DealerX takes Business, Dealership and Consumer privacy seriously. As such we are committed to the safeguarding of the consumer’s web browsing and location data as well as the data shared by our clients. Consumer data provided by, or derived from information gathered on behalf of our client’s business(es) is gathered by DealerX through; 3rd parties, aggregators, visitors to publisher websites where DealerX receives 1st party ad placement requests, client websites via cookies, device fingerprinting, phone call capture, lead forms and the business or dealership CRM. DealerX has developed a comprehensive privacy statement for client and consumer to understand the terms and conditions surrounding the collection and use of the information gathered. This statement discloses the types of information we collect, how it is used, and how our client or a consumer can gain access to, opt-out, edit, purge or update any of the data we’ve collected.

General Provisions For Businesses Leveraging DealerX Products & Services:

By using DealerX Services or any affiliated company inclusive of subcontractor services, herein referred to collectively as “DealerX Services”, your company accepts the terms of this privacy policy, data collection and this data usage agreement. This is a legally binding agreement between your Business Entity a.k.a Dealership and DealerX Partners LLC, affiliated companies inclusive of subcontractors we leverage; Please read carefully. When using DealerX Services, your business may be subject to other posted terms and guidelines applicable to certain services available on www.DealerX.com in regular updates. All terms, conditions and guidelines outlined by DealerX herein https://dealerx.com/terms-of-service, including our privacy policy are part of both our standard Website Visitor Agreement as well as incorporated into the DealerX client facing agreements applicable to any use of the DealerX products or services. Unless explicitly stated otherwise, any features or services provided by DealerX are subject to our privacy policy, data collection and data usage agreement. Accessing DealerX Services in any manner, even through automated means, constitutes your company’s use of the DealerX Services and your/its agreement to be bound by our privacy policy, data collection and data usage agreement. DealerX may change the terms of our privacy policy, data collection and data usage agreements from time to time and will revise the effective date when its revisions are made. Your business(es) or dealership(s) continued use of the DealerX products and services after the posted effective date constitutes your agreement to be bound by this agreement as modified, except that modifications do not apply to any dispute arising prior to their effective date. DealerX may change, restrict access to, suspend, or discontinue the DealerX products or services, or any portion thereof, at any time – without notice.

Materials, incentives and specials used to create advertisements whether digital, analog or physical (e.g; direct mail) herein referred to as “creative” which are provided by DealerX, their affiliated companies inclusive of 3rd party subcontractors are for general informational purposes only. While we aim to provide products, services and advertisements which are useful, be mindful that creative may, from time to time, contain errors. DealerX products and services include materials and information collected from an array of third parties which we may or may not have evaluated and/or reviewed. We make no guarantees regarding the accuracy, completeness, timeliness, or reliability of any of the materials, creative or information encompassed in the DealerX products or services, and you should not rely on them without independent verification.

Consumer Privacy

California:

In California, DealerX dramatically limits the data we collect and store. We anonymize and encrypt all personally identifiable information (PII) using a SHA256 email hash as the “identifier” for California residents. In the normal course of our services for California clients, we rely strictly on contextual data synced to encrypted SHA256 hashed email(s) aggregated into cohort based audience segments for our client’s ad placements.

Under California law, we will not share information we collect about any consumer with companies outside of DealerX, DealerX affiliated companies or the original contracting business, unless allowed by law. We treat IP address and precise location data in the State of California as “PII” (Personally Identifiable Information) and precise location data as “sensitive” and thus restrict its use. DealerX leverages SHA256 email hash encryption of our client’s 1st party data to create privacy compliant household profiles. Further, we only collect data which relates to automotive intent or where we bid for, or have served an impression on behalf of our Automotive specific advertiser(s). This data is aggregated into anonymized household profiles. All household profile level data is encrypted using SHA256 email hash as a key for the 1st party Dealership partner on whose behalf we are acting upon.

DealerX internal practices adhere to many of the rules detailed in CCPA nationally.

There are currently Five states have enacted comprehensive consumer privacy laws:

Upon the effective date in each, DealerX will comply with these privacy laws by using the strictest interpretation of the most rigid enacted law as a guide for all.

Guiding Principles

DealerX respects the privacy of individuals whose data has been collected through our services, via email, form submission, tracked phone calls, location data or website engagement, impression data, or data collected in any way through advertisements placed or the products the services offered by DealerX on our client’s behalf. Accordingly, our policy regarding privacy (both online and off) has been developed using the following guiding principles:

DealerX maintains a strict “no-spam” policy. Subscribers to our email services (coupled with any other feature or service found on the DealerX Website leveraged by our clients) will not receive emails which do not correspond to activity within the past 6 months and where if there is no opt-in that a piggyback opt-in has not been obtained from a 3rd party partner acting on behalf of our client unless the consumers behavior indicates they are in-market for a product or related client service verified through the use of cookies, mobile device data, lead submissions, location data or CRM captured inquiries provided the consumer has been apprised of our clients privacy policy or has accepted an affiliates and by accepting the terms of such, an in using their website, or any publisher’s website, data aggregator or 3rd party website that clearly details their data collection and data usage policies. DealerX collects information online, through location data, data aggregators, cookies/pixels and 3rd party data appends primarily to provide our client’s existing and potential local shoppers with a more relevant experience while shopping for related products or services. When doing so, we will make every reasonable effort to avoid excessive or irrelevant collection of data that does not relate to the subject matter in which the consumer’s information was originally gathered for. DealerX will take reasonable physical, electronic and managerial measures to safeguard and secure any information both of our client and the consumer which has been collected and/or provided to us (e.g. data will be stored in protected cloud data warehouses on secured servers with restricted access). DealerX will not share or sell any of the consumers or client’s information provided to us from the CRM/Database, phone call tracking or collected while submitting lead forms from the client’s business or dealership website; with anyone, without the written consent of the client who has contracted with DealerX – other than for use in the service originally contracted for at the time your business(es) or dealership registers for any such service, you will be notified of, and asked to consent to the sharing of your clients information with particular third parties necessary to aid in the provisioning of the requested DealerX products and/or services.

Non-Personally Identifiable Data:

Anytime a consumer visits your business(es) website, a website which sells ad placements to our 1st party audiences, and/or a website where we have contractual placed a fully disclosed tracking script either 1st, 2nd or 3rd party, we may gather certain non-personally identifiable information. This information may include the type and version of the browser, service provider, [IP address, precise location data – now deemed under CCPA as sensitive data] and any search queries the consumer may have used to locate the products, services they searched for. We use this information to build holistic profiles of our client’s 1st party and related DealerX modeled shoppers, administer our analytics, attribution platform while compiling broad statistical, probabilistic and behavioral data analysis. In addition, we gather certain navigational information about where a consumer goes on our clients website(s) and across any website which sells ad placements against our 1st party audience. This information enables us to determine which websites are most frequently visited and helps us to tailor the creative to be served on these sites to fit the needs and interests of our client’s potential local shoppers. Such information is gathered by us in the aggregate and will not be associated with a specific individual if that individual has opted-out of consent or where limited by law.

Information Voluntarily Provided:

Any information provided to our client (i.e. name, email address, etc.) when a consumer enrolls in an email reminder service, requests for information, or use of any other interactive portions of our clients website, is securely maintained on our web server and internal data warehousing systems. This information may be used to provide consumers with information requested from our client’s business around their products and services, or to provide the consumer with special notices. Consumers may opt-out of receiving future communications at any time (see opt-out procedures on this website). The data collected may also be used to tailor our ad placements by providing content which is deemed relevant to the consumer based on the indicated behavioral interests in a geographic region or regions.

Information Collected from Other Sources:

To help us better understand and respond to consumers’ needs and interests, we may in the future receive information about consumers from other sources. We will ask any provider of such information to represent and warrant that the information has been gathered and maintained in accordance with the select state privacy laws which exist and will readily comply with any federal laws should they be enacted. Any such information will be maintained by us in accordance with the standards set forth in this privacy policy, data usage and collection agreement along with other personal information the consumer has provided.

Disclosure of Personal Information:

DealerX understands the importance of consumer privacy. We collect and maintain the personal information of our client’s consumers for our client’s use, our own use and select 3rd parties which help us fulfill our services. We do not sell, rent, or trade consumer information to third parties, other than as described herein, and never without our originating client’s consent, further the consumer’s consent can be withdrawn at any time using the opt-out form found on this website.

Business Partners:

DealerX may partner with select data collection, targeting and analytic providers along with other companies at various times to provide expanded services to our client’s website visitors and local geographic shoppers. As part of such a relationship, we may share with these companies the data collected through the use of certain pixels and data collection mechanisms, interactive website functions as well as location data tools. The information captured and provided by these mechanisms about the visitors and local shoppers is available to DealerX, our client and select members of their employ and 3rd party partners.

DealerX Subprocessors:

DealerX and its affiliates engage third-party entities to assist them in connection with DealerX Services. View the DealerX Subprocessor list here

Agents:

DealerX may use other companies and individuals to perform certain functions on our behalf. Such parties only have access to (rarely) the personal information and generally the anonymous information needed to perform these functions and may not use or store the information for any other purpose.

Business Transfers:

In the event that DealerX and or an affiliated company sells or transfers a particular portion of its business assets, derived data from consumer information may be one of the business assets transferred as part of the transaction. If substantially all of the assets of DealerX are acquired, derived consumer information may be transferred as part of the acquisition.

Compliance with Law/Safety:

DealerX may disclose specific personal information based on a good faith belief that such disclosure is necessary to comply with or conform to the law or that such disclosure is necessary to protect the users (our clients) of our services, their websites and/or businesses, or the public.

DealerX will not sell or share the personal information of consumers if we or the business (our client) have actual knowledge that the consumer is less than 16 years of age, unless the consumer, in the case of consumers at least 13 years of age and less than 16 years of age, or the consumer’s parent or guardian, in the case of consumers who are less than 13 years of age, has affirmatively authorized the sale or sharing of the consumer’s personal information.

With Consent:

Other than as set forth in this Privacy Policy, consumers will be notified when any personally-identifiable information about them may be shared with third parties (outside of the data usage and privacy policies disclosed herein), and the consumer has the right to decline the sharing of that information at any time.

Use of Cookies:

DealerX may use a browser feature known as a “cookie.” Cookies are small files placed on a consumer’s computer that assist us in providing consumers with tailored ads, and customized browsing experiences. DealerX uses cookies to provide consumers with the convenience of tailored ads tied to specific browsing behavior, attribution and related data analytic processes. Cookies are also utilized to help us better provide consumers with information targeted by interests, based upon a consumers prior browsing across websites which have our pixel placed, sell ad placements against our 1st party audience or on our client’s website(s). The “help” section of the toolbar on most browsers will inform consumers on how to prevent a browser from accepting new cookies, how to have the browser notify a consumer upon the receipt of a new cookie, or how to disable the use of cookies completely. As our services have been partially designed to take advantage of the use of cookies. Should a consumer configure their browser to decline the use of cookies, certain features of our client’s websites, analytics and tracking may not function correctly for both our client and the consumer.

Use of Location Data:

DealerX and our partners may use location data derived from our client’s website visitors’ browsers, publisher ad placements and apps on a consumer’s mobile device. DealerX website analytics, products and services have been designed to leverage consumer location data to better optimize and personalize the consumers experience with our automotive partners. Consumers can opt-out of their location data being captured, collected and analyzed by generally limiting data sharing capabilities of the apps on their mobile device, along with disabling or opting out of location based web browsing data collection here. When consumers configure their mobile devices and web browsers to decline the collection of location data, they may limit important functions or features of DealerX’s products and services. This may cause suboptimal advertising performance and potentially denigrate our ability to provide the consumer with a personalized experience. DealerX treats location data as PII, whether implicit or implied, as such DealerX will act in compliance with all known laws and regulations while following CCPA | CPRA not just in the state of California, but as a framework for all DealerX’s privacy compliance.

Accessing Our Services from Outside of the United States:

If you are a prospective client looking to leverage DealerX services for a business whose location is outside of the U.S., there may be laws, ordinances and regulations which dramatically affect the performance or even preclude the use of our offerings (e.g. GDPR). Please consult with your DealerX representative before contemplating any engagement if your business is located outside the U.S.

External Links, Brand Compliance and Whitelist:

Our advertisements are placed on various publisher websites. DealerX is not responsible for the privacy practices or the content of such websites. To help ensure the protection of a consumer’s privacy, we recommend that you the client review the privacy policy and related content to comply with your business’s brand safety requirements of any site we provide in our whitelist where we may serve ads on your behalf.

Passwords:

Client – The personal data record created through your registration with our platform can only be accessed with the unique password associated to that record. To protect the integrity of the information collected on behalf of your account, you should not disclose or otherwise reveal your password to anyone, and your username or password is NOT permitted to be shared with any third parties whether you have contracted with them for a similar service or otherwise.


DealerX’s Privacy and Data Integrity Policies provide foundational framework for our business decisions and data solutions.

Our focus is to support the auto buying process for the automotive industry and the consumer by, in most cases, blindly aggregating and analyzing billions of anonymous shopping sessions to better understand changes in consumer trends and demands. Thus improving the consumer shopping experience, reducing waste at all levels of the advertising ecosystem, and ultimately providing the right vehicle at the client’s advertised cost to the consumer. DealerX provides these benefits while protecting the rights of all consumers and data owners.

Overview of DealerX Data Collection

DealerX is a comprehensive aggregator of data relating to automotive shopping behavior.

Among other placements defined extensively herein, we collect data from our clients websites using our data collection script. We collect all website session activity, and maintain upon capturing a consumer’s personally identifiable information entered into a form field such as name, phone, email, or when a consumer arrives at a website through a link containing a unique identifier.

A consumer’s personally identifiable information is made available only to DealerX and their affiliates, the website owner (our client) where the consumer disclosed the information, and those third parties designated by the website owner (our client). We do from time to time collect Personally Identifiable Information (PIII) from our clients website and CRM through the use of our pixel/tracking scripts as part of a DealerX provided products and services or CRM data.

Shopping activity is aggregated to produce an individual holistic shopping profile, and aggregated with all shopping activity data to power information solutions such as industry trends, consumer demand analysis and platform performance measurements.

Data Collected

Data collected by DealerX includes interactions with the website where our data collection scripts are present. Examples of the types of data we collect include:

  • Links clicked
  • Pages viewed
  • Form field selections (NO CREDIT APPS)
  • Videos Played
  • Content Interacted with
  • Precise Location – Except in California or where prohibited by law.
  • Mobile device identifiers, CTV Hashes, Email Hashes
  • Profitability Score – Which is an anonymized aggregated Credit Range Scores

We collect all website session activity, and often capture personally identifiable information entered into the form fields such as name, phone, email, and when a consumer arrives at a website through a link containing a unique identifier or through the client’s CRM.

We do NOT collect Social security numbers, credit card numbers and passwords or data outside of the United States.

As described briefly above, personally identifiable information may also be introduced into the DealerX system through CRM record set imports. These record sets are typically exported from our customer via their lead database (CRM), and include the following consumer information disclosed to a business/dealership/website owner:

  • First and last name and/or unique identifier
  • Phone numbers
  • Email addresses
  • Mailing Address
Information collection, sources, uses and sharing

During the past 12 months, we have collected the following categories of personal information from the listed sources, used it for the listed business purposes and shared it with the listed categories of third parties. The categories of information include information we collect from our Site visitors, registered users, vendors, suppliers and any other person that interacts with us either online or offline. Not all information is collected about all individuals.

Category of information collected Source Business purposes* for use Categories of third parties receiving information
Identifiers (name, alias, postal address, email address, phone number, account name, unique personal identifier, IP address) Individuals submitting information to us.

Information we automatically collect from Site visitors.

Information we may receive from third-party marketing and data partners.
Performing services for you.

Advertising customization.

Auditing relating to transactions.

Internal research and development.

Security detection, protection and enforcement.

Functionality debugging, error and repair.

Quality control.
Service providers (such as Electronic Payment Processors, Subscriber Management Partners, Authentication Platform Partners, Customer Data Platform Partners, Email Service Providers, Advertising Platform Partners).

Affiliated companies.

Government regulators upon official request.

Law enforcement upon official request.

Strategically aligned businesses.
Sensitive Information (credit range score, name and select financial information) Credit bureau provided information. Internal research and development.

Security & ad fraud detection.

Functionality debugging, error and repair.

Quality control.
Affiliated companies.

Government regulators upon official request.

Law enforcement upon official request.

Strategically aligned businesses.
Protected classification information (race, gender, ethnicity, religion) Individuals submitting information to us.

Aggregated anonymous information we may receive from third-party marketing and data partners.
Performing services for you.

Anonymized advertising category customization.

Auditing relating to transactions.

Internal research and development.

Security detection, protection and enforcement.

Functionality debugging, error and repair.

Quality control.
Service providers (such as Electronic Payment Processors, Subscriber Management Partners, Customer Data Platform Partners, Advertising Platform Partners).

Affiliated companies.

Government regulators upon official request.

Law enforcement upon official request.

Strategically aligned businesses.
Commercial information (transaction history, products/services purchased, obtained or considered, product preference) Individuals submitting information to us.

Information we automatically collect from Site visitors.

Information we may receive from third-party marketing and data partners.
Performing services for you.

Advertising customization.

Auditing relating to transactions.

Internal research and development.

Security detection, protection and enforcement.

Functionality debugging, error and repair.

Quality control.
Service providers (such as Electronic Payment Processors, Subscriber Management Partners, Customer Data Platform Partners, Email Service Providers, Advertising Platform Partners).

Affiliated companies.

Government regulators upon official request.

Law enforcement upon official request.

Strategically aligned businesses.
Electronic network activity (browsing or search history, Site interactions, advertisement interactions) Individuals submitting information to us.

Information we automatically collect from Site visitors.

Information we may receive from third-party marketing and data partners.
Performing services for you.

Advertising customization.

Auditing relating to transactions.

Internal research and development.

Security detection, protection and enforcement.

Functionality debugging, error and repair.

Quality control.
Service providers (such as Electronic Payment Processors, Authentication Platform Partners, Subscriber Management Partners, Customer Data Platform Partners, Email Service Providers, Advertising Platform Partners).

Affiliated companies.

Government regulators upon official request.

Law enforcement upon official request.

Strategically aligned businesses.
Audio, video or similar information (customer service calls, security monitoring, user submitted media) Individuals submitting information to us.

Information we automatically collect from Site visitors.

Information we may receive from third-party marketing and data partners.
Performing services for you.

Advertising customization.

Auditing relating to transactions.

Internal research and development.

Security detection, protection and enforcement.

Functionality debugging, error and repair.

Quality control.
Service providers (such as Electronic Payment Processors, Subscriber Management Partners, Customer Data Platform Partners, Email Service Providers, Advertising Platform Partners).

Affiliated companies.

Government regulators upon official request.

Law enforcement upon official request.

Strategically aligned businesses.
Geolocation (Not Collected in California) Individuals submitting information to us.

Information we automatically collect from Site visitors.

Information we may receive from third-party marketing and data partners.
Performing services for you.

Advertising customization.

Auditing relating to transactions.

Internal research and development.

Security detection, protection and enforcement.

Functionality debugging, error and repair.

Quality control.
Service providers (such as Subscriber Management Partners, Authentication Platform Partners, Customer Data Platform Partners, Email Service Providers, Advertising Platform Partners).

Affiliated companies.

Government regulators upon official request.

Law enforcement upon official request.

Strategically aligned businesses.
Inference from the above (preferences, characteristics, behavior, attitudes, abilities, etc.) Internal analytics. Performing services for you.

Advertising customization.

Auditing relating to transactions.

Internal research and development.

Security detection, protection and enforcement.

Functionality debugging, error and repair.

Quality control.
Service providers (such as Electronic Payment Processors, Subscriber Management Partners, Customer Data Platform Partners, Email Service Providers, Advertising Platform Partners).

Affiliated companies.

Government regulators upon official request.

Law enforcement upon official request.

Strategically aligned businesses.

Business purposes also include:

1. Advertising customization

  • To offer our Service to you in a personalized way;
  • To send you personalized marketing communications, in order to keep you informed of our and our selected partner’s’ products and services, which we consider may be of interest to you;
  • To provide you, or allow selected third parties to provide you, with information about products or services, that may be of interest to you;
  • To create services that may meet your needs.

2. Auditing relating to transactions; internal research and development

  • To administer our Site for internal business administration and operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • To provide for internal business administration and operations, including troubleshooting, website customization, enhancement or development, testing, research, administration and operation of our Sites and data analytics;
  • To develop and improve our Service, for example, by reviewing visits to the website and various subpages; and
  • To measure performance of marketing initiatives, ads, and websites “powered by” another company on our behalf.

3. Security detection, protection and enforcement; functionality debugging, error repair.

  • To resolve any disputes and to protect, enforce or defend our rights;
  • As part of our efforts to keep our Site safe and secure; and
  • To ensure the security of your account and our business, preventing or detecting fraud, malicious activity or abuses of our Site, for example, by requesting verification information in order to reset your account password (if applicable).

4. Quality control.

  • To monitor quality control and ensure compliance with any and all applicable laws, regulations, codes and ordinances, for example, in response to a request from a court or regulatory body, where such request is made in accordance with the law.
Data Maintained

DealerX manages all data collected under a comprehensive information security program. Personally identifiable information is limited to those employees/contractors with a need to access basis, and specific protocols are defined for the access, use and transfer of this data. Most data transfers, storage are done so using SHA256 Encrypted email hashes.

Data Usage

If disclosed, a consumer’s personally identifiable information such as name, phone, email or other unique identifiers is only made available to DealerX and closely held affiliates, designated 3rd parties and the contracting business/dealership client who may share this information with other designated third parties related to the original intended and defined use.

You can inquire here for a continually updated list of “data processors” DealerX works with.

Behavioral and location data is used to create a profile of a consumer’s shopping, vehicle(s) of interest and related shopping preferences. Coupled with millions of data points, profiles contain how long a consumer has been shopping and what they’re most likely to purchase.

An individual’s behavioral and location data is also aggregated with shopping activity data from all consumer behavior collected, to power information solutions such as industry trends, consumer demand analysis and platform performance measurements. This data is summarized in a “household” of which PII is encrypted in the form of SHA256 email key. This SHA256 email hashed is used as a “key” to the client to unlock the matching SHA256 into a clear email address in their own database.

Request Your Consumer File

You can request a copy of your consumer file by calling 844.446.4440 ext 3 or filling out this form

Revised 11/1/2022