Auto Dealer GLB Act Privacy Rule Compliance

As an auto dealership, you collect a range of personal information about your customers in the course of normal business. This includes information like an address, phone number, credit card number, social security number, and more. It’s important to understand that your dealership is subject to strict laws through the GLB Privacy Rule about how you can share this information.

Today, basically all automotive retailers are considered financial institutions. If your dealership checks credit and provides financing, you are legally a lender, and must comply with the Gramm-Leach-Bliley Act, including the Privacy Rule.

How does the GLB privacy rule impact your dealership?

  • You must inform consumers of the information you’re collecting about them
  • You must inform consumers how their information will be shared
  • You must allow consumers to “opt out” of information sharing where possible
  • And more...

In general, the GLB Privacy Rule will not prevent your dealership from normal business operations. It isn’t typically a violation to share customer information with legally affiliated businesses - for example, if your dealership is owned by a parent company. Likewise, if sharing customer information is required for standard business, the sharing is typically not an issue.

Where the Privacy Rule really impacts dealers is in the case of non-essential sharing of customer information. Giving or selling your customer data to another business, such as telemarketers or retailers hoping to sell to them, requires disclosure to consumers and requires you to allow consumers to opt out.

About DCS

Dealer Compliance Services will create a compliance plan that works with your daily operations in each department.

Your dealership’s custom solution will include ongoing Auditing, Testing, Training, and Documentation.

Contact