Dealers Urged to Review Vendor Data Security Measures - AutoSuccessOnline
Connect with us
Close Sidebar Panel Open Sidebar Panel

Industry News

Dealers Urged to Review Vendor Data Security Measures

While CCPA is California-specific legislation, its requirements affect dealers and dealer groups having stores in the state, and many vendors serving auto retailers are domiciled there. CCPA’s comprehensiveness is designed to ensure healthy consumer privacy and data security guidelines for dealers and vendors, wherever located.

Advertisement

Zonic Design, a certified vendor to CDK Global and Reynolds and Reynolds, is urging auto dealers to begin reviewing their vendors’ privacy and data security measures ahead of the January 1 deadline for compliance with California’s Consumer Protection Act (CCPA).

Click Here to Read More
Advertisement

While CCPA is California-specific legislation, its requirements affect dealers and dealer groups having stores in the state, and many vendors serving auto retailers are domiciled there. CCPA’s comprehensiveness is designed to ensure healthy consumer privacy and data security guidelines for dealers and vendors, wherever located.

The timing for this call could not be better. According to a study from PossibleNOW, 56% of U.S. businesses polled are not likely to “be fully prepared” to meet the January 1 CCPA compliance deadline. This fact should add urgency to dealers’ sense of timing about reviewing their vendors’ compliance practices.

Likely other states will enact consumer privacy and data security legislation, given the lack of national guidelines and standards. Those laws are sure to be as stringent as is CCPA to protect those states’ residents.

Advertisement

Zonic Design is data-driven service marketing company leveraging auto retailers’ existing and conquest consumer to increase customer retention, revenues and ROI. When a major dealer group reviewed the vendor’s data security during vetting, group security personnel were taken aback at how much more comprehensive Zonic’s security measures were than their own.

“Dealer groups may have up to 20 different vendors tapping into their dealer management or other internal systems which store personal consumer data, so they will want to be certain, and confident those vendors’ data practices are current and stringent,” said Brian Ramphal, Chief Executive Officer, for Zonic Design.

Advertisement

Foremost, he said, dealers must insist their vendors be DMS certified. Other qualifying questions they should ask vendors, though, sometimes go unasked, including:

  • Where do vendors store client data once extracted from you, and how is that data protected?
  • What cyber liability limits do your vendors carry?
  • What processes do vendors use to ensure accurate a safe data transformation and management

To help dealers vet their vendors – and as a guideline for vendors – Zonic has prepared a brief PDF download, Data Compliance Questionnaire, at https://zonicdesign.com/#home-form-section.

Advertisement

Last month the CCPA was amended by the California Senate, with two exemptions relevant to automotive vendors. These exemptions are:

  • Loyalty programs, for which “certain prohibitions in the CCPA would not apply
  • Warranties and recalls, exempting information retained or stores for purposes of warranty or recall-related vehicle repair

The International Risk Management Institute notes that the CCPA allows any consumer to demand to see all the information a company has saved on them. This invitation extends to third parties with which this data is shared.  CCPA now requires that companies must have visible website footers offering consumers the option to opt-out of data sharing.

Advertisement

Links:
Zonic Design

Advertisement
Click to comment
Connect
AutoSuccessOnline