Permisoft · Ceerf LLC

Privacy Policy

How Permisoft Collects, Uses, and Protects Your Personal Information

Last updated: June 11, 2026

This Privacy Policy describes how Ceerf LLC, doing business as Permisoft ("Ceerf LLC," "we," "us," or "our"), collects, uses, discloses, and protects personal information when you visit our website, create an account, purchase software, activate licenses, contact support, or otherwise interact with our marketplace and related services (collectively, the "Service"). We are committed to transparency and to handling your information responsibly. A central commitment of this policy: we do not sell your personal information. We do not sell personal data to data brokers, advertisers, or list renters. We do not monetize your identity by trading contact details for payment. Read this policy together with our Data Handling Policy, which provides additional operational detail about marketplace-specific practices.

1. Scope and Data Controller

This Privacy Policy applies to personal information processed by Ceerf LLC in connection with Permisoft as a marketplace for buyers and publishers. It does not govern third-party websites, publisher software that runs on your device, or services that link from our pages unless we expressly state otherwise.

For purposes of applicable data protection laws, Ceerf LLC acts as the controller of personal information described in this policy, except where we process information solely on behalf of publishers under separate written agreements, in which case roles are defined in those agreements and on relevant product pages.

If you have questions about this policy or wish to exercise privacy rights, contact us at support@ceerf.com.

2. We Do Not Sell Personal Data

Ceerf LLC does not sell, rent, or trade your personal information to third parties for their independent marketing or profiling purposes. We do not participate in data broker marketplaces. We do not exchange your email address, purchase history, or device signals for cash or other consideration.

When we share information, we do so with service providers and subprocessors that help us operate Permisoft—for example, payment processing, cloud hosting, email delivery, fraud prevention, and customer support tooling—under contracts that restrict their use of your data to providing services to us.

We may use aggregated or de-identified information that cannot reasonably be linked to you for analytics, product improvement, and security reporting. Aggregated data is not personal information and is not sold as personal profiles.

  • No sale of personal data to advertisers for targeted advertising based on your Permisoft activity.
  • No rental of customer lists to unrelated third parties.
  • No exchange of personal data for cross-context behavioral advertising profiles.
  • We do not use ad networks that sell individual-level audience segments derived from your purchases on Permisoft.

3. Categories of Personal Information We Collect

The information we collect depends on how you interact with the Service. We collect only what is reasonably necessary to operate the marketplace, fulfill purchases, prevent fraud, comply with law, and provide support.

  • Account information: name, email address, username, password hash, authentication tokens, account preferences, and communication settings.
  • Purchase and billing information: order history, product titles, prices paid, currency, billing address where provided, partial payment method metadata from Stripe (such as card brand and last four digits), tax identifiers where required, and invoices.
  • License and activation information: license keys issued to you, activation timestamps, seat counts, hashed device identifiers, installation fingerprints, deactivation events, and entitlement status.
  • Device and technical information: IP address, browser type, operating system, device type, language settings, referral URLs, and log data generated when you access the Service.
  • Support and communications: messages you send to support, attachments you provide, survey responses, and records of our replies.
  • Security and fraud signals: risk scores, velocity checks, dispute indicators, and records of policy enforcement actions tied to your account where applicable.
  • Cookies and similar technologies: session cookies, preference cookies, and analytics cookies as described in Section 14.

4. Sources of Information

We collect personal information directly from you when you register, checkout, activate software, update your profile, or contact us.

We also receive information from payment processors such as Stripe regarding transaction authorization, refunds, and chargebacks; from authentication providers if you choose social or single sign-on options when available; and from publishers only to the extent necessary to validate licenses or respond to support escalations you initiate.

We generate certain technical information automatically through server logs, application events, and security monitoring systems.

5. How and Why We Use Personal Information

We use personal information for legitimate business purposes connected to operating Permisoft. We do not use your purchase history to build advertising profiles for unrelated third-party ad networks.

  • Providing the Service: creating accounts, displaying your library, delivering downloads, issuing license keys, and enabling activation.
  • Processing transactions: calculating totals, collecting payments through Stripe, issuing receipts, and remitting publisher payouts subject to our ${PLATFORM_FEE_PERCENT}% platform fee structure.
  • License enforcement: verifying seat limits, preventing key sharing abuse, and protecting publishers from fraudulent activations.
  • Customer support: responding to inquiries, troubleshooting access issues, and mediating platform-related purchase disputes.
  • Security and fraud prevention: detecting stolen cards, abusive refunds, credential stuffing, and marketplace manipulation.
  • Legal compliance: tax, accounting, sanctions screening, responding to lawful requests, and enforcing our Terms of Service.
  • Product improvement: understanding feature usage through aggregated analytics and diagnosing reliability issues.
  • Communications: sending transactional emails about orders, security alerts, and policy updates; marketing emails only where permitted and with opt-out choices.

7. How We Share Information

We do not sell personal information. We share information only as described below and under contractual protections.

  • Payment processing: Stripe receives billing and transaction data necessary to process payments, refunds, and fraud checks.
  • Cloud infrastructure: Google Cloud Platform and related providers host application data, encrypted backups, and operational logs subject to access controls.
  • Email and notifications: email service providers deliver transactional messages on our behalf.
  • Publishers: by default, publishers do not receive your email address through Permisoft solely because you purchased their product. Publishers may receive aggregated sales metrics and license activation signals. If you open a support flow that requires publisher involvement, we may share necessary contact details with your consent or at your direction.
  • Professional advisors: lawyers, accountants, and auditors under confidentiality obligations when needed.
  • Corporate transactions: successor entities in a merger, acquisition, or asset sale, subject to this policy or notice to you.
  • Legal and safety: authorities or parties when required by law or to protect rights, safety, and integrity of the Service.

8. Data Retention

We retain personal information only as long as necessary for the purposes described in this policy, unless a longer period is required or permitted by law.

Account information is retained while your account is active and for a reasonable period afterward to resolve disputes, enforce terms, and meet legal obligations. Purchase records may be retained for tax and accounting periods required by applicable law. License activation logs may be retained to demonstrate entitlement history and prevent abuse.

When information is no longer needed, we delete, anonymize, or aggregate it in accordance with our retention schedules and technical capabilities.

  • Support tickets may be retained to improve service quality and train staff on resolved issues.
  • Security logs may be retained for a defined period to investigate incidents.
  • Backup systems may retain deleted data for a limited window before overwrite.

9. Security Measures

We implement administrative, technical, and organizational measures designed to protect personal information against unauthorized access, loss, misuse, alteration, and disclosure. Measures include encryption in transit, access controls, least-privilege administrative access, monitoring, and vendor security reviews.

No method of transmission or storage is completely secure. While we work diligently to protect your information, we cannot guarantee absolute security. You are responsible for safeguarding your account credentials and promptly reporting suspected compromise.

If we become aware of a data breach affecting your personal information where notification is required by law, we will provide notice consistent with our Data Handling Policy and applicable regulations.

10. Your Privacy Rights and Choices

Depending on your location, you may have rights to access, correct, delete, restrict, or object to certain processing of your personal information, and to receive a portable copy of information you provided.

To submit a request, email support@ceerf.com with sufficient detail to verify your identity. We may request additional information to prevent fraudulent requests. We respond within timeframes required by applicable law.

You may update account details through your profile settings where available. You may opt out of marketing emails using unsubscribe links. Transactional messages related to purchases and security may still be sent.

  • Access: request confirmation of processing and a copy of personal information we hold about you.
  • Correction: request correction of inaccurate information.
  • Deletion: request deletion where we have no overriding legal basis to retain data.
  • Restriction: request limited processing in certain circumstances.
  • Objection: object to processing based on legitimate interests where applicable.
  • Portability: receive certain data in a structured, commonly used format where technically feasible.

11. California and U.S. State Privacy Rights

Residents of California and certain other U.S. states may have additional rights under state privacy laws, including rights to know categories of information collected, purposes of use, categories of recipients, and rights to delete and correct personal information.

We do not sell personal information as defined under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA). We do not share personal information for cross-context behavioral advertising in exchange for monetary or other valuable consideration.

We will not discriminate against you for exercising privacy rights. Authorized agents may submit requests on your behalf with proof of authorization as required by law.

California residents may contact support@ceerf.com for rights requests. We will describe our practices regarding sensitive personal information collection and use upon request where applicable.

12. European Economic Area and United Kingdom Rights

If you are located in the European Economic Area or the United Kingdom, you may have rights under the GDPR or UK GDPR, including those listed in Section 10. You also have the right to lodge a complaint with your local supervisory authority.

Where we transfer personal information outside your country, we implement appropriate safeguards such as standard contractual clauses or equivalent mechanisms permitted by law.

Our legal bases for processing are described in Section 6. Where we rely on legitimate interests, you may object as described in Section 10.

We do not sell personal data. We do not profile you in a manner that produces legal or similarly significant effects solely through automated processing without human involvement where prohibited by law.

13. Children's Privacy

Permisoft is not directed to children under thirteen (13) years of age, and we do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, contact support@ceerf.com and we will take steps to delete it promptly.

Individuals between 13 and the age of majority may use the Service only with parental or guardian consent where required by law.

14. International Data Transfers

Ceerf LLC is based in the United States. If you access the Service from outside the United States, your information may be processed in the United States and other countries where we or our subprocessors operate.

Those countries may have data protection laws different from those in your jurisdiction. We implement safeguards designed to ensure an adequate level of protection for transferred data, including contractual commitments with subprocessors.

Contact support@ceerf.com for more information about transfer mechanisms relevant to your location.

15. Cookies and Similar Technologies

We use cookies and similar technologies to operate the Service, remember preferences, authenticate sessions, and understand aggregated usage patterns.

  • Strictly necessary cookies: required for login, checkout, and security.
  • Functional cookies: remember settings such as language or display preferences.
  • Analytics cookies: help us measure performance and diagnose errors in aggregate.
  • We do not use cookies to sell your personal data to third-party advertising marketplaces.

16. Automated Decision-Making and Profiling

We may use automated systems to assess fraud risk, prevent abusive transactions, and protect license keys. These systems may consider factors such as payment velocity, geographic signals, and activation patterns.

Automated decisions may result in declined transactions, additional verification steps, or temporary account restrictions. You may contact support@ceerf.com to request human review of significant platform access decisions where required by applicable law.

We do not engage in profiling that produces legal or similarly significant effects concerning you without appropriate safeguards where such profiling is restricted by law.

17. Changes to This Policy and Contact Information

We may update this Privacy Policy to reflect changes in our practices, technologies, legal requirements, or business operations. We will post the updated policy with a revised "Last updated" date and provide additional notice for material changes where required.

Your continued use of the Service after an update constitutes acknowledgment of the revised policy, subject to applicable law.

For privacy questions, rights requests, or concerns about our no-sale commitment, contact support@ceerf.com. For general support, contact support@ceerf.com. For legal notices, contact support@ceerf.com.

  • We will never sell your personal data—this commitment survives policy updates unless we provide prominent, lawful notice and choice where a change is permitted.
  • Material changes affecting publishers are tracked separately in publisher legal versioning.
  • You may request a plain-language summary of how your data is used for a specific purchase.

This Privacy Policy is provided by Ceerf LLC d/b/a Permisoft. We do not sell your personal information.