Can I use third-party marketing automation tools that collect personal information in South Dakota? What are the requirements?

Requirements for Using Third-Party Marketing Automation Tools in South Dakota

If you are planning to use third-party marketing automation tools that collect personal information in South Dakota, you must comply with the state’s data privacy laws. South Dakota has not enacted a comprehensive data privacy law, but it has several laws that regulate the collection, use, and disclosure of personal information.

Here are some requirements you should consider:

1. Obtain Consent: You must obtain the consent of individuals before collecting their personal information. The consent must be informed, specific, and freely given. You must also provide individuals with a privacy notice that explains how their personal information will be used.
2. Protect Personal Information: You must take reasonable measures to protect the personal information you collect from unauthorized access, use, or disclosure. You must also securely dispose of personal information when it is no longer needed.
3. Disclose Data Breaches: If you experience a data breach that affects South Dakota residents, you must notify them within 60 days of discovering the breach.
4. Comply with Other Applicable Laws: You must comply with other applicable laws, such as the South Dakota Sales and Use Tax Manual^[4], which imposes a sales tax on the gross proceeds of sales of every person engaged in the business of selling.

It is important to note that these requirements are not exhaustive, and you may need to comply with additional laws and regulations depending on the nature of your business and the personal information you collect.

Source(s):

• [4] SOUTH CAROLINA SALES AND USE TAX MANUAL

Jurisdiction

South Dakota

• Privacy