellers (not including SSN)
• Service providers
Protected classification characteristics under California or federal law
Age, national origin, marital status, sex (including gender).
• Advertising networks
• Data analytics providers
• Consumer data resellers
• Service providers
Commercial information
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
• Advertising networks
• Data analytics providers
• Consumer data resellers
• Service providers
Biometric information
Physiological or biological characteristics that can be used to establish individual identity, such as the user’s face, from which an identifier template such as a faceprint, can be extracted.
Not shared
Internet or other electronic network activity
Browsing history, search history, information on a consumer’s interaction with an internet website, application, or advertisement.
• Advertising networks
• Data analytics providers
• Consumer data resellers
• Service providers
Inferences drawn from other personal information to create a profile about a consumer
Profile reflecting a consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
• Advertising networks
• Data analytics providers
• Consumer data resellers
• Service providers

The categories of sources from which we collect personal information and our business and commercial purposes for using personal information are set forth in “Personal Data We Collect” and “How do we use your Information?” above, respectively.

Although we may allow other third-party advertising partners to use cookies and similar Technologies to collect your information for interest-based advertising purposes (as described above in “When do we share your information?” above), Permission only shares the personal information you provide to us for valuable consideration when you affirmatively authorize us to do through the Websites, in order to obtain ASK virtual currency. Therefore, Permission does not “sell” personal information for purposes of the CCPA, nor do we have actual knowledge of any “sale” of personal information of minors under 16 years of age.

California residents have the right not to receive discriminatory treatment by us for the exercise of their rights conferred by applicable law. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. To designate an authorized agent, please contact us as set forth in “How Can You Contact Us About This Policy” below and provide written authorization signed by you and your designated agent. To protect your privacy, we will take steps the following steps to verify your identity before fulfilling your request. When you make a request, we will ask you to provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include asking you to answer questions regarding your account and use of our Services.

This Privacy Policy uses industry-standard technologies and was developed in line with the World Wide Web Consortium’s Web Content Accessibility Guidelines, version 2.1. If you wish to print this policy, please do so from your web browser or by saving the page as a PDF.

California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us using the contact information provided below.

13. Supplemental Notice for Nevada Residents

If you are a resident of Nevada, you have the right to opt-out of the sale of certain Personal Information to third parties who intend to license or sell that Personal Information. You can exercise this right by contacting us at dpo@permission.io with the subject line “Nevada Do Not Sell Request” and providing us with your name and the email address associated with your account. Please note that we do not currently sell your Personal Information as sales are defined in Nevada Revised Statutes Chapter 603A – to the extent that receive monetary consideration for disclosing your data, it is only in the context in which you provide the information to operator for the purpose of receiving ASK virtual currency. If you have any questions, please contact us as set forth below.

14. Notice to All Non-US Residents

Our servers are located in the US. If you are located outside of the US, please be aware that any information provided to us, including personal information, may be transferred from your country of origin to the US. We endeavor to protect all personal information consistent with the requirements of applicable laws.

15. Changes to This Policy

If we make material changes, we will notify you by revising the date at the top of the Policy, and where required by law, we may provide you with more prominent notice (such as adding a statement to our homepage or sending you an email notification).

We encourage you to review the Policy whenever you access the Websites to stay informed about our information practices and the ways you can help protect your privacy.

16. How Can You Contact Us About This Policy

If you have questions or comments about this policy, you may contact our Data Protection Officer (DPO) at dpo@permission.io or via mail at 888 Prospect St. Suite 200, La Jolla CA 92037.

en English
zh-CN Chinese (Simplified)en Englishko Korean