Ask Reggi Your Question Now
Can I use third-party marketing automation tools that collect personal information in Nevada? What are the requirements?
Using Third-Party Marketing Automation Tools that Collect Personal Information in Nevada
Yes, you can use third-party marketing automation tools that collect personal information in Nevada, but you must comply with the state’s data privacy laws.
According to NVRS 603A.215, if a data collector doing business in Nevada accepts a payment card in connection with a sale of goods or services, the data collector must comply with the current version of the Payment Card Industry (PCI) Data Security Standard, as adopted by the PCI Security Standards Council or its successor organization, with respect to those transactions. Additionally, a data collector doing business in Nevada must not transfer any personal information through an electronic, nonvoice transmission other than a facsimile to a person outside of the secure system of the data collector unless the data collector uses encryption to ensure the security of electronic transmission.
Furthermore, under NVRS 706B.240, an autonomous vehicle network company shall not disclose to any person the personally identifiable information of a passenger who received services from the company unless the disclosure is otherwise required by law, the company determines that disclosure is required to protect or defend the terms of use of the services or to investigate violations of those terms of use, or the passenger consents to the disclosure.
If you collect personal information in Nevada, you must also comply with the Nevada Information Systems Policies and Standards Manual, which is adopted by reference under NVAC 242.110.
Additionally, under NVRS 603A.210, a data collector that maintains records which contain personal information of a resident of Nevada shall implement and maintain reasonable security measures to protect those records from unauthorized access, acquisition, destruction, use, modification or disclosure.
If you have any further questions or concerns, it is recommended that you consult with a legal professional.
[1.1][3.1][2.4][2.1][2.2][2.3]
Source(s):
- [1.1] Adoption by reference of Nevada Information Systems Policies and Standards Manual.
- [2.1] “Personal information” defined.
- [3.1] Prohibition against disclosure of personally identifiable information of passengers; exceptions.
- [2.2] Security measures.
- [2.3] Disclosure of breach of security of system data; methods of disclosure.
- [2.4] Security measures for data collector that accepts payment card; use of encryption; liability for damages; applicability.
Jurisdiction
Nevada