Skip to main content
Back to Home

Privacy Policy

Last updated: December 2024

1. Introduction

Permission Please ("we," "our," or "us") is committed to protecting the privacy of students, parents, teachers, and school administrators who use our digital permission slip platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information.

We understand the sensitive nature of student data and have designed our platform with privacy and security as core principles.

2. Information We Collect

2.1 Information Provided by Schools

  • School name and contact information
  • Teacher names and email addresses
  • Student names and grade levels
  • Parent/guardian names and email addresses

2.2 Information Collected During Use

  • Electronic signatures (stored securely)
  • Form responses and consent records
  • IP addresses (partially masked for privacy)
  • Timestamps of actions for audit purposes

2.3 Technical Information

  • Browser type and device information
  • Usage patterns and access logs

3. How We Use Information

We use collected information solely for:

  • Providing and operating the permission slip service
  • Sending permission requests and confirmations to parents
  • Enabling teachers to track form completion status
  • Maintaining audit trails for compliance purposes
  • Improving and securing our platform
  • Communicating service updates and important notices

4. What We Do NOT Do

  • We do NOT sell student or parent data to third parties
  • We do NOT use student data for advertising or marketing
  • We do NOT build profiles on students for non-educational purposes
  • We do NOT share data with third parties except as needed to operate the service

5. Data Security

We implement industry-standard security measures including:

  • Encryption of data in transit (HTTPS/TLS)
  • Secure password hashing (bcrypt)
  • Role-based access controls
  • Regular security audits
  • IP address masking in logs
  • Rate limiting to prevent abuse

6. Data Retention

We retain permission records and signatures for a period determined by your school's requirements, typically aligned with state record retention guidelines. Schools can request deletion of their data at any time.

Audit logs are retained for compliance purposes and are automatically anonymized after the retention period.

7. Third-Party Services

We use the following third-party services:

  • Email Delivery: Resend (for sending permission requests and notifications)
  • Hosting: Cloud infrastructure providers with SOC 2 compliance
  • Database: PostgreSQL with encryption at rest

All third-party providers are bound by data processing agreements that protect your information.

8. COPPA Compliance

Permission Please is designed for use by schools and requires parental consent for any collection of information related to children under 13. We:

  • Collect only information necessary for the service
  • Obtain verifiable parental consent through the electronic signature process
  • Allow parents to review and request deletion of their child's information
  • Do not condition participation on providing more information than necessary

9. Your Rights

You have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your data (subject to legal retention requirements)
  • Receive a copy of your data in a portable format
  • Withdraw consent for optional data processing

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify schools of any material changes via email and update the "Last updated" date at the top of this page.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Permission Please
Email: privacy@permissionplease.app
For data deletion requests: privacy@permissionplease.app

View Terms of Service →