Can I store personal information about my customers in Michigan? What are the requirements?

Yes, you can store personal information about your customers in Michigan, but you must comply with the state’s laws and regulations regarding the storage and disclosure of personal information. Here are some key requirements to consider:

Notices and Opt-Outs

• If you collect nonpublic personal financial information about your customers, you must provide initial, annual, and revised notices that include specific information about the categories of information you collect and disclose, the categories of affiliates and nonaffiliated third parties to whom you disclose information, and the consumer’s right to opt out of the disclosure of nonpublic personal financial information to nonaffiliated third parties ^{[1.2][1.4][1.5]}.
• You must also provide a clear and conspicuous opt-out notice to consumers, and give them a reasonable opportunity to opt out before disclosing their information to nonaffiliated third parties ^[1.4][1.5].

Disclosure and Use of Information

• If you receive nonpublic personal financial information from a nonaffiliated financial institution under an exception in section 537 or 539, your disclosure and use of that information is limited ^[1.3].
• If you disclose nonpublic personal financial information to a nonaffiliated third party, the third party may only disclose and use that information in certain ways, such as to your affiliates or pursuant to an exception in section 537 or 539 ^{[1.3][1.4][1.5]}.

Other Requirements

• You must have policies and practices in place to protect the confidentiality and security of nonpublic personal financial information ^[1.2].
• You must not deliver or cause to be delivered an envelope or package on the outside of which personal information is placed or on the inside of which personal information is placed that is visible from the outside of the envelope or package ^[2.1].
• You must prepare a publication that summarizes, in easily understood terms, the rights and responsibilities of your customers pursuant to applicable provisions of statutes, rules, and tariffs ^[3.1].
• If you issue an enhanced driver license or enhanced official state personal identification card, you must include reasonable security measures to protect against unauthorized disclosure of personal information regarding residents of Michigan that is contained in the card ^[5.1].

It is important to note that these are just some of the key requirements for storing personal information about customers in Michigan. You should consult with a legal professional to ensure that you are fully complying with all relevant laws and regulations.

Source(s):

• [1.2] Initial, annual, and revised notices; information required; disclosure of nonpublic personal financial information.
• [2.1] Delivery of envelope or package with personal information visible prohibited.
• [3.1] Publication of procedures for residential and small nonresidential customers
• [1.3] Receipt of nonpublic personal financial information from nonaffiliated financial institution; limitation on disclosure.
• [5.1] Enhanced driver license or enhanced official state personal identification card; issuance; security measures; radio frequency identification technology; requirements in addition to requirements for standard driver license or official state personal identification card; licensing sanction; issuance of corrected license or card for address confidentiality program participants; definitions.
• [1.4] Disclosure of nonpublic personal financial information to nonaffiliated third party.
• [1.5] Disclosure of nonprofit personal financial information to nonaffiliated third party; reasonable opportunity; opt out notice.

Jurisdiction

Michigan

• Privacy