PRIVACY POLICY 

Last modified: May 23, 2023 

Introduction 

Dealer Information Systems Corporation (“Company,” “Us,” “Our,” or ”We”) respects your privacy and is committed to protecting it through our compliance with this policy. Please read this policy carefully to understand our policies and practices regarding the Personal Information we collect from you, how we use it, how we share it, your rights and choices, and how you can contact us about our privacy practices. To the extent that you are an End User or a Visitor (defined below), this policy also outlines your rights as a data subject, including the right to object to some uses of your Personal Information by us.  

This policy applies to information we collect: 

  • Through your use of the Company Website. 
  • Through your use of our Services.  
  • Through your communications and other interactions with us. 
  • From third parties who are permitted to share your Personal Information with us. 

Definitions 

B2B Party” means a customer, supplier, vendor, or business partner with whom We have a business relationship who directly or indirectly provides Us with B2B Representative and/or End User Personal Information in connection with those B2B Representatives’ or End Users’ use of Our Services or otherwise.  

B2B Representative” refers to individuals who work for or on behalf of a B2B Party.  

End User” means individuals who do business with, or otherwise transact with, a B2B Party but who are not doing business with Us directly. 

Personal Information” means any information that identifies or relates to an individual or can be used in conjunction with other information to identify an individual. 

Processing” means any operation or set of operations which is performed on Personal Information, encompassing the collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction or erasure of Personal Information. The terms “Process”, “Processes” and “Processed” will be construed accordingly. 

Service(s)” means the products and services that We offer.  

Visitor” means an individual that visits the Company website or otherwise communicates with the Company and is not a B2B Representative or End User. 

Website” means any publicly accessible website hosted by or on behalf of the Company which is not part of a Service. 

You” or “Your” means B2B Party, B2B Representative, End User, or Visitor, depending on the context as further explained in this privacy policy, and if there is no context which specifically identifies any of the foregoing, then “You” or “Your” means all of the foregoing collectively. 

General Scope (Controller vs. Processor) 

Our Role as a Processor 

This privacy policy does not apply when We Process Personal Information as a data processor.  We are a data processor (“Processor”) when We do not determine the purpose and means of Processing the Personal Data of B2B Representatives and End Users, and we only Process that Personal Information in accordance with the specific instructions of a B2B Party, as is the case when We Process Personal Information only as necessary to provide Our Services to a B2B Party. We receive instructions from B2B Parties through agreements We have with those B2B Parties, including any ancillary data privacy agreements or addenda (collectively a “B2B Agreement”). 

When You are a B2B Party and We act as a Processor with respect to the Personal Information that We receive from You or on Your behalf, You alone are responsible for providing appropriate privacy notices and disclosures to Your B2B Representatives and End Users with respect to Your Processing of their Personal Information.  You cannot rely on this privacy policy as a means for satisfying Your privacy notice and disclosure obligations. 

When You are a B2B Representative or an End User and We act as a Processor with respect to Your Personal Information, the B2B Party with whom You have a relationship is responsible for providing appropriate notices and disclosures about how they Process Your Personal Information and You must refer to that B2B Party’s privacy policy or other notices for information regarding their privacy practices and Your rights.   

Our Role as a Controller 

This privacy policy only applies when We Process Personal Information as a data controller.  We are a data controller (“Controller”) when We determine the purpose and means of Processing the Personal Information of B2B Representatives and End Users, as is the case when a B2B Party permits Us to Process that Personal Information in ways that relate to Our Services but are not strictly necessary in order to perform those Services. 

When You are a B2B Party and We act as a Controller with respect to the Personal Information that We receive from You or on Your behalf pursuant to a B2B Agreement, We are responsible for providing appropriate privacy notices and disclosures to Your B2B Representatives and End Users with respect to Our Processing of their Personal Information as a Controller.  However, pursuant to our B2B Agreement, You agree to comply with all applicable laws, including those which may require You to provide notice to or gain consent from Your B2B Representatives and End Users prior to giving Us permission to Process that Personal Information as a Controller.  Specifically, You and Your legal advisors should consider whether You need to list Us in Your privacy policy and notify Your End Users of Our privacy practices by linking to this privacy policy. 

When You are a B2B Representative or an End User and we act as a Controller with respect to Your Personal Information, this privacy policy describes Our privacy practices, including the Personal Information We collect from You, how We use it, how We share it, Your rights and choices, and how You can contact Us about Our privacy practices.  However, as mentioned in the “Our Role as a Processor” above, You will need to refer to the privacy notices and disclosures of the B2B Party from whom We received Your Personal Information for information regarding that B2B Party’s privacy practices, including any notices or disclosures with respect to that B2B Party’s transfer of Your Personal Data to Us for Our Processing as a Controller. 

When You are a Visitor, We are a Controller with respect to Your Personal Information. We Process Your Personal Information in accordance with this privacy policy and any other agreement We may have directly with You.  This Privacy Policy describes Our privacy practices, including the Personal Information We collect from You, how We use it, how We share it, Your rights and choices, and how You can contact Us about Our privacy practices. 

Children Under the Age of 16 

Our Website and Services are not intended for children under 16 years of age. No one under age 16 may provide any information to Us. We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information on this Website or the Services or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at privacy@discorp.com.

Information We Collect About You and How We Collect It 

We may collect several types of information, including information: 

  • By which you, your customers, or any other person may be personally identified, such as name, postal address, email address, telephone number and/or any other personally identifiable information that you provide via the Website or Services (“personal information”); 
  • That is about you but individually does not identify you, such as purchase or service history or other transactional data; and/or 
  • About your internet connection, the equipment you use to access our Website and/or Services, and usage details. 

We collect this information: 

  • Directly from you when you provide it to us, including through use of the Services or Website. 
  • Automatically as you navigate through the Website or use the Services. Information collected automatically may include usage details, IP addresses, and information collected through cookies. 
  • From third parties, for example, our business partners. 

Information You Provide to Us  

The information we collect may include: 

  • Information that you provide by filling in forms on our Website. This includes information that may be provided at the time of registering to use our Website, subscribing to our service, posting material, or requesting further services. We may also ask you for information when you report a problem with our Website. 
  • Records and copies of your correspondence (including email addresses), if you contact us. 
  • Details of transactions you carry out through our Website or other communications with us. 

You also may provide information to be published or displayed (hereinafter, “posted”) on public areas of the Website, or transmitted to other users of the Website or Services or third parties (collectively, “User Contributions”). Your User Contributions are posted on and transmitted to others at your own risk. Additionally, we cannot control the actions of other users of the Website or Services with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons. 

Information We Collect Through Automatic Data Collection Technologies   

As you navigate through and interact with our Website or use the Services, we may use automatic data collection technologies to collect certain information about your equipment, actions, and patterns, including: 

  •  Details of your visits to our Website, including traffic data, location data, and other communication data and the resources that you access and use on the Website. 
  • Information about your computer and internet connection, including your IP address, operating system, and browser type. 
  • Details of your use of the Services, including user identification and usage metrics.  

The information we collect automatically is statistical data, but we may maintain it or associate it with personal information we collect in other ways or receive from third parties. It helps us to improve our Website and Services and to deliver a better and more personalized service, including by enabling us to: 

  • Estimate our audience size and usage patterns. 
  • Store information about your preferences, allowing us to customize our Website according to your individual interests. 
  • Speed up your searches. 
  • Recognize you when you return to our Website. 

The technologies we use for this automatic data collection may include: 

  • Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.  
  • Web Beacons. Pages of our Website may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).  

How We Use Your Information 

We may use aggregated information about our users, and any information that does not identify any individual, without restriction.  

We use information that we collect about you or that you provide to us, including any personal information: 

  • To present our Website and Services and their contents to you. 
  • To provide you with information, products, or services that you request from us. 
  • To fulfill any other purpose for which you provide it. 
  • To provide you with notices about your account, including expiration and renewal notices. 
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection. 
  • To notify you about changes to our Website, Services, or any other products or services we offer or provide. 
  • To allow you to participate in interactive features on our Website and Services. 
  • In any other way we may describe when you provide the information. 
  • For any other purpose with your consent. 

Disclosure of Your Information 

We may disclose aggregated information about our users, and any information that does not identify any individual, without restriction.  

We may disclose personal information that we collect or you provide as described in this privacy policy: 

  • To our subsidiaries and affiliates. 
  • To contractors, service providers, and other third parties we use to support our business. 
  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Company’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by Company about our Website or Services users is among the assets transferred. 
  • To fulfill the purpose for which you provide it.  
  • For any other purpose disclosed by us when you provide the information. 
  • With your consent. 

We may also disclose your personal information: 

  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request. 
  • To enforce or apply our General Terms and Conditions or other agreements, including for billing and collection purposes. 
  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Company, our customers, or others.  

Choices About How We Use and Disclose Your Information 

We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:  

  • Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly. 

We do not control third parties’ collection or use of your information to serve interest-based advertising. However these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative (“NAI”) on the NAI’s website. 

Residents of certain states, such as California, Nevada, Colorado, Connecticut, Virginia, and Utah may have additional personal information rights and choices. Please see Your State Privacy Rights for more information. 

Accessing and Correcting Your Information 

You can review and change your personal information by logging into the Website and visiting your account profile page. 

You may also send us an email at privacy@discorp.com to request access to, correct or delete any personal information that you have provided to us. We cannot delete your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect. 

If you delete your User Contributions from the Website, copies of your User Contributions may remain viewable in cached and archived pages, or might have been copied or stored by other Website users. 

Your State Privacy Rights 

State consumer privacy laws may provide their residents with additional rights regarding our use of their personal information. To learn more about California residents’ privacy rights, visit https://www.discorp.com/privacy-policy/California. California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our app that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to privacy@discorp.com. 

Colorado, Connecticut, Virginia, and Utah each provide their state residents with rights to: 

  • Confirm whether we process their personal information. 
  • Access and delete certain personal information. 
  • Data portability. 
  • Opt-out of personal data processing for targeted advertising and sales. 

Colorado, Connecticut, and Virginia also provide their state residents with rights to: 

  • Correct inaccuracies in their personal information, taking into account the information’s nature processing purpose. 
  • Opt-out of profiling in furtherance of decisions that produce legal or similarly significant effects.  

Nevada provides its residents with a limited right to opt-out of certain personal information sales. Residents who wish to exercise this sale opt-out rights may submit a request to this designated address: privacy@discorp.com 

Data Security 

We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure.  

However, the security of information transmitted through the internet can never be guaranteed. The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to the Services or certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. 

Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website or Services. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website or the Services. 

EU/UK/EEA Residents 

Right of Access. To the extent required by law, you have the right to receive confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the following information: the purposes of the processing; the categories of personal data concerned; and the recipients or categories of recipient to whom the personal data have been or will be disclosed. We will provide a copy of your personal information in compliance with applicable law. 

Right of Rectification. Our goal is to keep your personal information accurate, current, and complete. Please contact us if you believe your information is not accurate or if it changes. 

Right to Erasure. In some cases, you have a legal right to request that we delete your personal information when (1) it is no longer necessary for the purposes for which it was collected, (2) consent has been withdrawn in certain instances, (3) you have objected to the processing in certain instances, (4) the personal information has been unlawfully processed, (5) the personal data have to be erased for compliance with a legal obligation; and (6) the personal data were collected in relation to the offer of information society services. However, the right is not absolute. When we delete personal information, it will be removed from our active servers and databases; but, it may remain in our archives when it is not practical or possible to delete it. We may also retain your personal information as needed to comply with our legal obligations, resolve disputes, or enforce any agreements. 

Right to Restrict Processing. You have the right to restrict the processing of your data when (1) the accuracy of the personal data is contested, for a period enabling the controller to verify the accuracy of the personal data; (2) the processing is unlawful and you oppose erasure and request a restriction instead; (3) we no longer need the personal data, but you need us to keep it for the establishment, exercise, or defense of legal claims; or (4) you have objected to us processing the personal information, pending resolution of the objection. 

Right to Object. In certain circumstances, you have the right to object to the processing of your personal information where the processing is necessary for performance of a task carried out in the public interest, for our legitimate interests, or for the legitimate interests of others. You also have the right to object where personal data are processed for direct marketing purposes or for scientific or historical research purposes or statistical purposes. 

Right to Withdraw Consent. If you have provided your consent to the collection, processing, and transfer of your personal information, you may have the right to fully or partially withdraw your consent. Once we have received notice that you have withdrawn your consent, in whole or in part, we will no longer process your information for the purpose(s) to which you originally consented and have since withdrawn unless there are compelling legitimate grounds for further processing that override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims. Withdrawal of consent to receive marketing communications will not affect the processing of personal information for the provision of our services. 

Right to Complain. If you believe we have not processed your personal information in accordance with applicable law, we encourage you to contact us at privacy@discorp.com. You may also have the right to make a complaint to an applicable Supervisory Authority or seek a remedy through the courts. A list of Supervisory Authorities for residents of the EU, UK, or EEA is available at: https://edpb.europa.eu/about-edpb/board/members_en. If you need further assistance regarding your rights, please contact us using the contact information provided below and we will consider your request in accordance with applicable law. 

Changes to Our Privacy Policy

It is our policy to post any changes we make to our Policy on this page with a notice that the privacy policy has been updated on the Website home page. If we make material changes to how we treat our users’ personal information, we will notify you by email to the primary email address specified in your account. The date the privacy policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Website and this Policy to check for any changes. 

Contact Information 

To ask questions or comment about this privacy policy and our privacy practices, contact us at:  

privacy@discorp.com.