Ask Reggi Your Question Now

Reggi is the free generative AI assistance for regulatory compliance
Ask a Question

Can I use third-party customer service tools that collect personal information in South Dakota? What are the requirements?

Use of Third-Party Customer Service Tools in South Dakota

If you are planning to use third-party customer service tools that collect personal information in South Dakota, you must comply with the state’s laws and regulations regarding the use and disclosure of nonpublic personal information.

Under SDAR 20:06:45:10, a licensee may not disclose any nonpublic personal financial information about a consumer to a nonaffiliated third party unless the licensee has provided the consumer with an initial notice, an opt-out notice, and a reasonable opportunity to opt-out of the disclosure. However, there are exceptions to this rule, such as when the licensee provides nonpublic personal financial information to a nonaffiliated third party to perform services for the licensee or functions on the licensee’s behalf, provided that the licensee has entered into a contractual agreement with the third party that prohibits the third party from disclosing or using the information other than to carry out the purposes for which the licensee disclosed the information [SDAR 20:06:45:13].

If the personal information collected by the third-party customer service tool includes nonpublic personal health information, the licensee may not disclose such information unless an authorization is obtained from the consumer or customer whose nonpublic personal health information is sought to be disclosed [SDAR 20:06:45:27]. However, there are exceptions to this rule, such as when the disclosure is necessary for the performance of insurance functions by or on behalf of the licensee, or when the disclosure is required by law or legal process.

Therefore, if you plan to use third-party customer service tools that collect personal information in South Dakota, you must comply with the state’s laws and regulations regarding the use and disclosure of nonpublic personal information, as outlined in SDAR 20:06:45:10 and SDAR 20:06:45:27.

[2.1] allows law enforcement agencies to request location information from a wireless telecommunications carrier in emergency situations. However, this document does not directly apply to the use of third-party customer service tools that collect personal information.

[3.2] outlines the limits on redisclosure and reuse of nonpublic personal financial information. It specifies that a licensee may not disclose, other than to a consumer reporting agency, a policy number or similar form of access number or access code for a consumer’s policy or transaction account to any nonaffiliated third party for use in telemarketing, direct mail marketing, or other marketing through electronic mail to the consumer [SDAR 20:06:45:12].

[3.4] provides limits on sharing account number information for marketing purposes. It specifies that a licensee may not, directly or through an affiliate, disclose, other than to a consumer reporting agency, a policy number or similar form of access number or access code for a consumer’s policy or transaction account to any nonaffiliated third party for use in telemarketing, direct mail marketing, or other marketing through electronic mail to the consumer [SDAR 20:06:45:12].

Therefore, when using third-party customer service tools that collect personal information in South Dakota, you must comply with the state’s laws and regulations regarding the use and disclosure of nonpublic personal information, as outlined in SDAR 20:06:45:10, SDAR 20:06:45:12, and SDAR 20:06:45:27.

Source(s):
Jurisdiction

South Dakota