As an auto dealership, you collect a range of personal information about your customers in the course of normal business. This includes information like an address, phone number, credit card number, social security number, and more. It’s important to understand that your dealership is subject to strict laws through the GLB Privacy Rule about how you can share this information.
Today, basically all automotive retailers are considered financial institutions. If your dealership checks credit and provides financing, you are legally a lender, and must comply with the Gramm-Leach-Bliley Act, including the Privacy Rule.
How does the GLB privacy rule impact your dealership?
In general, the GLB Privacy Rule will not prevent your dealership from normal business operations. It isn’t typically a violation to share customer information with legally affiliated businesses - for example, if your dealership is owned by a parent company. Likewise, if sharing customer information is required for standard business, the sharing is typically not an issue.
Where the Privacy Rule really impacts dealers is in the case of non-essential sharing of customer information. Giving or selling your customer data to another business, such as telemarketers or retailers hoping to sell to them, requires disclosure to consumers and requires you to allow consumers to opt out.