|up2drive.com Privacy Information
|Online Privacy and Security
Your privacy on the Internet is important to us, which is why we at up2drive believe in an active approach to safeguarding your privacy online. You can interact and remain assured that you are protected by confidentiality, security, and your individual right to change your mind.
up2drive Account Setup
Once you have a completed up2drive loan, you may log in to up2drive Central to manage the details of your loan, make payments, etc. The first time you log in to up2drive Central, we will ask you to provide a valid VIN for vehicles financed in the United States. In order to set up an up2drive Central account, we will require you to provide a valid email address, as well as create a unique user name and password.
All information in our possession requires a unique password and username to access it. With this password you can edit, delete or add to information you have shared while visiting our site. Additionally, the information you include in a credit application is secure while in transit to us.
Site Traffic Monitoring
We collect anonymous information about every visit to our site by tracking Internet Protocol (IP) addresses and by using 3rd party web analytics software on an aggregate basis. We do not link IP addresses to any personal information associated to you and other users. We use this information only to determine how to make future visits more convenient and productive. We also collect browser type, access time, and the URL where you and other users are entering or exiting the site.
You will only receive e-mails or mailings from up2drive if you have requested to be on our correspondence list. If you are currently on our list and do not wish to receive further information from us, simply tell us by updating your preferences in the up2drive Central section. Note, however, that your choice will not apply communications such as statements, notices, or disclosures that we may be required by law to provide to you.
Correcting/Updating Personal Information
When your personally identifiable information changes (such as address), or if you are no longer interested in our service and we are notified of such changes, we will endeavor to correct, update or remove your personal data that you have provided to us. Your personal information can be updated at any time in the My up2drive or up2drive Central sections.
Though our site contains links to other sites, we are not responsible for the content, links or privacy on any of those sites.
We use e-mail links throughout the site to allow you to contact us directly with any questions or comments you may have. We read every message and try to reply promptly to every one. Information in the message is used to respond directly to your comments or questions. We may also file your comments to improve the site and programs, or review and discard the information. Your personal information is not shared with third parties without your explicit permission.
The banking services site has SSL Version 3 (Secure Sockets layer) from Netscape. This provides a "security handshake" to initiate the connection. This encrypts and decrypts the data sent. The encryption is based upon technology that uses military-grade public/private key encrypted information in the client request and server response. All information is fully encrypted, such as the content of terms submitted (i.e., credit application information), access authorization information (such as user names and passwords), and data returned from the server to the client. Secure SSL sessions are established in up2drive Online Services areas where your personal information is being transmitted, including online services, account related e-mail, and customer service areas.
The servers are protected by several security mechanisms. First, Filtering Routers restrict access to only approved network paths. Second, firewalls limit access and prevent certain attacks. Checkpoint Firewall-1, a leading product in the firewall industry, is backed up by Hewlett Packard's Virtual Vault. Virtual Vault helps create a secure environment for financial Web applications and helps protect against errors in server software and its applications. Application and Insider Security: Virtual Vault also provides strong authentication of customers and proper enforcement of authorization for transaction requests. Within Virtual Vault there is an application that provides the only access between inside and outside compartments. The Trusted Gateway also validates URL references and performs certain other calculations to prevent unauthorized scripts from being executed. Virtual Vault also has insider security application. With Virtual Vault, users must log into their own accounts and may access only the administrative commands for which they have authorization. Virtual Vault also provides an audit trail to trace unusual or unauthorized transactions.
External Server Security:
The server must interface to the external server that is used by the financial institution for core processing, such as balance inquires, history inquiries, and monetary transactions. These interfaces are done through firewalls and Encrypting Routers using Virtual Private Network (VPN) technologies. VPN creates a secure encrypted tunnel from a router or firewall to a matching device on the other end of the network.
Some Privacy FAQs:
Q. Will up2drive retain and collect my personal information?
A. We collect, retain, and use information about you only where we reasonably believe that it is necessary for us to provide services to you or to help administer our business. We must also be able to identify and distinguish you and your products and services to prevent unauthorized entities from accessing your personal financial information.
Q. What should I do when I have finished accessing confidential data?
A. When you have finished using a secure area of the up2drive web site, make sure you always click on the "Logout” link. When you click on it, you will be given the option to end your secure session. No further secure transactions can be conducted without re-entering your User-ID and password.
Q. Why can I still see some of my account information even after I have pressed the "Logout" link?
A. Browser software often "caches" pages as you look at them, meaning that some pages are saved in your computer's temporary memory. Therefore, you may find that clicking on your back button shows you a saved version of a previously viewed page. Please keep in mind that caching in no way affects the security of your confidential User-ID or password. If you use your computer in a public place, please read below.
Q. What should I do if I am using a "public" computer?
A. If you use a computer that others also work and you are uncomfortable that they may view "cached" pages after you have left the station, quit/exit your browser software before leaving. This will decrease the possibility of anyone viewing confidential information. No other users will be able to access your account information online without your User-ID and password.
|Our Commitment to Privacy
This notice is being given to you on behalf of the following companies, and provides you with our policies on the handling of non-public personal information (“Customer Information”) about you.
- BMW Financial Services
- BMW Bank of North America
- BMW Insurance Agency
- BMW of North America
- Financial Services Vehicle Trust
- BMW US Capital
Any Customer Information you choose to share with us will not be disclosed to anyone outside of the BMW Family of Companies, or our business partners. We will not, without your consent, release specific information about you or your account to third parties, except where such release is necessary to complete a transaction you have requested or unless we are required or allowed to do so by law.
Information We Collect
As part of providing you with our products and services, we obtain Customer Information about you. We define Customer Information as:
- social security number
- information from a credit application
- information from a consumer credit report
- account balances
- account history
- telephone numbers
- payoff balances
- anything related to a transaction
- or any other type of information about you that is gathered, stored or shared with a third party, Affiliate or vendor
Making the Security of Information a Priority
We limit access to Customer Information to only those employees who need it to perform their job duties while providing products and services to you, or to maintain or service those products or services. We maintain physical, electronic and procedural safeguards that comply with Federal regulations to protect Customer Information.
Sharing information within the BMW Family of Companies
We share Customer Information about you within the BMW Family of Companies (our Affiliates). Any of the BMW Family of Companies may disclose certain information to each other in connection with your account and to assist us in providing offers for products or services that may be of interest to you. We are permitted by law to share with our Affiliates, information about our transactions or experiences with you, such as your account balance and payment history.
Sharing information with companies that work for us
We may share Customer Information with non-affiliated companies that work for us. These companies may include financial service providers such as insurance companies or banks and non-financial companies such as those that provide your monthly statement. All of these companies act on our behalf, are contractually obligated to keep the Customer Information that we provide to them confidential and use the information only to provide the services we have asked them to perform for you and us. We may share Customer Information with non-affiliated companies that market our products and services or with whom we have joint marketing agreements. These companies may include BMW, MINI or Rolls-Royce Motor Cars retailers as well as other motor vehicle retailers.
Disclosing information in other situations
We may also disclose Customer Information to credit bureaus, courts or other authorized governmental authorities, as required by law. These may include disclosing information in connection with a subpoena, fraud investigation, audits, or public record filings. In addition, we may disclose certain Customer Information to a nonaffiliated third party in connection with an investigation to locate our collateral or to recover an outstanding debt.