DATA SECURITY FAQS

Updated: April 2023

WHO WE ARE – Our company, Data Driven Holdings (DDH) is dedicated to serving the automotive industry. Through our industry-leading brands – Team Velocity®, Tier10®, SocialDealer®, Advid®, OfferLogix® and Qualified Customer – we deliver data-driven technology that powers intelligent advertising across all advertising mediums – websites, direct mail, email, search, social – offering our clients, primarily dealerships and automotive manufacturers, the most advanced sales and service marketing solutions in the business.

OUR APPROACH TO SECURITY – We have implemented cybersecurity policies and procedures across our organization, based on industry best practices and regulatory requirements, to protect the security of our network systems and customer data. Our security measures include hosting data in the SOC 2 certified Google Cloud, deploying firewall and security protocols across our network, encrypting sensitive data, limiting user access, requiring multifactor authentication, and securing our facilities. We regularly monitor our systems, conduct independent third party audits and penetration testing, and require annual security training for all employees.

OUR APPROACH TO CUSTOMER DATA – We use customer data for the sole purpose of providing services to our clients. We do not sell client or customer data and cease using and promptly and securely remove it from our systems upon client request or conclusion of our business relationship.

OUR APPROACH TO PRIVACY – We are committed to protecting the privacy and ensuring the responsible use of our clients’ customer information. We have implemented policies and procedures to comply with federal and state privacy laws, (including those of California, Virginia and Colorado). To learn more, see our Privacy Policy, located at the bottom of each of our brand websites.

OUR APPROACH TO LEGAL COMPLIANCE – We closely monitor federal and state legal and regulatory developments that affect our industry, including with respect to privacy, consumer protection and accessibility. We comply with all applicable federal and state laws, including the updated FTC Safeguards Rule, GLBA, TCPA, all state privacy laws, and the American with Disabilities Act (ADA).

OUR APPROACH TO OEM BRAND COMPLIANCE – Our dedicated, in-house OEM brand compliance team continually monitors all OEM advertising guidelines to ensure that our products and services are fully compliant. The team manages asset pre-approval, implements OEM brand updates, and audits our advertising products and services.

OUR APPROACH TO ACCESSIBILITY – To better ensure our websites meet ADA requirements, we have partnered with AccessiBe, the leading web-accessibility technology. AccessiBe’s AI-powered platform continuously monitors and adjusts sites to ensure compliance with the ADA and WCAG guidelines, while also offering user interface tools to enable consumers to adjust the website to accommodate their particular needs. To learn more, see our Accessibility Statement, located at the bottom of each of our brand websites.

OUR APPROACH TO BUSINESS CONTINUITY – We have developed a detailed business continuity plan to ensure we can respond to cyberattacks and maintain operations during disasters and emergencies. We conduct tabletop exercises with leading security firms to ensure we are prepared in case of an actual event.

OUR INSURANCE – Despite state-of-the-art security protections, data breaches and security incidents can occur. Therefore, we back up our commitments with professional and cybersecurity liability insurance.

OUR SUBCONTRACTORS – We have partnered with industry-leading DMS and data processors/integrators. We contractually require all of our vendors with access to client data to meet all federal and state legal requirements, maintain cyber insurance, and follow industry-leading data security practices. At the same time, we remain liable to our clients for our subcontractors’ actions.

OUR CONTRACTUAL OBLIGATIONS – Our client agreements include a section on Data Safeguards that sets forth our contractual commitments to safeguarding our clients’ and their customers’ data, in accordance with industry standards and applicable laws. Clients may review the Data Safeguards provisions in our Terms & Conditions, which are either attached to their agreement or available online via a link that is included in their agreement.

YOUR DATA; OUR COMMITMENT – No company can guarantee information security with absolute certainty. But at DDH, protecting client information and customer data is at the core of our business philosophy. It informs every decision we make, from how we design our products and services, to how we secure our network systems and data, to how we vet our subcontractors. Our clients entrust us with information about their most precious assets – their customers. We hold that trust sacred.