Commitment to Information Security

DealerBuilt Security Statement

Why we do it

DealerBuilt’s security philosophy is simple; Security must protect the environment while supporting business goals. We focus on security to:

• Protect Data. In today’s information-based society, DealerBuilt recognizes the importance of data and its protection. We ensure the data we store is secure in all it’s forms.
• Defense is Everyone’s Responsibility. Both employees and clients use, transmit, file, dispose, and create information and data. Proper handling of that information is critically important to the success of the data and information security program. All users’ actions or failures to act in some instances can result in exposing the organization to some risky situations.
• Include Security Early. It is DealerBuilt’s intent to involve security in all aspects of our business, including our application development and implementation. This approach includes security reviews, including vendor assessments, code validation, and input on process improvements to keep our products and offerings safe.

What we do

Based on an industry standard framework, our Security Controls Include, but are not limited to the following:

• Network and Communication Protection
• User and Network Access Control
• Service Availability Control
• Education, Penetration Testing, and Security Reviews

How we do it

DealerBuilt carefully chooses reputable contractors to host and support its DMS platform. These contractors have planned security measures, especially for hosting services and the contractors have security processes in place. DealerBuilt also performs periodic vulnerability and penetration assessments of its network and applications.

All communication traffic between DealerBuilt Clients and DealerBuilt Servers is encrypted. In addition, firewalls protect communication, and continuous development is carried out to block unauthorized traffic. The ability to quickly address opportunities related to security is of great importance to DealerBuilt.

The use of DealerBuilt’s platform would not be possible without collecting information concerning the use of the service, which includes personal information. Personal information is collected, stored, and processed per applicable laws and only to the extent necessary for providing the services. Statistic information can be collected and used by the service provider or its hosting contractor. The collected information is not transferred or sold without permission.

The technical setup, services provider’s data processing rules, and code of conduct for providing services enable a high level of information protection. However, it is necessary to have some people who can gain access to data and information in the systems. Persons with access to data are aware of the confidential nature of data. Any personal information collected by DealerBuilt is collected and used per governing states and laws.

Disclosure to Third Parties: DealerBuilt may use third-party components or services as part of its DMS product. DealerBuilt may share some information and traffic with a third party as part of this service. However, it will never contain identifying information without explicit consent. DealerBuilt does not rent, sell, or lease personal information to other companies or individuals.