Dealerships typically collect a great deal of personal information from their website visitors through contact forms, online credit applications, etc. What many businesses don’t realize is how vitally important it is to properly handle any Personally Identifiable Information (PII) collected from consumers through their sites.
So what’s the big deal about privacy policies? Our website provider takes care of that, right?
Not necessarily. In researching dealer websites recently, we looked at a random sample of privacy policies on 12 dealer sites from around the country. What we found was…interesting:
· 2 dealers had only the manufacturers’ policies published on their sites (same as above)
· 2 dealers had identical boilerplate policies provided by their website provider – not a problem, unless the policies don’t truly reflect the dealers’ actual processes. For instance, the policies state: “Subscribers to our e-mail services (or any other feature/service found on our Web site) will not receive unsolicited e-mail messages from us”. If the dealers decide to launch an email marketing campaign to these website visitors (which is legal as long as they adhere to CAN-SPAM regulations), they could be in danger of violating their own policies. Federal and state regulators can take action against companies that fail to comply with their own privacy policies or otherwise misrepresent their information management practices. And of course, there is the real possibility of substantial private lawsuits.
· 1 dealer had a nicely-written, personalized policy (good job!)