Vision-Dealer-Solutions-PNG-LogoVision-Dealer-Solutions-PNG-LogoVision-Dealer-Solutions-PNG-LogoVision-Dealer-Solutions-PNG-Logo
  • Our Products
  • Our Story
  • What’s New?
  • For Dealers
  • For Agents
  • For Providers
  • For Partners
  • Login
  • Request Demo
✕

Vision Dealer Solutions’ Compliance Summary for FTC GLBA Safeguards Rule

The GLBA Safeguards Rule Update requires the implementation of safeguards to ensure the security and confidentiality of nonpublic personal information (NPI).

Dealers must comply with the Safeguards Rule and should oversee their service providers to ensure the safety of customer data. As a service provider and to support compliance with the Rule, Vision Dealer Solutions DBA (VisionMenu, Inc.) has implemented administrative, technical, and physical safeguards as a part of our comprehensive Information Technology (IT) Security program.

Multi-Factor Authentication (MFA) – To coincide with the extended deadline provided by the FTC, MFA will be enabled for all Dealer accounts on 6/09/2023.  Once implemented, you will be able to trust your device for 30 days after initial authentication. Dealers will have the option to modify the device trust settings period to a shorter/longer timeframe that meets their needs.  If you would like MFA enabled sooner than 6/09/2023, please contact support@visionmenu.com and we will be happy to enable this for you.

See below for safeguards and controls pertaining to customer information.

Customer Information

GLBA Safeguards Rule (16 C.F.R. § 314.2) definition of “Customer Information”
“Customer Information” is defined as any nonpublic personal information collected by Dealer about its customers.

Safeguards and Controls
As per our Software License Agreement, we have written contractual statements addressing compliance with all Safeguards rules pertaining to NPI. See below from section 9 of our SLA:

“NON-PUBLIC PERSONAL INFORMATION. Licensee acknowledges that the sharing of non-public personal information, as defined by the Graham-Leach-Bliley Act, 16 CFR § 314 (the “Act”), poses certain notice requirements to consumers. If Licensee is subject to the Act, 4 it must provide notice to Licensor and identify any non-public personal information, as defined in the Act, that Licensee may from time to time deliver to Licensor. Licensor acknowledges that, from time to time, it may aggregate and store data from Licensee’s customers. Licensor warrants that Licensor does not disclose non-public personal information to third parties. In addition, Licensor represents to Licensee that Licensor presently maintains, and will continue to maintain and periodically test, the efficiency of security programs and measures designed to protect against the disclosure of non-public personal information of consumers. In addition, if Licensee shares nonpublic personal information of consumers with Licensor, Licensor agrees to use its best efforts to comply with the requirements of the Act, and Regulation P of the Health Insurance Portability and Accountability Act of 1996 (42 USC § 1320(d) through 1320(d)(8) (“Regulation P”) and will: (i) use its best efforts to keep confidential all non-public personal information received from Licensee in accordance with the requirements of the Act and Regulation P; (ii) use its best efforts to establish and maintain procedural safeguards to comply with the Act and Regulation P, if applicable; (iii) notify Licensee in the event of an unauthorized use or disclosure of non-public personal information that is caused by Licensor; (iv) return to Licensor any non-public personal information received by Licensor upon the written request of Licensee or destroy any such nonpublic personal information identified or requested by Licensee; and (v) maintain and periodically test all security programs and measures to help ensure that non-public personal information remains confidential in accordance with the Act.”

Vision Dealer Solutions DBA (VisionMenu, Inc.) will maintain Customer Information only for as long as necessary to provide services to active dealers.

Vision Dealer Solutions DBA (VisionMenu, Inc.) will delete all Customer Information related to Dealer on the 1st day after the 1st full month after termination of services.

Vision Dealer Solutions DBA (VisionMenu, Inc.) maintains compliance with, all local, state, and federal legal requirements regarding the required administrative, technical, and physical safeguards under those laws, and all applicable and appropriate industry standards with respect to the privacy and security of the Customer Information that it maintains, processes, obtains, or otherwise has access to

Vision Dealer Solutions DBA (VisionMenu, Inc.) will protect and secure any Customer Information that it maintains, processes, obtains, or otherwise has access to as required under all applicable local, state, and federal privacy data and security laws and regulations.

Risk Assessments

As a part of its Safeguard’s program, Vision Dealer Solutions DBA (VisionMenu, Inc.) will perform an annual risk assessment. This risk assessment will identify reasonably foreseeable internal and external risks that could result in the unauthorized disclosure, misuse, alteration, destruction or other compromise of customer information. It will also assess the sufficiency of any safeguards in place to control those risks.

Share

Related posts

Geiranger fjord and camper car drive eagle road, Norway. Travel in motor home.

December 27, 2023

Vision Dealer Solutions Enhances F&I Capabilities with EasyCare RV Integration


Read more
Press Release Nov 2023 - RouteOne and Vision Dealer Solutions
December 8, 2023

RouteOne and Vision Dealer Solutions go Digital, Integrating to Share & eSign Forms


Read more
September 13, 2023

Vision Dealer Solutions – SOC 2 Type 2 Compliant


Read more

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Search

✕

In The News

  • Vision Dealer Solution’s vSignature Product now integrated with CDK Fortellis Digital Deal Jacket December 18, 2024
  • Vision Dealer Solutions Enhances F&I Capabilities with EasyCare RV Integration December 27, 2023
  • RouteOne and Vision Dealer Solutions go Digital, Integrating to Share & eSign Forms December 8, 2023
  • Vision Dealer Solutions – SOC 2 Type 2 Compliant September 13, 2023
  • Vision Dealer Solutions’ Compliance Summary for FTC GLBA Safeguards Rule October 20, 2022

Connect with us on Social Media!

Contact Us
  • 9921 Dupont Circle Drive, Suite 350, Fort Wayne, Indiana, 46825
  • 1(800)413-9902
  • support@visionmenu.com
  • sales@visionmenu.com

Connect with us on Social Media!

Contact Sales

"*" indicates required fields

This field is hidden when viewing the form
Consent
Copyright Vision Dealer Solutions - All Rights Reserved
    Schedule a Demo

    "*" indicates required fields

    This field is hidden when viewing the form
    Consent
    Schedule a Demo

    "*" indicates required fields

    This field is hidden when viewing the form
    Consent