1.The purpose of this section is to set forth the member states' policy for the protection
of the confidentiality rights of all participants in the system and of the privacy interests
of consumers who deal with model 1 sellers.
2.As used in this section, the term "confidential taxpayer information" means all
information that is protected under a member state's laws, regulations, and privileges,
the term "personally identifiable information" means information that identifies a
person, and the term "anonymous data" means information that does not identify a
person.
3.The member states agree that a fundamental precept in model 1 is to preserve the
privacy of consumers by protecting their anonymity. With very limited exceptions, a
certified service provider shall perform its tax calculatio
Free access — add to your briefcase to read the full text and ask questions with AI
1. The purpose of this section is to set forth the member states' policy for the protection
of the confidentiality rights of all participants in the system and of the privacy interests
of consumers who deal with model 1 sellers.
2. As used in this section, the term "confidential taxpayer information" means all
information that is protected under a member state's laws, regulations, and privileges,
the term "personally identifiable information" means information that identifies a
person, and the term "anonymous data" means information that does not identify a
person.
3. The member states agree that a fundamental precept in model 1 is to preserve the
privacy of consumers by protecting their anonymity. With very limited exceptions, a
certified service provider shall perform its tax calculation, remittance, and reporting
functions without retaining the personally identifiable information of consumers.
4. The governing board may certify a certified service provider only if that certified service
provider certifies that:
a. Its system has been designed and tested to ensure that the fundamental precept
of anonymity is respected;
b. Personally identifiable information is only used and retained to the extent
necessary for the administration of model 1 with respect to exempt purchasers
and for proper identification of taxing jurisdictions;
c. It provides consumers clear and conspicuous notice of its information practices,
including what information it collects, how it collects the information, how it uses
the information, how long, if at all, it retains the information and whether it
discloses the information to member states. Such notice shall be satisfied by a
written privacy policy statement accessible by the public on the official website of
the certified service provider;
d. The collection, use, and retention of personally identifiable information will be
limited to that required by the member states to ensure the validity of exemptions
from taxation that are claimed by reason of a consumer's status or the intended
use of the goods or services purchased and for documentation of the correct
assignment of taxing jurisdictions; and
e. It provides adequate technical, physical, and administrative safeguards so as to
protect personally identifiable information from unauthorized access and
disclosure.
5. Each member state shall provide public notification to consumers, including their
exempt purchasers, of the state's practices relating to the collection, use, and retention
of personally identifiable information.
6. When any personally identifiable information that has been collected and retained is
no longer required for the purposes set forth in subdivision d of subsection 4, such
information shall no longer be retained by the member states.
7. When personally identifiable information regarding an individual is retained by or on
behalf of a member state, such state shall provide reasonable access by such
individual to the individual's own information in the state's possession and a right to
correct any inaccurately recorded information.
8. If anyone other than a member state, or a person authorized by that state's law or the
agreement, seeks to discover personally identifiable information, the state from which
the information is sought should make a reasonable and timely effort to notify the
individual of such request.
9. This privacy policy is subject to enforcement by member states' attorneys general or
other appropriate state government authority.
10. Each member state's laws and regulations regarding the collection, use, and
maintenance of confidential taxpayer information remain fully applicable and binding.
Without limitation, the agreement does not enlarge or limit the member states'
authority to:
a. Conduct audits or other review as provided under the agreement and state law.
b. Provide records pursuant to a member state's freedom of information act,
disclosure laws with governmental agencies, or other regulations.
c. Prevent, consistent with state law, disclosures of confidential taxpayer
information.
d. Prevent, consistent with federal law, disclosures or misuse of federal return
information obtained under a disclosure agreement with the internal revenue
service.
e. Collect, disclose, disseminate, or otherwise use anonymous data for
governmental purposes.
11. This privacy policy does not preclude the governing board from certifying a certified
service provider whose privacy policy is more protective of confidential taxpayer
information or personally identifiable information than is required by the agreement.