Permitted, LLC, along with its US subsidiaries (collectively, “Permitted”), is a leading provider of sales tax permit registration services in the United States. In order to provide these services, we must collect, maintain and use financial and other personal information. Protecting consumer privacy is important to Permitted.
Privacy Shield Privacy Statement
The Federal Trade Commission (FTC) has jurisdiction over Permitted’ compliance with the Privacy Shield.
“Personal Information” or “Information” means information that (1) is collected in the United States; (2) is recorded in any form; (3) is about, or pertains to a specific individual; and (4) can be linked to that individual. “Sensitive Personal Information” means personal information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, trade union membership or that concerns an individual’s health. Permitted’ services do not include the collection of Sensitive Personal Information.
Types of data collected and purpose of collection:
Data collected from the public via the Permitted website: Permitted collects data from the general public via the Permitted web site. This data may include information volunteered by an individual who wants to obtain more information about Permitted’ services or data which indicates who accessed Permitted’ web site and which pages they accessed. The latter type of data may or may not include Personal Information. This data is used for Permitted’ marketing and sales purposes and is not passed to third parties for any purpose other than assisting Permitted in its marketing and sales efforts. Permitted does not sell this data to third parties. Third parties who do receive this type of data are obligated to use the data only for the contracted purpose and to maintain the confidentiality of the data.
Permitted performs its sales tax permit registrations without permanently maintaining personally identifiable information. Personally identifiable information is only used and retained to the extent necessary for the administration of the services. We primarily receive personally identifiable information as a result of consumers’ financial transactions with sellers. However, in the event Permitted collects information directly from consumers, we will obtain the personal information that is needed to provide our goods or services, to provide customer service and to fulfill any legal or regulatory requirements.
Data collected from customers related to Permitted’ services: Permitted’s customers provide Permitted with Personal Information necessary for Permitted or its customers to make file sales tax permits with states. This may include social security. Permitted may also collect data about individuals from government-run or sponsored web sites, such as sites designed to verify that social security numbers are accurate. This data is used solely for the provision of Permitted’ services to its customers and is not used for any other purpose.
Individuals who have provided information to Permitted via its web site may contact Permitted to have their names and information removed from Permitted’ marketing and sales databases. Permitted complies with U.S. federal legislation that requires all marketing emails to include the means to opt out of such email.
As you browse Permitted.com, advertising cookies will be placed on your computer so that we can understand what you are interested in. Our display advertising partner, Google AdWords, then enables us to present you with retargeting advertising on other sites based on your previous interaction with Permitted.com.
The techniques our partners employ do not collect personal information such as your name, email address, postal address or telephone number. You can visit this page to opt out of AdWords and their partners’ targeted advertising.
Data collected from the public via the Permitted website may be transferred to:
- Permitted’s sales tax permit filing team
• Permitted’s data hosting services providers
• Permitted’ printing partners
These third parties all either: (a) have subscribed to the Privacy Shield Principles, (b) adopted the Model Clauses, or (c) have a contractual obligation to Permitted which prohibits them from making any use of the data beyond what is required to fulfill their obligations to Permitted.
Data collected from customers related to Permitted’ services may be transferred to:
- Government agencies: Permitted may transfer sales tax permit related data to government agencies
• Permitted’ data hosting services providers
• Applicable member states of the Streamlined Sales Tax Initiative
• Permitted’ print services providers
Permitted lacks the power to dictate what government agencies do with the data. Permitted provides government agencies only with data required to fulfill tax reporting requirements of Permitted and its customers. Permitted’ data hosting services provider have a contractual obligation to Permitted which prohibits them from making any use of the data beyond what is required to fulfill their obligations to Permitted.
Except for disclosures to government agencies, Permitted shall ensure that any third party for which Personal Information may be disclosed subscribes to the Principles or are subject to law providing the same level of privacy protection as is required by the Principles or agree in writing to provide an adequate level of privacy protection.
In certain rare instances, law enforcement officials or a court may issue a subpoena that obligates Permitted to disclose those of its records relevant to an investigation. When that happens, Permitted makes sure that the disclosure of records is as narrow as possible. When the subpoena permits such notice, Permitted will notify the impacted individual of the subpoena and impending disclosure.
Permitted shall take reasonable steps to protect the Information from loss, misuse and unauthorized access, disclosure, alteration and destruction. Permitted has put in place appropriate physical, electronic and managerial procedures to safeguard and secure the Information from loss, misuse, unauthorized access or disclosure, alteration or destruction. Although information sent to and from Permitted is secured according to industry best practices, Permitted cannot guarantee the security of Information on or transmitted via the Internet.
Permitted shall only process Personal Information in a way that is compatible with and relevant for the purpose for which it was collected or authorized by the individual. To the extent necessary for those purposes, Permitted shall take reasonable steps to ensure that Personal Information is accurate, complete, current and reliable for its intended use.
Permitted shall allow an individual access to their Personal Information and allow the individual to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated. Where the information the individual seeks to edit was provided by a Permitted customer, Permitted will need to contact the customer and will only change the information after the customer has verified that the original information was inaccurate. Access can be initiated via email to Marketing@Permitted.com.
If a situation arises where you have a privacy dispute, please contact Permitted directly and we will be happy to work with you in a fair and practical manner (see Permitted contact information at the bottom of this page). If after speaking with Permitted, you feel that you have not come to a mutually agreeable resolution, we will use JAMS as a mediator in Minneapolis, Minnesota, or such other location as we may agree upon. Information about JAMS is available at http://www.jamsadr.com. If requested, Permitted will select a mediator familiar with data privacy practices. When possible and warranted, we will select a mediator familiar with the Privacy Shield Principles. Mediation fees will be shared by the parties in accordance with Privacy Shield requirements. Permitted agrees that a mediated settlement may be entered and enforced by any court of competent jurisdiction.
If after mediation a resolution is still not found, as a last resort and in limited situations, individuals may seek redress from the Privacy Shield Panel, a binding arbitration mechanism.
Questions, comments or complaints regarding Permitted’ privacy, data collection and processing practices can be mailed:
6993 Dexter St.
Commerce City, CO 80022
Or emailed to: email@example.com