PRIVACY CONSENT BANNER
New Privacy Consent Banner Mandate for Dealers Aims to Safeguard Customer Data.
WHAT DO THESE PRIVACY LAWS REQUIRE?
- Data collection & sharing must be Transparent, Consensual, Limited.
- Data storage & sharing must be Limited, Accurate, Protected.
- Operate transparently, Be Accountable, Apply these requirements to a website.
15% of dealer websites have a consent banner, however, 100% of them were passing data in front of consent.
Likely deceptive and likely a UDAAP violation under state and/or federal law
Dealers Need to Have a Cookie Banner on their Website.
To Avoid Fines. Violations of similar laws in Europe have resulted in hefty fines. Example: France recently fined Google $169M and Facebook $67M for requiring too many clicks for users to opt out of cookies
- Preference Management
- Adherence to Industry Standards
- Mitigation of Risks
- User Experience Optimization
TABLE OF CONTENTS
10-Steps for Navigating Website Privacy Consent Banners
Step 1
Identify Cookies Collected
Scan your website periodically to identify:
- Plug-Ins
- Third Party Collecting Cookies
Step 2
Categorize Cookies
- Essential Cookies
- Performance and Functionality Cookies
- Analytics and Customization Cookies
- Advertising Cookies
- Social Networking Cookies
- Unclassified Cookies
Step 3
Auto-Block Collection
-
Auto-block all cookies until after consent is provided.
Step 4
Privacy/Cookie Policy
- Create a website privacy policy and cookie policy that identifies the cookies by category and the 3rd party providers collecting cookies.
- Modify the privacy policy/cookie policy as the website and providers change.
Step 5
Website Banner
- Create a custom banner that permits the acceptance and rejection of non-essential cookies.
Step 6
Preference Center
- Allow consumers to change their consent options at any time with a Preference Center
Step 7
Privacy Requests
-
Enable consumers the ability to make privacy requests so that your designated individual may properly respond and manage requests.
Step 8
Review Website
Banner properly installed. No interference with accessibility tool.
Easy access to:
- Privacy Policy/Cookie Policy;
- Preference Center; and
- Privacy Requests.
Step 9
Data Processing Agreements (DPAS)
DPAs typically address issues such as:
- The specific purposes for which the personal data will be processed;
- The categories of personal data that will be processed;
- The duration of processing;
- The geographic scope of processing;
- The security measures that will be implemented to protect personal data;
- The rights of individuals with respect to their personal data; and
- The obligation of the parties to comply with applicable law.
Step 10
Protect Data (FTC Safeguards Rule)
- Protect customer information/data collected by adhering to the FTC Safeguard Rule, which you are already required to follow.
- Revised Rule took full effect on June 9, 2023 with violations of up to $50,120 per violation.
COMPLIANCE SUCCESS CONSULTANTS
Let us be your trusted advisor to guide you toward a culture of Complete Compliance.