As an auto dealership, you collect a range of personal information about your customers in the course of normal business. This includes information like an address, phone number, credit card number, social security number, and more. It’s important to understand that your dealership is subject to strict laws through the GLB Privacy Rule about how you can share this information.

Today, basically all automotive retailers are considered financial institutions. If your dealership checks credit and provides financing, you are legally a lender, and must comply with the Gramm-Leach-Bliley Act, including the Privacy Rule.

How does the GLB privacy rule impact your dealership?

• You must inform consumers of the information you’re collecting about them

• You must inform consumers how their information will be shared

• You must allow consumers to “opt out” of information sharing where possible

In general, the GLB Privacy Rule will not prevent your dealership from normal business operations. It isn’t typically a violation to share customer information with legally affiliated businesses - for example, if your dealership is owned by a parent company. Likewise, if sharing customer information is required for standard business, the sharing is typically not an issue.

Where the Privacy Rule really impacts dealers is in the case of non-essential sharing of customer information. Giving or selling your customer data to another business, such as telemarketers or retailers hoping to sell to them, requires disclosure to consumers and requires you to allow consumers to opt out.

Is your customers’ privacy protected? Does your team give clear information to customers about how their personal information is being used? If not, you could be facing serious fines and penalties for violating federal law. Don’t wait until you’re being audited - contact Total Dealer Compliance today to protect your dealership.