Revised on September 15, 2022
General Privacy Policy
This General Privacy Policy (“Privacy Policy”) is being provided on behalf of the Orange County Automobile Dealers Association, hereinafter collectively referred to as “OCADA”, “we,” “us” or “our”. This Privacy Policy applies to the online collection of personal information by OCADA on the ocada.org website. By using our website and services you acknowledge you have read and understand the terms and conditions of this Privacy Policy.
PLEASE NOTE THE ARBITRATION PROVISION SET FORTH BELOW, WHICH MAY, EXCEPT WHERE AND TO THE EXTENT PROHIBITED BY LAW, REQUIRE YOU TO ARBITRATE ANY CLAIMS YOU MAY HAVE AGAINST COMPLYAUTO ON AN INDIVIDUAL BASIS. ARBITRATION ON AN INDIVIDUAL BASIS MEANS THAT YOU WILL NOT HAVE, AND YOU WAIVE, THE RIGHT FOR A JUDGE OR JURY TO DECIDE YOUR CLAIMS, AND THAT YOU MAY NOT PROCEED IN A CLASS OR CONSOLIDATED CAPACITY.
This Privacy Policy describes our overall privacy practices for the website. Please note that in the event we amend the Privacy Policy, posting the amended version will serve as notice to you of that change and the policy will note its effective date.
Non-identifying Information Collection
Some information collected is non-identifying. For example, although our website servers collect information about a user’s internet protocol address, our server is not able to automatically associate that information with a particular user. We may collect non-identifying information associated with that address, such as the time and date of a visit, the originating domain name, the browser type, and the particular pages or products viewed on the website. We work with analytics companies to help us understand how our websites are being used, by how many users, for how long, and how frequently. Using analytics, we receive counts of the screens and features of our website that are used, the countries from which they are used, device language settings, demographics and interests information, including the types of devices, operating systems, browsers, carriers, IP addresses and wireless connections our users are using.
Cookies
The website may utilize a “cookie.” A “cookie” is a small text file that a website can place on your computer’s hard drive or on your mobile device’s memory in order to collect information about your activities on our website. Most browsers automatically accept cookies, but you have the option to change your browser to decline them. We use cookies on certain areas of our website, but these cookies are not used to identify anonymous website visitors. Our cookies enable you to proceed smoothly through our website and enable us to know whether you’ve used our website before to eliminate some steps that are directed to new visitors. Similarly, a cookie may be placed by our third-party advertising companies. Image tags work in conjunction with cookies. An image tag, also referred to as a clear GIF or web beacon, is a small image file that may be located on select areas of our website. We also use cookies to compile information on our users’ interaction with our website. We use this information to serve ads to you off of our website. There are several ways to manage cookies. You can control the use of cookies at the browser level, by instructing your browser to accept cookies, disable cookies or notify you when receiving a new cookie. Please note that if you reject cookies, you may still use our website, but your ability to use some features or areas of our website may be limited. The Network Advertising Initiative also offers a means to opt-out of a number of advertising cookies. Please visit https://www.networkadvertising.org to learn more. Note that opting-out does not mean you will no longer receive online advertising. It does mean that the company or companies from which you opted-out will no longer deliver ads tailored to your preferences and usage patterns.
Third Party Websites
With respect to unrelated, third party websites, such as third party online retailers, advertisers, or unrelated sites that we may happen to link to, or websites that link to our website, those third parties may collect personal information directly from you. The information policies and practices of these unrelated parties are not covered by this privacy policy. We do not control the privacy policies of third parties even if we may provide hyperlinks or other access to their websites. We are not responsible or liable for their independent policies and practices. Please review their privacy policies and practices. It is your responsibility to review them and decide if you are satisfied with their protections.
How We Respond to Do Not Track Signals
Some browsers have a “do not track” feature that lets you tell websites that you do not want to have your online activities tracked. These features are not yet uniform, so we are not currently set up to respond to those signals. However, we block most third party cookies unless you press “Accept” on the cookie banner that loads upon visiting our website.
Security
We take commercially reasonable steps to protect the information we collect online. However, as effective as these measures are, no security system is impenetrable. We do not provide an absolute guarantee of the security of our information databases, nor do we guarantee that the information you may choose to supply will not be intercepted while you transmit it from your computer, over the internet, or along other third party networks, and to our systems. By continuing to use or access our website or providing personal information to us, you agree that we can communicate with you electronically regarding security, privacy and administrative issues relating to your use of the Services. We may post a notice via our website if a security breach occurs. We may also send an email to you at the email address you have provided to us in these circumstances. Depending on where you live, you may have a legal right to receive notice of a security breach in writing.
Third Party Analytic Companies
We work with analytics companies to help us understand how our websites are being used, by how many users, for how long, and how frequently. Using analytics, we receive counts of the screens and features of our website that are used, the countries from which they are used, device language settings, demographics and interests information, including the types of devices, operating systems, browsers, carriers, IP addresses and wireless connections our users are using. We may use third-party advertising companies to measure the effectiveness of ads on our website. They may use this anonymous information about your visits to this and other sites in order to provide advertisements about goods and services of potential interest to you. The information is anonymous and does not link online actions to an identifiable person. At this time, we have contracted with companies like Google Analytics to collect information about how users navigate our website.
Collection and Use of Information from Children
Our website and services are not intended for children. We do not knowingly collect personal information from children, and none of our services are designed to attract children. In the event that we learn or are notified that a person under the age of 13 has provided personal information to us, we will delete such personal information as soon as possible.
Dispute Resolution and Agreement to Arbitrate
Except where and to the extent prohibited by law, by continuing to use and access our website, you and OCADA agree that, if there is any controversy, claim, action, or dispute arising out of or related to your use of the Services or the breach, enforcement, interpretation, or validity of this Policy or any part of it (“Dispute”), both parties shall first try in good faith to settle such Dispute by providing written notice to the other party describing the facts and circumstances of the Dispute and allowing the receiving party thirty (30) days in which to respond to or settle the Dispute. Notice shall be sent to: 3737 Birch Street, Ste. 220, Newport Beach, CA 92660, or to you at the address we have on file for you. Both you and OCADA agree that this dispute resolution procedure is a condition precedent that must be satisfied before initiating any litigation or filing any claim against the other party. IF ANY DISPUTE CANNOT BE RESOLVED BY THE ABOVE DISPUTE RESOLUTION PROCEDURE, YOU AGREE THAT THE SOLE AND EXCLUSIVE JURISDICTION FOR SUCH DISPUTE WILL BE DECIDED BY BINDING ARBITRATION ON AN INDIVIDUAL BASIS. ARBITRATION ON AN INDIVIDUAL BASIS MEANS THAT YOU WILL NOT HAVE, AND YOU WAIVE THE RIGHT FOR A JUDGE OR JURY TO DECIDE YOUR CLAIMS, AND THAT YOU MAY NOT PROCEED IN A CLASS OR CONSOLIDATED CAPACITY. Other rights that you and we would otherwise have in court will not be available, or will be more limited in arbitration, including discovery and appeal rights. All such disputes shall be exclusively submitted before an arbitrator to be mutually agreed upon by both parties. The arbitrator, and not any federal, state, or local court or agency, shall have exclusive authority to resolve any dispute arising under or relating to the interpretation, applicability, enforceability, or formation of this Privacy Policy, including any claim that all or any part of this Privacy Policy is void or voidable.
Choice of Law
This Privacy Policy has been made in and shall be construed in accordance with the laws of the State of California, without giving effect to any conflict of law principles. Any disputes or claims not subject to the arbitration provision discussed above shall be resolved by a court located in the State of California and you agree and submit to the exercise of personal jurisdiction of such courts for the purpose of litigating any such claim or action.
Contact Us
If you have any questions or concerns about our privacy policies and practices, please email info@ocada.org or our toll-free number at (949)-428-5050.
California “Shine the Light” Disclosure
Section 1798.83 of the California Civil Code requires select businesses to disclose policies relating to the sharing of certain categories of customers’ personal information with third-parties. These businesses are required to accept such requests from customers but are only required to honor one request per calendar year. Businesses have thirty (30) days to respond to each inquiry. Each inquiring customer will receive an explanation of the categories of customer information shared and the names and addresses of the third-party businesses. In limited circumstances, customers’ failure to submit requests in the manner specified will not require a response from the business.
If you are a current OCADA customer in California, you may request such information from OCADA by sending a written correspondence noting your name, address, and email address. You must also include a request that OCADA provide such information to you using the following or similar verbiage. “I request that OCADA provide its third-party information sharing disclosures required by section 1798.83 of the California Civil Code.” This request may be made by email by sending the above information to info@ocada.org.
California Notice of Collection
The purpose of this Notice of Collection is to provide consumers with information about the categories of personal information that our business collects about them and the purposes for which the personal information will be used.
We collect the following categories of “personal information”, as defined in the CCPA, relating to California residents:
● Identifiers such as real name, postal address, IP address, email address, cookies, pixel tags, and similar identifiers.
● Customer records as defined under California Civil Code Section 1798.80(e), such as digital and electronic signatures, telephone numbers, credit and debit card numbers, financial and credit-related information, and bank account numbers.
● Commercial information such as products and services purchased, obtained or considered or other purchasing or consuming histories or tendencies.
● Internet or other electronic network activity information, such as interactions with our websites, applications, and advertisements.
● Audio, video, visual and electronic information such as photographs, recorded calls and voicemails.
● Professional or employment-related information such as job title, occupation, company or business name, and employment history information.
We use the categories of personal information listed above for one or more of the following “business purposes” listed in the CCPA:
● Fraud & Identity Theft Prevention – to detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, and to prosecute those responsible for that activity.
● Customer Service – to provide customer service, maintain and service products and accounts, provide training for quality assurance purposes, and perform similar activities.
● Advertising & Marketing – to send advertisements and marketing material via physical and electronic mail relating to product specials and other promotional events or offers, perform marketing research and data analytics, and perform similar activities.
● Processing Transactions – to process or fulfill orders and transactions, verify customer information, process payments, and perform similar activities.
● Counting Ad Impressions – to audit interactions with our websites, applications, or advertisements, count ad impressions to unique visitors, verify position and quality of ad impressions, and perform similar activities.
● Short-Term Contextual Advertising – to provide contextual customization of ads shown as part of an interaction with our website or application, such as through the use of “first-party” or “session” cookies.
California Privacy Policy
The purpose of this California Privacy Policy is to provide consumers with a comprehensive description of our business’s online and offline practices regarding the collection, use, disclosure, and sale of personal information and of the rights of consumers regarding their personal information.
The tables below describe how we collect, use, and disclose California consumers’ personal information. Please note that because the categories of personal information collected and shared largely depends on how a consumer has interacted with our business, not all of the items listed in the tables below will be relevant to you.
Categories of Personal Information We Collect
Categories of Personal Information Collected in the preceding 12 months
Categories of Sources from which the Personal Information is Collected
Business or Commercial Purposes for which the Personal Information was Collected or Sold
Identifiers such as real name, postal address, IP address, email address, cookies, pixel tags, and similar identifiers.
Customer records as defined under California Civil Code Section 1798.80(e), such as digital and electronic signatures, telephone numbers, credit and debit card numbers, and bank account numbers.
Commercial information such as vehicles, products, services, and repairs purchased, obtained or considered, personal property records (e.g., vehicle titles and registration cards), or other purchasing or consuming histories or tendencies.
Internet or other electronic network activity information, such as interactions with our websites, applications, and advertisements.
Audio, video, visual, and electronic information such as recorded video or conference calls and voicemails.
Professional or employment-related information such as job title, occupation, company or business name.
Protected Classes under California or federal law, such as gender, age, and veteran status.
Advertising Networks & Agencies such as digital advertising companies and other marketing firms.
Advertising Networks and Agencies such as digital advertising companies and other marketing firms.
Directly from Consumers through our website forms and via in-person applications, forms and contracts.
Social Media Networks such as Facebook, Instagram, and other platforms
Insurance Companies that provide us with information relating to vehicle collisions, auto accidents, and other claims pertaining to the auto show.
Advertising and Marketing to send advertisements and marketing material via physical and electronic mail relating to product specials and other promotional events or offers, perform marketing research and data analytics, and perform similar activities
Claims & Benefits Administration to process claims, administer benefits, and conduct employee drug tests in accordance with applicable laws
Customer Service to provide customer service, maintain and service products and accounts, provide training for quality assurance purposes, and perform similar activities
Employee & Emergency Contact Communications to communicate with our employees or individuals listed as an employee’s emergency contact
Public Health and Safety to conduct screening or temperature checks for COVID-19 symptoms or similar screening activities related to public health and safety
Fraud & Identity Theft Prevention – to detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, and to prosecute those responsible for that activity.
Customer Service – to provide customer service, maintain and service products and accounts, provide training for quality assurance purposes, and perform similar activities.
Advertising & Marketing – to send advertisements and marketing material via physical and electronic mail relating to product specials and other promotional events or offers, perform marketing research and data analytics, and perform similar activities.
Processing Transactions – to process or fulfill orders and transactions, verify customer information, process payments, and perform similar activities.
Counting Ad Impressions – to audit interactions with our websites, applications, or advertisements, count ad impressions to unique visitors, verify position and quality of ad impressions, and perform similar activities.
Short-Term Contextual Advertising – to provide contextual customization of ads shown as part of an interaction with our website or application, such as through the use of “first-party” or “session” cookies.
Disclosure of Personal Information to Third Parties
Categories of Personal Information Disclosed for a Business Purpose or Sold to Third Parties in the Preceding 12 months
Categories of Third Parties to Whom the Information was Disclosed or Sold
Identifiers such as real name, postal address, IP address, email address, cookies, pixel tags, and similar identifiers.
Attorneys & Law Firms, Social Media Networks, Repair & Sublet Facilities, Software Vendors, Payment Processors, Financial Institutions, Insurance Agencies & Brokers, Advertising Networks & Marketing Agencies, Data Brokers & Analytics Providers
Customer records as defined under California Civil Code Section 1798.80(e), such as digital and electronic signatures, telephone numbers, credit and debit card numbers, and bank account numbers.
Attorneys & Law Firms, Software Vendors, Payment Processors, Financial Institutions, Insurance Agencies & Brokers, Advertising Networks & Marketing Agencies, Data Brokers & Analytics Providers
Commercial information such as vehicles, products, services, and repairs purchased, obtained or considered, personal property records (e.g., vehicle titles and registration cards), or other purchasing or consuming histories or tendencies.
Attorneys & Law Firms, Software Vendors, Payment Processors, Financial Institutions, Insurance Agencies & Brokers, Advertising Networks & Marketing Agencies, Data Brokers & Analytics Providers
Internet or other electronic network activity information, such as interactions with our websites, applications, and advertisements.
Social Media Networks, Software Vendors, Advertising Networks & Marketing Agencies, Data Brokers & Analytics Providers
Audio, video, visual, and electronic information such as recorded video or conference calls and voicemails
Attorneys & Law Firms, Software Vendors
Professional or employment-related information such as job title, occupation, company or business name.
Attorneys & Law Firms, Software Vendors, Credit Reporting Agencies, Government Entities, Financial Institutions, Insurance Agencies & Brokers
Protected Classes under California or federal law, such as gender, age, and veteran status
Attorneys & Law Firms, Software Vendors, Government Entities, Financial Institutions, Insurance Agencies & Brokers
Your Rights Under the CCPA
Right to Know About Personal Information Collected, Disclosed, or Sold
Under the CCPA, you have a right to request that we disclose the categories of personal information we have collected, used, disclosed, and sold. We call this a “categories” request. You also have the right to request that we disclose the specific pieces of personal information that we have collected about you, which we call a “specific pieces” request. These are referred to collectively as “Right to Know” requests under the CCPA.Right to Request Deletion of Personal Information
You also have a right to delete the personal information we’ve collected about you. The “Right to Delete” is subject to several legal exceptions, such as when we are required by another state or federal law to retain your information.Right to Opt-Out of the Sale of Information
The CCPA provides consumers with the right to opt-out of the sale of their personal information. The CCPA defines a “sale” as disclosing or making available to a third-party personal information in exchange for monetary or other valuable consideration.
While we do not sell personal information for monetary value, we may disclose personal information to third parties, such as vehicle manufacturers, in such a way that may be considered a “sale” of personal information under the CCPA. To direct us to stop the sale of your personal information, send us an email at info@ocada.org with the subject line “CCPA Opt-Out Request.”
We do not sell personal information of minors who we know are under 16 years of age.Right to Non-Discrimination for the Exercise of Your CCPA Rights
You have a right not to receive discriminatory treatment for the exercise of the privacy rights conferred by the CCPA.
Verification of Right to Know and Deletion Requests
To protect against fraud, identity theft, and the unauthorized disclosure or deletion of personal information, we require that consumers submitting requests under the CCPA first verify their identity. This may include a combination of SMS (text message) verification, email verification, and one or more questions regarding the consumer’s particular interaction or transaction with our dealership. If the consumer fails to verify their request via these methods, or the information provided by the consumer otherwise does not match our existing records, we will deny the request.
How to Submit a CCPA Request
To submit a Right to Know, Delete, Opt-Out, or Opt-In request, send us an email at info@ocada.org with the subject line “CCPA Request,” or call our toll free number at (949) 428-5050.
Authorized Agents
A consumer may designate an authorized agent to make a request under the CCPA on the consumer’s behalf. If a consumer wishes to authorize another person to act as an authorized agent on the consumer’s behalf, the consumer must provide the authorized agent permission to do so.
To help prevent fraudulent requests, we reserve the right to deny a request from an agent that does not submit proof that he or she has been authorized by the consumer to act on the consumer’s behalf. As proof that the agent has been duly authorized by the consumer to submit a CCPA request, the agent will be required to upload either (1) power of attorney signed by consumer, or (2) other signed permission from the consumer. Pursuant to California Probate Code Sections 4300 to 4310, if an agent provides power of attorney signed by the consumer (“principal”) that purports to give the agent authorization to submit the request on the principal’s behalf, we may require that the agent provide information reasonably necessary or appropriate to identify the agent and principal and to facilitate the request. This includes, but is not limited to, identification of the agent and principal and the current and permanent residence addresses of the principal. If the agent provides some other signed permission from the consumer, we may require that the consumer (1) verify their identity directly with us through a combination of SMS (text message) verification, email verification, and one or more questions regarding the consumer’s particular interaction or transaction with our dealership and (2) confirm that he or she provided the authorized agent permission to submit the request.
Contact Us
For questions or concerns about our California Privacy Policy or Notice of Collection, please contact us by email at info@ocada.org or our toll-free number at (949) 428-5050.