Phone: 630-495-2282 Fax: 630-495-2260 Map/Directions

Privacy notice required annually for ongoing financial relationships

November 24, 2010

Dealers, under the Gramm-Leach-Bliley Act, must provide an annual privacy notice to each noncommercial account customer with whom a financial relationship is ongoing. Examples include open accounts in service/parts; buyhere, pay-here plans; and in-house leases.

Open accounts in service/parts Noncommercial customers (i.e., customers servicing their personal, family or household vehicles) must receive an annual notice for accounts that remain active 12 months or longer, including for accounts that accrued a $0 balance since the last notice was issued. This does not apply to open business accounts that buy service/parts for business purposes. Buy-here, pay-here Annual privacy notices must be provided to customers under the credit sale contracts that are held by the dealer. Be alert for situations where dealers have been unable to assign a contract for some reason but still hold it 12 months after it was first signed.

In-house leases The customer relationship lasts until the dealer sells or assigns a contract to another financial institution or, if the dealer holds the lease, until the lease ends or is terminated. Content and timing of annual notices The annual privacy notice should explain

• The type of consumer information a dealership collects and where it comes from; 
• Whether the dealership shares any consumer information, and with whom;  
• The dealership's practices for protecting the confidentiality and security of the consumer information; and 
• If applicable, the rights of the consumer to opt out of a disclosure of nonpublic personal information.

The FTC prepared "How to Comply with the Privacy of Consumer Financial Information Rule of the Gramm-Leach- Bliley Act," a guide for small businesses. That publication and another, "Frequently Asked Questions for the Privacy Regulation," are posted on the FTC Web site,