Privacy Statement

FCA US Privacy Policy

Fiat Chrysler Automobiles, Chrysler® , Dodge® , FIAT® , Jeep® , Ram® , Mopar® , and Alfa Romeo®



Effective Date: January 1, 2020


FCA US LLC (“FCA US,” “we” or “us”) is committed to privacy and transparency in our information practices. This FCA US Privacy Policy (our “Privacy Policy”) explains the privacy and information practices of FCA US, and the rights and choices individuals have regarding their personal information that we collect.

Your use of our Services is subject to our applicable terms of use, including our Terms of Use, and our mobile app End User User License Agreements, the SiriusXM Guardian Terms of Services and Uconnect Terms of Service as applicable (collectively, the “Terms”). These Terms are incorporated by reference into this Privacy Policy. Including their applicable limitations on liability and the resolution of disputes. By disclosing your personal information to us or using our Services, you understand and agree that FCA US may collect, use and disclose your personal information in accordance with this Policy and the Terms. 

OVERVIEW OF OUR COLLECTION AND USE OF PERSONAL INFORMATION
This table provides a summary of the personal information we collect and how we us it, which is further explained in our Privacy Policy below. While the actual information we collect and our use of such personal information varies depending upon the nature of our relationship and interactions, the table below provides a general overview of the categories of personal information we collect and the purposes for which we use such information. In some cases, such as where required by applicable laws, we will obtain your consent prior to collecting certain personal information.
Categories of Personal Information Collected Use of Personal Information
Name, contact information and other identifiers: identifiers such as a real name, alias, address, unique personal identifier, online identifier, VIN, IP address, email address, account name, social security number, drivers license number, passport number, or other similar identifiers. Providing our Services and related support

Safety, recall and warranty

Analyzing and improving our Services

Personalizing content and experiences

Advertising, marketing and promotional purposes

In support of our general business operations

Securing and protecting our assets and rights

Complying with legal obligations



     
Customer records: paper and electronic customer records containing personal information, such as name, signature, physical characteristics or description, address, telephone number, education, current employment, employment history, social security number, passport number, drivers license or state identification card number, insurance policy number, bank account number, credit card number, debit card number, or any other financial or payment information, medical information, or health insurance information.
Protected classifications: characteristics of protected classifications under California or federal law such as race, color, sex, age, religion, national origin, disability, citizenship status, and genetic information.
Commercial information:including records of personal property, products or services purchased, obtained, or considered, or other purchasing or use histories or tendencies.
Internet or other electronic network activity information: including, but not limited to, browsing history, clickstream data, search history, and information regarding a resident’s interaction with an internet website, application, or advertisement, including access logs and other usage data related to your use of any company websites, applications or other online services, as well as the Connected Services.
Geolocation data: precise location information about a particular individual or device.
Employment history:professional or employment-related information.
Education information: education information that is not publicly available personally identifiable information as defined in the federal Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, 34 C.F.R. Part 99).
Inferences and profiles:inferences drawn from personal information to create a profile reflecting a resident’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, or aptitudes.
California residents. If you are a California resident, please be sure to review the Additional Information for California Residents section below for important information, as required by California privacy laws, about the categories of personal information we collect and disclose and your rights under California privacy laws.

1. SCOPE

This Policy applies to our collection, use and disclosure of personal information related to (a) current and former owner(s) of FCA vehicles, (b) our websites (each a “Website”) and mobile applications (each as “App”) that link to or display this Policy, (c) our “Connected Services,” such as SiriusXM Guardian Services (separate subscription required), and the Uconnect® platform, mobile applications and features, and other services, features and technologies we make available via your vehicle, collectively the “Services”), and (d) as well as individuals that contact us, interact us or express interest in our vehicles.

Additional Privacy NoticesWe may also provide additional privacy notices for specific services, such as the FCA Connected Services Privacy Notice, which applies to and provides additional information about our collection, use and disclosure of personal information related to our Connected Services.   

Personal Information. Personal information includes any information that identifies, relates to, describes, or is reasonably capable of being associated, or reasonably linked or linkable with a particular individual or household.  

Not Covered by this Policy. This Policy does not apply to job applicants and candidates who apply for employment with us, or to employees and non-employee workers.

2. INFORMATION WE COLLECT

The information we collect varies depending upon the circumstances and the Services you use.  

Sources of Personal Information. We may collect personal information directly from individuals, such when an individual registers for a Uconnect® or MOPAR® account, contacts us, or inquires with us about a vehicle.  We may also collect personal information from third parties, such as dealers, platform providers, telecom providers, data aggregators, social media sources, public records, and other third parties with whom we work to make available our Services.  In addition, we automatically collect personal information related to the use of our Websites, Apps, Connected Services and other Services.

Information We Collect from You. We may collect personal information directly from you, including:

· Registration and profile information: to access and use certain of our Services (such as Connected Services or a MOPAR® account), you must register for an account by providing us with certain required information, which may include your name, a user name, password, email, and other contact information. We may also ask you or allow you to submit certain additional optional information, which may include your phone number, location, preferences, and other similar profile information.

· Purchases and payments information: if you purchase products or services from us, such as branded merchandise or parts, whether online or over the phone, we collect information related to your order, which may include name, billing and shipping address, and payment details. We may work with external payment processors and fulfillment partners to process these payments.  

· Communications and support. If you contact us by email, mail, phone chat or otherwise regarding the Services, we collect and maintain a record of your contact details, communications and our responses. If you call us, we may also record calls and maintain logs and records of these calls.

· Inquiries and requests: We also collect personal information when you submit information to or request information from us (such as request a quote, find a vehicle or locate a dealer) or sign up for marketing and communications from us (such as related to FCA US product launches, special offers and upcoming vehicle and product releases). The information we may collect includes your name, contact information, location, vehicle of interest, current vehicle and other information. 

· Events, contests and promotionsWe may also run contests, sweepstakes or other promotions or participate in certain events (collectively, “Events”), online and offline. If you choose to participate in an Event, we may ask you for personal information, including your name, age, contact information, vehicle of interest or other information. Certain Events may be co-branded with one of our partners or run on an external website, such as Facebook. In these instances, the collection of your personal information may occur directly or through an external website.

· User contentIf you choose to engage in forums, blogs, or similar features offered by us as part of the Services, we may maintain records about the content you post, such as comments, reviews or questions, as well as data and time and other metadata associated with your user content. User content may also be viewable by other visitors and users of the Services.     

Information We Collect from Third Parties. We may also collect personal information about you from third parties, such as partners or dealers we work with.  We may append this information to the information we have already collected about you. For example, we may enhance or update the personal information we have about you, with information obtained from third party sources, such as data brokers and public records. We also collect device identifier information from mobile applications or advertisements or purchase e-mail or similar lists from third parties for advertising and marketing purposes. In addition, we may collect information about how individuals interact with us or comment about FCA and our products and services through social media. Also, if you take advantage of a third party or affiliate offer through the Services, we may receive certain information from that third party about your interaction with them.

Information We Collect Automatically. We may collect personal information about how you use the Services and interact with our Websites and Apps, such as information we collect automatically (e.g., using cookies and pixel tags), as well as information we derive about you and your use of the Services, including:

· Usage data: we automatically collect information about your use of our Services, such as IP address, app identifier, advertising ID, location info, browser type, device type, domain name, the website that led you to our Services, the website to which you go after leaving our Services, the dates and times you access our Services, and the links you click and your other activities within the Services.  We may also use pixels in HTML emails to understand if individuals read the emails we send to them.  

· Location data: We may collect geolocation through the Connected Services and our Apps. We may also collect general location data based upon the IP address of a device you use to access the Services. We may link location data to other information that we have collected about you.

· Other data: We may collect personal information about visitors to our offices and premises, through CCTV and other physical security monitoring.

We may link this personal information with the other information we have collected about you. For more information, see the Cookies and Other Tracking Information section below.

3. HOW WE USE PERSONAL INFORMATION

We may use the personal information we collect for the following purposes:

· Providing our Services and related support: to provide and maintain our Services; to authenticate users; to perform technical operations, such as updating software; for recall purposes; to provide and communicate with you about our Websites, Services, vehicles and other products; to respond to your requests; to administer Events that you participate in; to fulfill your orders, and process your payments; to provide technical support; and for other customer service and support purposes.  

· Safety, recall and warranty: for safety, recall and warranty purposes, such as to send recall notices, process recall and warranty claims, and for other purposes related to vehicle safety.

· Analyzing and improving our Services: to better understand how users access and use our vehicles and other products and the Services, for other research and analytical purposes, such as to evaluate and improve our Services and business operations, develop new features, products, or services, and to otherwise improve our Services and user experiences.

· Personalizing content and experiences: to tailor content, we send or display on the Websites in order to offer location customization and personalized help and instructions and to otherwise personalize your experiences; to reach you with more relevant ads and to measure ad campaigns.

· Advertising, marketing and promotional purposes: to contact you about our products or services or send you newsletters, offers or other information we think may interest you, and to administer promotions and contests. 

· In support of our general business operations: relating to audits and assessments of our business operations, security controls, financial controls, compliance with legal obligation, and otherwise relating to the administration of our general business, accounting, record keeping and legal functions.

· Securing and protecting our assets and rights: to protect our business operations, secure our network and information technology, assets and services; to prevent and detect fraud, unauthorized activities, access and other misconduct; where we believe necessary to investigate, prevent or take action regarding suspected violations of our Terms and other agreements, as well as fraud, illegal activities and other situations involving potential threats to the rights or safety of any person or third party. 

· Complying with legal obligations: to comply with the law or legal proceedings. For example, we may disclose information in response to subpoenas, court orders, and other lawful requests by regulators and law enforcement, including responding to national security or law enforcement disclosure requirements.

4. HOW WE DISCLOSE PERSONAL INFORMATION

We disclose personal information, in order to provide and improve our products and services, reach users with more relevant information and offers, for warranty and safety purposes, to make available third party offers you may be interested in, and as otherwise set out below.

Affiliates, Vendors and Providers. We share personal information with our vendors and others who we work with to make certain services available, such as:

· Affiliates: to our affiliate and subsidiary companies; however, if we do so, their use and disclosure of your personal information will be in accordance with this Notice.

· Vendors: to our third-party vendors, service providers, contractors or agents who use such data in order to perform functions on our behalf.

· Third party providers: some of the Services we make available to you may be supported by third parties, who may collect and receive personal information about you as part of their provision of the particular feature, service or application, or in order to respond to a request you make via the Services. If you click an offer or otherwise choose to take advantage of a third-party offer in the Services, we may share your personal information with that third party to facilitate your interaction. The use of your personal information by these third parties is subject to their respective privacy policies.  

Other Individuals. If you are an owner and you permit another driver to register your vehicle for Connected Services or to otherwise access and use your account, then you acknowledge and agree that such individual(s) may have access to your account and associated personal information about your vehicle(s).  Further, if you post user content, this may be viewable by other users of the Services.

Dealers and Other Third PartiesWe may share personal information with dealers and other select third parties, for marketing, research and analytics purposes.  

· Dealers: we may share personal information, such as name, contact information and other data about your vehicles or interests, with our authorized dealers in your area so that they may contact you about your vehicle needs and purchase plans, or otherwise reach out to you for marketing purposes.

· Marketing partners: we may share your personal information with certain third parties so that they may send you offers and other information we think you may be interested in.

· Other third parties: we may share your personal information with other third parties that provide advertising, campaign measurement, online and mobile analytics, and related services.  These other third parties may receive or access Usage Data and other personal information in order to help us better reach individuals with relevant ads and measure our ad campaigns, or to better understand how individuals interact with our Websites and online services overtime and across devices.

Business and Operational PurposesIn addition, we may disclose personal information in support of our business and operational purposes, including:

· Business transfers: as part of any merger, acquisition, financing, sale of company assets or interests in the respective company, or in the case of insolvency, bankruptcy, or receivership, including during negotiations related to such business transfers.

· Protecting rights and interests: to protect or defend the safety, rights, property, or security of FCA US, third parties or the general public, including to protect the Services, to detect, prevent, or otherwise address fraud, security, technical issues, or other activity which we, in our sole discretion, consider to be, or to pose a risk of being, illegal, unethical, or legally actionable activity. We may also use personal information as evidence in litigation in which we are involved, and as necessary to enforce this Notice or our Terms and other applicable agreements with you.

· Legal compliance: to comply with applicable legal or regulatory obligations, including as part of a judicial proceeding, in response to a subpoena, warrant, court order or other legal process, or as part of an investigation of or request by law enforcement or a government official.

Aggregate and De-Identified Information. We may use and disclose aggregate, anonymous, or de-identified information about users for marketing, advertising, research, compliance, or other purposes.

5. COOKIES AND OTHER TRACKING INFORMATION

We and our third-party providers use cookies, clear GIFs/pixel tags, JavaScript, local storage, log files, and other mechanisms to automatically collect and record information about your browsing activities, and use of the Websites and other Services. We may combine this “usage data” with other personal information we collect about you. We use this usage data to understand how our Services are used, track bugs and errors, provide and improve our Services, verify account credentials, allow logins, track sessions, prevent fraud, and protect our Services, as well as for targeted marketing and advertising, to personalize content and for analytics purposes (see the Your Rights and Choices section below for information about opting-in out of certain uses of your personal information)

Cookies. Cookies are alphanumeric identifiers that we transfer to your computer’s hard drive through your web browser for record-keeping purposes. Some cookies allow us to make it easier for you to navigate our Site, while others are used to enable a faster log-in process or to allow us to track your activities while using our Site. Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in the future. The Help portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Some of the Services may not work properly if you disable cookies.

Clear GIFs, pixel tags and other technologies. Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies.  In contrast to cookies, which are stored on your computer’s hard drive, clear GIFs are embedded invisibly on web pages. We may use clear GIFs (also referred to as web beacons, web bugs or pixel tags), in connection with our Services to, among other things, track the activities users of our Services, help us manage content, and compile statistics about usage of our Services. We and our service providers also use clear GIFs in HTML emails to our customers, to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.

Third-Party Analytics. We may use third-party analytics companies, for example Google Analytics (see privacy policy and opt-out) to evaluate use of our Services. We use these tools to help us understand use of, and to improve, our Services, performance, ad campaigns, and user experiences. These entities may use cookies and other tracking technologies, such as web beacons or local storage objects (LSOs), to perform their services.

Do Not Track (DNT). Our Sites currently do not respond to “do not track” signals. You may, however, disable certain tracking mechanisms in the cookie preference settings of your web browser and opt out of certain third party ad cookies on our websites.

6. INTEREST BASED ADS

We work with third party ad networks, channel partners, measurement services and others (“third party ad companies”) to display advertising on our Services, and to manage our advertising on third party sites, mobile apps and online services. We and these third party ad companies may use cookies, pixels tags, and other tools to collect activity information on our Services (as well as on third party sites and services), as well as IP address, device ID, cookie and advertising IDs, and other identifiers, general location information, and, with your consent, your device’s geolocation information; we and these third party ad companies use this information to provide you more relevant ads and content and to evaluate the success of such ads and content.  

Ad Choices. FCA US adheres to Digital Advertising Alliance self-regulatory principles for online behavioral advertising. For more information or to opt out of third party advertising cookies and tags on our Sites, go to www.privacyrights.info. You may also obtain more information about targeted or “interest-based advertising” by visiting www.aboutads.info/choices (Digital Advertising Alliance(US)) or www.youradchoices.ca/choices/ (Digital Advertising Alliance of Canada).

Opting out of participating ad networks does not opt you out of being served advertising. You may continue to receive generic or “contextual” ads on our Services. You may also continue to receive targeted ads on other websites, from companies that do not participate in the above programs.

Custom Audiences and Matching. We may share certain hashed customer list information (such as your email address) with third parties—such as Facebook and Google—so that we can better target ads and content to our Users, and others with similar interests, within their services. These third parties use the personal information we provide to help us target ads and to enforce their terms, but we do not permit them to use or share the data we submit with other third-party advertisers. You may opt out of this as set forth in our Your Rights and Choices section below.  

7. SECURITY

We have implemented a variety of safeguards designed to protect personal information from unauthorized access, use, or disclosure. However, no method of electronic transmission or storage, is 100% secure. Therefore, we cannot guarantee its absolute security. You should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords, or for any activity on your account via unauthorized password activity.

8. THIRD PARTY AND CO-BRANDED SITES AND OTHER SERVICES

Our Services may contain links to third party websites, mobile applications or other services ,operated by a third party and subject to a different privacy policy. You should review the privacy policy on any website, mobile application or online service. Please be aware that FCA US is not responsible for and cannot control the privacy practices of other websites or third parties. Our Services may also contain links to co-branded websites that may display the FCA US logo and trademarks but are maintained by third parties, and do not display this Policy. Please read the privacy policies provided on these co-branded website, which govern the privacy practices relating to personal information collected via that website.

9. YOUR RIGHTS AND CHOICES

You may access and update certain of your personal information by accessing and adjusting your account settings. Please note that we may maintain copies of information that you have updated, modified or deleted, as permitted, in our business records and in the normal course of our business operations, as permitted or required by applicable law.     

Marketing Communications. You may opt out of receiving marketing communications from us by emailing us at dprivacy@fcagroup.com. You may also opt out of email marketing by using the unsubscribe link in any such email we send to you. Further,if you have opted into and no longer wish to receive text messages from us you may opt out by texting STOP to cancel future text message (reply HELP for more information or help).

Please note that marketing opt-out requests will only remove you from our direct marketing list and the list of any Service Provider performing services on our behalf. We are not responsible for the use any other party may makes of your personal information transferred prior to your opt-out and in accordance with this Policy. In such case, you will need to contact the relevant entity to have your personal information removed from the entity’s database.

California Residents. California residents have certain rights, under California privacy laws, regarding their personal information, which are set forth in the Additional Information for California Residents section below.

10. SPECIAL NOTICE TO INTERNATIONAL USERS AND CUSTOMERS

As a globally operating company, FCA US may transfer your personal information to the United States and to other jurisdictions where we or our affiliates, suppliers or service providers have operations. As such, your personal information may accessed, stored, processed, or subject to law enforcement requests in these jurisdictions, which may not have equivalent privacy laws as in home jurisdiction.

11. PRIVACY SHIELD

FCA US complies with the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from the European Union (EU)/ European Economic Area (EEA) and Switzerland to the United States, respectively. To learn more about the Privacy Shield program, and to view our certification, please visit www.privacyshield.gov.

In Scope Data Collection and Use. Our Privacy Shield Certification applies to personal information we collect from the EU/ EEA and/or Switzerland about consumers, workforce, vendors, suppliers and others in connection with the manufacture, distribution and sale of automobiles and related goods and services in the, which is subject to the EU General Data Protection Regulations (“GDPR”) or the Swiss Federal Data Protection Act (respectively the “relevant personal information” for purposes of this Privacy Shield section).

Relevant personal information may include location, recruitment and job applications, website or application usage, product registration and support, and other human resources information, as well as certain sensitive information (e.g., information about medical condition, race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or information specifying the sex life of the individual). We may use employee personal information for internal purposes, including system access, payroll and benefits, training, security, reporting, and global corporate directories.

Privacy Policy and Consent. To the extent that FCA US collects relevant personal information directly from individuals in the EU/EEA and Switzerland, and as provided under the Privacy Shield, FCA US will provide those individuals with notice and a clear, conspicuous, and readily available mechanism for requesting that their personal data not be used for specific purposes or disclosed to certain third parties. FCA US will obtain affirmative express consent for the disclosure of any sensitive information to a third party or if used for a purpose other than those for which it was originally collected or subsequently authorized.

To the extent that FCA US acts solely as a data processor when processing personal data on behalf of data controllers, FCA US acts only on the instructions of its controller and does not control or share such personal data without direction from the controller. In those instances, and to the extent provided for by applicable law, FCA US may rely on the data controller to satisfy the notice and consent principles under applicable EEA or Swiss law, and will act on the instructions of those controllers.

Access. EEA and Swiss Data Subjects have the right to access relevant personal information about them that is covered by this Privacy Shield section. Relevant personal information can be corrected, amended, or deleted such relevant personal information, subject to certain limitations permitted by the Principles.

Onward Transfer. Where FCA US shares relevant personal information with we will do so in a manner consistent with the Privacy Shield Principles.  FCA US will maintain written contracts with those third parties to whom it discloses Personal Data, and will require those third parties to:

· Provide the same level of protection as the Privacy Shield Principles to that relevant personal information; and

· Contractually agree that relevant personal information will only be processed for limited and specified purposes consistent with the consent given by the individual.

FCA US also requires that the recipient will provide the same level of protection as the Privacy Shield Principles and that the recipient will notify FCA US if it makes a determination that it can no longer meet those obligations. To the extent provided by the Privacy Shield principles, FCA US remains responsible and liable under the Privacy Shield if the third party agents that it engages processes the personal information on its behalf in a manner inconsistent with the Privacy Shield principles, unless FCA US is able to prove that is not responsible for the event giving rise to the damage.

Recourse, Enforcement and Liability. In compliance with the Privacy Shield Principles, FCA US commits to investigate and will attempt to resolve complaints about your privacy and the collection or use of your personal information within 45 days. EEA and Swiss citizens with inquiries or complaints regarding this Privacy Policy should first contact our Privacy Office by sending an email to dprivacy@fcagroup.com.

FCA US commits to cooperate with the panel established by the European Union Data Protection Authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC). FCA will comply with the advice given by such authorities with regard to data transferred from the EU and Switzerland.  Pursuant to the Privacy Shield Principles, if you do not receive timely acknowledgement of your complaint or if your complaint is not satisfactorily addressed, please contact the DPA at http://ec.europa.eu/justice/data-protection/bodies/index_en.htm.

If your dispute remains fully or partially unresolved after taking the above actions, under certain and limited conditions, you may invoke last resort binding arbitration by a “Privacy Shield Panel” composed of arbitrators designated by the U.S. Department of Commerce and the European Commission. An individual's decision to invoke this binding arbitration option is entirely voluntary. FCA US is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.

12. CHILDREN

FCA US Websites or Applications are not targeted and directed at children under age 16 and we do not knowingly collect any personal information from a child under 16. If you believe we have inadvertently collected personal information about a child, please contact us and we will take steps to delete this information.

13. CHANGES TO THIS POLICY

We encourage you to periodically review this Policy, as we may change our Policy from time to time, in which case we will post the updated Policy on our Websites or within the Apps. If we make any changes to this Policy that materially affect our practices with regard to the personal information we have previously collected from you, we will endeavor to provide you with notice in advance of such change, such as by changing the effective date of the Policy or notifying you at your email address of record. Your continued use of the Services following a change in the Policy represents consent to the updated Policy to the fullest extent permitted by law.

14. CONTACT US

If you have any questions about this Policy or our privacy practices, please contact us via email at dprivacy@fcagroup.com.

15. ADDITIONAL INFORMATION FOR CALIFORNIA RESIDENTS

In this section, we provide information, as required under California privacy laws, including the California Consumer Privacy Act (“CCPA”), which requires that we provide California residents certain specific information about how handle their personal information, whether collected online or offline. This section does not address or apply to our handling of publicly available information made lawfully available by state or federal governments or other personal information that is subject to an exemption under Section 1798.145(c) – (f) of the CCPA.  

Categories of Personal Information We Collect and DiscloseOur collection, use and disclosure of personal information about a California resident will vary depending upon the circumstances and nature of our interactions or relationship with such resident. The table below sets out generally the categories of personal information (as defined by the CCPA) about California residents that we collect, sell, and disclose to others for a business purpose. We collect these categories of personal information from the sources described in the Information We Collect section above, and for the purposes described in the How We Use Personal Information section above.

Categories of Personal Information Collected? Disclosed for business purpose?

Name, contact information and other identifiers: identifiers such as a real name, alias, address, unique personal identifier, online identifier, VIN, IP address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.  

Yes

Yes

Customer records: paper and electronic customer records containing personal information, such as name, signature, physical characteristics or description, address, telephone number, education, current employment, employment history, social security number, passport number, driver’s license or state identification card number, insurance policy number, bank account number, credit card number, debit card number, or any other financial or payment information, medical information, or health insurance information.

Yes

Yes

Protected classifications: characteristics of protected classifications under California or federal law such as race, color, sex, age, religion, national origin, disability, citizenship status, and genetic information.

Yes

Yes

Commercial information: including records of personal property, products or services purchased, obtained, or considered, or other purchasing or use histories or tendencies.

Yes

Yes

Internet or other electronic network activity information: including, but not limited to, browsing history, clickstream data, search history, and information regarding a resident’s interaction with an internet website, application, or advertisement, including access logs and other usage data related to your use of any company websites, applications or other online services, as well as the Connected Services.

Yes

 

Yes

 

Geolocation data: precise location information about a particular individual or device.

Yes

Yes

Audio, video and other electronic data: audio, electronic, visual, thermal, olfactory, or similar information such as, CCTV footage, photographs, and call recordings.

Yes

Yes

Employment history: professional or employment-related information.

Yes

Yes

Education information: education information that is not publicly available personally identifiable information as defined in the federal Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, 34 C.F.R. Part 99).

Yes

            

Yes

Inferences and profiles: inferences drawn from personal information to create a profile reflecting a resident’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, or aptitudes.

Yes

Yes

Categories of Personal Information Sold. The CCPA defines a “sale” as disclosing or making available to a third party personal information in exchange for monetary or other valuable consideration. We disclose or make available personal information to dealers for marketing purposes, as well as other third parties, in order to receive certain services or benefits from them (such as when we allow third party tags to collect information such as browsing history on our Sites) to improve and measure our ad campaigns, including:

  • Name, contact information and other identifiers
  • Internet or other electronic network activity information
  • Geolocation data
  • Customer records
  • Commercial information
  • Inferences and profiles

California Residents’ Rights. California law grants California residents certain rights and imposes restrictions on particular business practices as set forth below.

· Notice before collection: we are required to notify California residents, at or before the point of collection of their personal information, the categories of personal information collected and the purposes for which such information is used. You can find our notice at the top of this Privacy Policy.

· Do-not-sell: California residents have the right to opt-out of our sale of their personal information.  Opt-out rights can be exercised by submitting a request here. We do not sell personal information about residents who we know are younger than 16 years old without opt-in consent.

· Request to delete: California residents have the right to request deletion of their personal information that we have collected about them and to have such personal information deleted, except where an exemption applies.

· Request to know: California residents have the right to request and, subject to certain exemptions, receive a copy of the specific pieces of personal information that we have collected about them in the prior 12 months and to have this delivered, free of charge, either (a) by mail or (b) electronically in a portable and, to the extent technically feasible, readily useable format that allows the individual to transmit this information to another entity without hindrance. California residents also have the right to request that we provide them certain information about how we have handled their personal information in the prior 12 months, including the:

o categories of personal information collected;

o ategories of sources of personal information;

o business and/or commercial purposes for collecting and selling their personal information;

o categories of third parties/with whom we have disclosed or shared their personal information;

o categories of personal information that we have disclosed or shared with a third party for a business purpose; and

o categories of third parties to whom the residents’ personal information has been sold and the specific categories of personal information sold to each category of third party.

California residents may make a request to know up to twice every twelve (12) months.

Submitting Verifiable Requests. To submit a request to know, or request to delete:

· Submit a request online here.

· Contact as toll-free at 1-866-221-6871

We will respond to verifiable requests received from California residents as required by law.    

Right to Non-Discrimination. The CCPA prohibits discrimination against California residents for exercising their rights under the CCPA. A business may offer financial incentives for the collection, sale or deletion of California residents’ personal information, provided it is not unjust, unreasonable, coercive or usurious, and is made available in compliance with applicable transparency, informed consent, and opt-out requirements. California residents have the right to be notified of any financial incentives offers and their material terms, the right to opt-out of such incentives at any time, and may not be included in such incentives without their prior informed opt-in consent.  

You Rights Under California’s Shine-the-Light Law. Under California’s “Shine the Light” law (Cal. Civ. Code § 1798.83), California residents who provide us their personal information are entitled to request and obtain from us, free of charge, information about the personal information (if any) we have shared with third parties for their own direct marketing use; such requests may be made once per calendar year for information about any relevant third party sharing in the prior calendar year (so, requests submitted in 2020 would be applicable to relevant disclosures (if any) in 2019). If you are a California resident and would like to make such a request, please submit your request in writing by emailing us at dprivacy@fcagroup.com, using the subject line “CA Shine the Light Request.”  In your request, please attest to the fact that you are a California resident and provide a current California address.  We will reply to valid requests by sending a response to the email address from which you submitted your request.  Please note that not all information sharing is covered by the “Shine the Light” requirements and only information on covered sharing and the relevant details required by the Shine the Light law will be included in our response.

For more information about our privacy practices, you may contact us as set forth in the Contact Us section above.