Notifications & Messages

Jared Hamilton
From: Jared Hamilton
Hey - It’s time to join the thousands of other dealer professionals on DrivingSales. Create an account so you can get full access to the articles, discussions and people that are shaping the future of the automotive industry.
×
Amy Taggart

Amy Taggart Marketing Manager

Exclusive Blog Posts

The Recruiter: Episode 4- People Use Google to Find Jobs

The Recruiter: Episode 4- People Use Google to Find Jobs

How to title your help wanted ad so it gets found on the internet. Please use Google in their job search. Use what people call themselves on their resu…

* The Recruiter* Episode 3 Law of Diminishing Return

* The Recruiter* Episode 3 Law of Diminishing Return

When do you hire and how many? what are you basing your decision on? Don't decide by how many desks you have or that's what you normally run with. …

Lenders must lend or drivers won't drive

Lenders must lend or drivers won't drive

In my opinion, sub prime customers are being considered more risky by the lenders that once targeted them. Even traditional co-signers are proving not to b…

4 Reasons to Improve CRM Utilization in 2017

4 Reasons to Improve CRM Utilization in 2017

Yes, dealers are creating a tremendous amount of data. The problem is, most of it is junk. Data is like this 1958 Tops Baseball Card complete set. You have…

Your Car Repair Shop Should Appeal To Parents Whether It is At a Dealership or Privately Owned

Your Car Repair Shop Should Appeal To Parents Whether It is At a Dealership or Privately Owned

Running an auto repair means that you have to take care of all kinds of details including scheduling, discipline, and customer service. Giving a customer t…

Best Practices for Consumer Privacy Compliance (Part II)

Last week we took a look at best practices for handling consumer data offline. This week, we're taking a closer look at online practices.

Remember, always consult your lawyer when working with consumer data -- we've got best practices for you and your best interests at heart, but they're the ones who will make sure you've got all the legal questions covered.

On we go!

 

Privacy Policy

As thrilling as it is to watch you dealers migrate your store marketing to the web, there are still some places where you need to do your homework. Featuring a privacy policy on your website is one of them. (Wrote about this recently, too.)

If you’ve been paying attention, you know that you need a privacy policy if you’re collecting consumer information. The U.S. federal government requires that you describe what you’re gathering and why, and how it will be used. Your website visitors also need to be able to find it easily, which means it needs to be linked on each page and featured prominently on any of your contact forms.

Here’s a sample of what one looks like: this is the policy we have developed to use with our network of websites that car buyers use to apply for financing. Since they’re filling out a full application, including employment information and SSN, we have to be sure that we make clear what our intentions are for the information they’re sharing.

We spent a lot of time with our legal team developing this policy, which includes clear language describing what we do, why we do it, and how. It also gives the consumer the opportunity to limit how we share information, or to opt out of the process altogether. This is especially important to ensure compliance with federal regulations governing the use of the data - similar to CAN-SPAM on the email front.

This policy also addresses some specific questions the consumer might have, such as “How does [company] protect my personal information?” and “Why can’t I limit all sharing?” These are important considerations that a savvy potential customer will take a look at before deciding to share their sensitive data.

It should be noted that you can't just crib the privacy policy we've shared here - you need to work directly with legal counsel well-versed in these laws in order to develop your own.  If you copy someone else’s and run into legal trouble, you will have no recourse if you haven’t dotted your “i”s and crossed your “t”s.

 

Security

After you put together your privacy policy to describe how you’re going to handle their data, you need to make sure that the method you’re using to capture that information is completely secure.

If you’re using a financial application on your dealership website, you need to make sure that it is using encryption technology to protect the bits and bytes that are moving through your system.

You’d be surprised how many dealers’ websites have financial applications - including those built by some reputable website providers - that are written in unencrypted HTML and do not include “https://” in the URL. That means that the information is wide open. If you’ve got someone on your website who knows anything about data leaks on the Internet, they will not submit their application if they recognize that it’s not being protected.

If you're using a website provider, ask them whether the data is secure, and how. If you don’t hear terms like “SSL”, “site certificate” and “encryption” as part of the conversation, you are not getting the best tool for collecting consumer information from your website visitors.

Take a look at our flagship consumer finance site, Carloan.com, as an example. When you hit the home page, we feature trust symbols from the Better Business Bureau and security services industry leader Network Solutions. When you click through to our finance application, you will immediately notice the “locked” symbol in the URL and “https://” as part of the address string. All of these elements -- and a strong domain name -- help to make it the best-performing consumer finance site in our network.

We also offer our expertise to the members of the Carloan.com Dealer Network, in the form of a customizable application. No muss, no fuss - we can create a secure financial application using your dealership’s branding that you can then use in conjunction with your website, regardless of who built your website and where it is hosted.

 

Consumer Consent Part II

You might not expect to see this again under online best practices, but think about it from their perspective. If a consumer is not actively engaged with you and sees a hard credit pull on their report - and many of them will - they will interpret that as a fraudulent action on your part and potentially sue your dealership. As far as they know, their financial information has been compromised, and you are responsible. Might sound far-fetched, but we’ve seen it happen.

That makes it worth mentioning again.

You have a legal and moral obligation to make sure that your prospects are aware when you are acting in a way that can potentially affect their credit. Period.

 

Conclusion

It is entirely up to you to make sure that you're on the right side of the law and tenaciously guarding this sensitive information.  Most of the dealers we see out there are using these best practices, which is great. It’s the bad actors that make it tough for the rest of us.

When you follow these best practices, you are ensuring the safety and security of sensitive personal information for your customers. Put a consistent process in place for handling consumer data, both offline and online. Protect your store and your customers.

If you treat them well, these consumers will expand your business by referring their friends and returning to buy more cars from you. Treat them poorly, and you can expect them to talk to their lawyers.

Be sure to speak to yours when you're setting up to ensure that you're following the letter of the law.

 Unlock all of the community & features  Join Now