Welcome to Permutive. This privacy notice explains how we collect, use, and share your personal information when you:
This privacy notice does not apply to personal information collected by our Customers from their customers and website visitors (“Customers’ End Users”) which they share with us when they use our Services (“Customer Data”). To learn more about how our Customers handle your personal information and how they share it with us, we recommend that you read that Customer’s privacy notice.
Please Note: When we refer to “Permutive”, “we”, “us” or “the Company” in this Notice we are referring to Permutive, Inc. and any relevant affiliate(s) involved in the processing activity, all of whom are listed in the “Contact Us” Section of this privacy notice.
We recommend that you read this privacy notice in full to ensure you are fully informed. However, if you only want to access a particular section of this notice, then you can click on the relevant link below to jump to that section.
“Customers” means any of our customers (including the individuals working for our customers) to whom we provide the Services. Customers also include prospective customers, such as contacts who we have communicated with but have not yet engaged us to provide services.
“Suppliers” means those external vendors, consultants, and service providers that provide services to Permutive.
“Permutive Website Visitors” means individuals who visit our Website from whom we receive personal information.
“Personal information” (or “personal data”) means any information about an individual from which that person can be identified. It does not include data where the identity of the individual has been removed or cannot be identified.
Categories of personal information we collect.
We may collect, use, store, transfer or otherwise process different kinds of personal information about you which we have grouped together into the following categories:
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal information but is not considered personal information as this data does not directly or indirectly reveal your identity to us where it is aggregated and anonymized.
Directly from you. We may ask you to provide personal information when you create a Permutive account, when you use certain parts of our Website and Services, when you attend our events and webinars, when you interact with us at a conference, during the course of your engagement to provide services to us as a Supplier, or when you correspond with us by phone, email, or otherwise.
From third-party sources. We may collect personal information about you through your colleagues or, where available, through publicly available sources, such as professional networking sites and general market research.
Customers. We collect Identity Data, Contact Data, Financial Data, and Marketing and Communications Data about you or other relevant individuals at your organization in the course of setting up your account and providing the Services to you. We also automatically collect Technical Data and Usage Data about you when you access our Services (including the Customer dashboard) or interact with our Website. This information is aggregated for purposes such as reporting on usability, performance, and effectiveness.
Individuals who interact with Permutive personnel. We may collect Identity Data, Contact Data, and Marketing and Communications Data about you when you register for and/or attend a Permutive webinar, sponsored event, or other events at which Permutive participates to facilitate your registration or attendance at a webinar or event, including sending related communications to you and information about our products and services.
Suppliers. We collect Identity Data, Contact Data and Financial Data about you, or individuals at your organization, in the course of receiving services from you.
Permutive Website Visitors
Other individuals who interact with Permutive personnel.
We may share and disclose your personal information with the following parties for the purposes described in this privacy notice:
Suppliers. We use a number of Suppliers who perform functions on our behalf and/or help us in providing the Services, such as cloud-based software and hosting suppliers, CRM software suppliers and web analytics providers. We do not allow our Suppliers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.
Professional advisors. We may disclose personal information to professional advisors, such as lawyers, auditors and insurers, as necessary in the course of the professional services they provide us with.
Group companies. We may share information with affiliates within the Permutive corporate group to the extent such sharing of data is necessary to fulfil a request that you have submitted via our Website, or for customer support, sales and marketing, technical operations and account management purposes.
Customers. We may share information with Customers in connection with the Services and for the purposes described above.
Successors to All or Part of Our Business. We may share your personal information with a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding. Note that if Permutive is sold to or otherwise acquired by a third party, all of Permutive’s data assets, including the personal information you share with us, will become the property of the acquiring party. If a change happens to our business, the new owners may use your personal information in the same way as set out in this privacy notice.
Compliance with laws and law enforcement; Protection and Safety. We may disclose information about you to law enforcement agencies, regulatory or government bodies, or other third parties in order to: respond to legal process; comply with any legal obligations; protect or defend our rights, interests or property or that of third parties; or prevent or investigate wrongdoing in connection with the Website or the Services.
Your personal information may be transferred to, and processed in, countries other than the country in which you are located. For example, suppliers or processors we use are based in the European Economic Area (“EEA”) and the United States so if you are in one of those localities, this would involve a transfer to the other. Permutive has offices in both the United States and the United Kingdom so any data that is shared within the Permutive group of companies may be transferred between these locations as well.
Whenever we transfer your information internationally, we ensure a similar degree of protection is afforded to it by ensuring appropriate safeguards are implemented. Please contact us if you want further information about the specific mechanism used by us when transferring your personal information outside the UK and EEA.
Keeping your information secure is important to us. We maintain a variety of industry-standard security technologies and procedures to help protect your information from unauthorized access, use, or disclosure, including procedures designed to limit access to the data within Permutive to those who have a genuine business need to know it. Those processing your information have contractually agreed to do so only in an authorized manner and are subject to a duty of confidentiality.
Despite these measures, please remember that Permutive cannot fully eliminate security risks associated with your information. You are solely responsible for protecting any passwords, limiting access to your devices, and signing out of websites after each session.
We will only retain your personal information for as long as necessary to fulfil the purposes for which it was collected. This may include satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information, and whether we can achieve those purposes through other means, and the applicable legal requirements.
You will receive marketing communications from us if you have requested information from us or purchased services from us and, in each case, you have not opted out of receiving that marketing. You can ask us to stop sending you marketing messages at any time by following the opt-out links in any marketing message sent to you or by contacting us at firstname.lastname@example.org. Please note that opting out of marketing communications does not opt you out of receiving important business communications, such as service announcements or security information.
This Website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Website, we encourage you to read the privacy notice of every website you visit.
Our Website and Services are not intended for children and we do not knowingly collect data relating to children.
If you do not provide us with certain requested personal information or object to the processing of your personal information, this may limit our ability to provide the Services. You can still visit our Website and learn more about Permutive without giving us your personal information, but we will need your contact details to administer and respond to any enquiries you submit via the Website or otherwise.
Individuals located in the UK and EEA have certain statutory rights in relation to their personal information. Subject to any exemptions provided by law, you may have the right to:
Access. Request access to your personal information (commonly known as a “data subject access request”) and to certain additional information about our processing of your personal information that this privacy notice is designed to address.
Correct. Request correction of the personal information we hold about you. This enables you to update or correct any inaccuracies in your personal information.
Delete. Ask us to delete or remove your personal information from our system where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
Transfer. Ask us to transfer a machine-readable copy of your personal information to you and/or a third party of your choice.
Object. You can object: (1) to processing of your personal information at any time for direct marketing purposes, (2) to decisions being taken by automated means which produce legal effects concerning you or which significantly affect you, and (3) in certain other situations to our continued processing of your personal information.
Restrict. Restrict processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
Withdraw. Withdraw your consent to our processing of your personal information, where we have collected and processed it with your consent.
We value your privacy and your rights as a data subject and have therefore appointed Prighter as our privacy representative and your point of contact. Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative Prighter or make use of your data subject rights, please visit: https://prighter.com/q/12427880
If you would like to submit a question or complaint about our use of your personal information or request a response, please email our DPO at email@example.com and let us have enough information to identify you. We may need to request specific information from you to help us confirm your identity. This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
We hope that we can resolve any query or concern that you raise about our use of your personal information.
You also have the right to lodge a complaint with your supervisory authority in the UK or EEA state where you work, normally live or where any alleged infringement or data protection laws occurred.
We process your personal information:
For the performance of a contract. For example, if you are a customer we may process your personal information in connection with providing the Services to you such as to operate your account, administer or manage our business relationship with you.
For our legitimate interests. For example, if you are a customer, for marketing purposes, or for fraud prevention and safety purposes, we consider this processing to be a legitimate interest and that your data protection interests and fundamental rights do not override those interests.
For a legal obligation. For example, if we are legally required to hold your personal information to comply with applicable legal or regulatory requirements, such as disclosure to regulators and for purposes of disputes or legal proceedings affecting us.
If you have any questions about or need further information concerning the legal bases on which we collect and use your personal information, please contact us at firstname.lastname@example.org.
California law provides residents with additional rights to request access to and deletion of certain personal information, to know whether personal information is shared, and to opt out of the “sale” of personal information. Some California laws also may define “personal information” differently from this notice. To understand how we honor these California rights, to make requests regarding these rights, and to learn more about how California law defines “personal information,” please visit “Your California Privacy Rights”.
We may update this privacy notice from time to time in response to changing legal, technical, or business developments. If we change this privacy notice, we will inform you by updating this section.
Our Data Protection Officer (“DPO”) is responsible for overseeing questions in relation to this privacy notice. If you have any questions, comments or concerns about this privacy notice, please contact us at email@example.com. Or you can write to us at:
Attn: Data Protection Officer
145 City Road,
511 W 25th Street,