WHAT DO THESE PRIVACY LAWS REQUIRE?
- Data collection & sharing must be Transparent, Consensual, Limited.
- Data storage & sharing must be Limited, Accurate, Protected.
- Operate transparently, Be Accountable, Apply these requirements to a website.
15% of dealer websites have a consent banner, however, 100% of them were passing data in front of consent.
Likely deceptive and likely a UDAAP violation under state and/or federal law
Dealers Need to Have a Cookie Banner on their Website.
To Avoid Fines. Violations of similar laws in Europe have resulted in hefty fines. Example: France recently fined Google $169M and Facebook $67M for requiring too many clicks for users to opt out of cookies
- Preference Management
- Adherence to Industry Standards
- Mitigation of Risks
- User Experience Optimization
10-Steps for Navigating Website Privacy Consent Banners
Identify Cookies Collected
Scan your website periodically to identify:
- Third Party Collecting Cookies
- Essential Cookies
- Performance and Functionality Cookies
- Analytics and Customization Cookies
- Advertising Cookies
- Social Networking Cookies
- Unclassified Cookies
Auto-block all cookies until after consent is provided.
- Create a custom banner that permits the acceptance and rejection of non-essential cookies.
- Allow consumers to change their consent options at any time with a Preference Center
Enable consumers the ability to make privacy requests so that your designated individual may properly respond and manage requests.
Banner properly installed. No interference with accessibility tool.
Easy access to:
- Preference Center; and
- Privacy Requests.
Data Processing Agreements (DPAS)
DPAs typically address issues such as:
- The specific purposes for which the personal data will be processed;
- The categories of personal data that will be processed;
- The duration of processing;
- The geographic scope of processing;
- The security measures that will be implemented to protect personal data;
- The rights of individuals with respect to their personal data; and
- The obligation of the parties to comply with applicable law.
Protect Data (FTC Safeguards Rule)
- Protect customer information/data collected by adhering to the FTC Safeguard Rule, which you are already required to follow.
- Revised Rule took full effect on June 9, 2023 with violations of up to $50,120 per violation.
COMPLIANCE SUCCESS CONSULTANTS
Let us be your trusted advisor to guide you toward a culture of Complete Compliance.