Ask Reggi Your Question Now

Reggi is the free generative AI assistance for regulatory compliance
Ask a Question

Can I store personal information about my customers in Wisconsin? What are the requirements?

Yes, you can store personal information about your customers in Wisconsin. However, you must comply with the requirements set forth in the Wisconsin Administrative Code [1.1].

Annual Privacy Notice

You must provide an annual privacy notice to customers that accurately reflects your privacy policies and practices with regard to nonpublic personal financial information. The notice must be provided at least once in any period of twelve consecutive months during which that relationship exists. You may define the twelve consecutive-month period, but you shall apply it to the customer on a consistent basis [1.1].

Limits on Redisclosure and Reuse of Nonpublic Personal Financial Information

The Wisconsin Administrative Code also sets limits on the redisclosure and reuse of nonpublic personal financial information. If you receive nonpublic personal financial information from a nonaffiliated financial institution under an exception, you may use or disclose that information only under certain conditions [1.4].

Exceptions to Notice and Opt-Out Requirements

There are exceptions to the notice and opt-out requirements for disclosure of nonpublic personal financial information. For example, the opt-out requirements do not apply when you provide nonpublic personal financial information to a nonaffiliated third party to perform services for you or functions on your behalf, provided that you comply with certain requirements [1.2].

Information to be Included in Privacy Notices

The initial, annual, and revised privacy notices that you provide must include all of the following items of information, in addition to any other information you wish to provide, that applies to you and to the consumers to whom you send your privacy notice [1.5]:

  • The categories of nonpublic personal financial information that you collect.
  • The categories of nonpublic personal financial information that you disclose.
  • The categories of affiliates and nonaffiliated third parties to which you disclose nonpublic personal financial information, other than those parties to whom you disclose information under ss. Ins 25.55 and 25.60.
  • The categories of nonpublic personal financial information about your former customers that you disclose and the categories of affiliates and nonaffiliated third parties to whom you disclose nonpublic personal financial information about your former customers, other than those parties to whom you disclose information under ss. Ins 25.55 and 25.60.
  • If you disclose nonpublic personal financial information to a nonaffiliated third party under s. Ins 25.50 (and no other exception in ss. Ins 25.55 and 25.60 applies to that disclosure), a separate description of the categories of information you disclose and the categories of third parties with whom you have contracted.
  • An explanation of the consumer’s right under s. Ins 25.30 (1) to opt out of the disclosure of nonpublic personal financial information to nonaffiliated third parties, including the methods by which the consumer may exercise that right at that time.
  • Any disclosures that you make under Section 603(d)(2)(A)(iii) of the federal Fair Credit Reporting Act (15 USC 1681a(d)(2)(A)(iii)) (that is, notices regarding the ability to opt out of disclosures of information among affiliates).
  • Your policies and practices with respect to protecting the confidentiality and security of nonpublic personal financial information.
  • Any disclosure that you make under sub. (2).

In conclusion, you can store personal information about your customers in Wisconsin, but you must comply with the requirements set forth in the Wisconsin Administrative Code. You must provide an annual privacy notice to customers that accurately reflects your privacy policies and practices with regard to nonpublic personal financial information. Additionally, you must follow the limits on redisclosure and reuse of nonpublic personal financial information and include specific information in your privacy notices [1.1][1.2][1.4][1.5].

Source(s):
Jurisdiction

Wisconsin