Privacy Policy

Effective Date: April 2, 2008
Last Updated: July 27, 2025

1. Introduction

This Privacy Policy describes how DMVDATA ("we," "us," or "our") collects, uses, processes, and protects your personal information when you use our website and services. We are committed to protecting your privacy and ensuring transparency about our data practices.

By using our website, registering for an account, or using our services, you agree to the collection and use of information in accordance with this Privacy Policy.

2. Information We Collect

2.1 Information You Provide Directly

When you register, place an order, or interact with our services, we may collect:

  • Personal Identification Information: Name, email address, phone number, fax number
  • Business Information: Business name, business type, Federal Employer Identification Number (FEIN) or Social Security Number, business mailing address
  • Payment Information: Credit card details and billing information (processed securely through third-party payment processors)
  • Communication Data: Information you provide when contacting us, including support requests and feedback
  • Mobile Phone Numbers: Phone numbers provided for SMS communications and notifications
  • Account Credentials: Username, password, and security questions
  • Document and Photo uploads: Photographs or scans of any documents you upload for verfication in order to consume our services.

2.2 Information Collected Automatically

When you visit our website, we automatically collect:

  • Technical Information: IP address, browser type and version, operating system, device information
  • Usage Data: Pages visited, time spent on pages, click-through rates, search queries
  • Cookies and Tracking Technologies: Session cookies, persistent cookies, web beacons, and similar technologies

2.3 Information from Third Parties

We may receive information about you from:

  • Payment Processors: Transaction confirmations and fraud prevention data
  • Business Verification Services: Information to verify business eligibility and compliance
  • Driving and Motor Vehicle Records: Information necessary to provide driving records and motor vehicle records as part of our services

3. Legal Basis for Processing (GDPR)

We process your personal information based on the following legal grounds:

  • Contract Performance: To provide services you've requested and fulfill our contractual obligations
  • Legal Compliance: To comply with applicable laws, regulations, and audit requirements
  • Legitimate Interests: To improve our services, prevent fraud, and ensure security
  • Consent: Where you have provided explicit consent for specific processing activities

4. How We Use Your Information

We use your information for the following purposes:

4.1 Service Provision

  • Process requests for driver record or motor vehicle record information
  • Process business registrations and account creation
  • Verify business eligibility for motor vehicle record access
  • Provide customer support and respond to inquiries
  • Process payments and manage billing

4.2 Communication

  • Send service-related notifications and updates via email and SMS
  • Provide account information and transaction confirmations
  • Respond to your requests and questions
  • Send important policy or service changes
  • Deliver SMS notifications and alerts (only with your explicit consent)

4.3 Security and Compliance

  • Prevent fraud and unauthorized access
  • Comply with legal obligations and regulatory requirements
  • Conduct security monitoring and threat detection
  • Maintain audit trails as required by law

4.4 Business Operations

  • Improve our services and user experience
  • Conduct internal analytics and research
  • Ensure system functionality and performance
  • Maintain business records and documentation

5. Information Sharing and Disclosure

5.1 We Do Not Sell Personal Information

We do not sell, rent, or trade your personal information to third parties for marketing purposes. This includes your mobile phone number and SMS preferences, which will never be shared or sold to third parties.

No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

5.2 Permitted Disclosures

We may share your information in the following limited circumstances:

Service Providers: Third-party vendors who assist us in providing services (payment processors, hosting providers, customer support tools) under strict confidentiality agreements.

Legal Requirements: When required by law, regulation, legal process, or government request, including:

  • Court orders, subpoenas, or legal proceedings
  • Regulatory audits and compliance investigations
  • Law enforcement requests with proper legal authority

Business Protection: To protect our rights, property, or safety, or that of our users, including:

  • Fraud prevention and detection
  • Enforcement of terms of service
  • Protection against legal liability

Other permitted disclosures include:
  • Chargeback Disputes: Information shared with financial institutions and payment processors to resolve disputed transactions and chargebacks.
  • Audit and Compliance: Information shared with authorized auditors to verify our compliance with security standards and regulatory requirements, with appropriate data protection measures.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with advance notice to affected users.

5.3 State-Specific Requirements

For Florida residents and as required by state motor vehicle record access laws, we may share information with the State of Florida for verification and compliance purposes.

6. Data Security

We implement comprehensive security measures to protect your information:

6.1 Technical Safeguards

  • Encryption: All sensitive data is encrypted in transit using TLS 1.2 or higher and at rest using AES-256 encryption
  • Secure Servers: Industry-standard secure server infrastructure with regular security updates
  • Access Controls: Role-based access controls limiting employee access to necessary information only
  • Network Security: Firewalls, intrusion detection systems, and regular security monitoring

6.2 Administrative Safeguards

  • Employee Training: Regular privacy and security training for all personnel
  • Background Checks: Comprehensive screening for employees with data access
  • Confidentiality Agreements: All employees sign strict confidentiality agreements
  • Incident Response: Established procedures for security breach detection and response

6.3 Payment Security

  • Credit card information is never stored on our servers
  • All payment processing is handled by PCI DSS compliant third-party processors
  • Tokenization is used for recurring payment references

6.4 Security Monitoring and Vulnerability Management

  • Regular Security Assessments: We undergo weekly vulnerability scans and monthly web application security scans provided by the Cybersecurity and Infrastructure Security Agency (CISA) from the Department of Homeland Security
  • Proactive Threat Detection: Continuous monitoring for security vulnerabilities and emerging threats
  • Rapid Response: Immediate remediation of identified security issues and vulnerabilities
  • Compliance Verification: Regular validation of our security controls and data protection measures

We offer the use of a secure server. All supplied sensitive/credit card information is transmitted via the strongest Transport Layer Security (TLS) and Secure Socket Layer (SSL) technology. Sensitive data is hashed or encrypted if it's needed to be stored in our database and is only accessible by those authorized with special access rights to such systems and are required to keep the information confidential.

During and after a transaction, your credit card information is never saved or stored on our servers. For convenience features such as saved payment methods, credit card data is stored exclusively by our PCI DSS compliant payment processors. We only retain a secure token or reference key that allows us to process future payments through the processor, which is the industry standard for secure payment storage and ensures your actual card details remain protected at all times.

7. Data Retention

We retain personal information only as long as necessary for the purposes outlined in this policy:

  • Account Information: Retained while your account is active and for 7 years after closure for legal and audit purposes
  • Transaction Records: Retained for 7 years to comply with financial regulations
  • Communication Records: Retained for 3 years for customer service and legal purposes
  • Technical Logs: Retained for 12 months for security and system maintenance
  • Documents and photo uploads: Retained for 5 years for security audits. Starting from account closure or time of an order

8. Your Privacy Rights

8.1 General Rights

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate information
  • Account Management: Update your account information at any time through the "Manage Account" section
  • Communication Preferences: Opt-out of non-essential communications including SMS messages

8.2 California Residents (CCPA/CPRA)

California residents have additional rights:

  • Right to Know: Detailed information about personal information collected, used, and shared
  • Right to Delete: Request deletion of personal information (subject to legal and business requirements)
  • Right to Opt-Out: Opt-out of the sale of personal information (we do not sell personal information)
  • Right to Non-Discrimination: Equal service regardless of privacy rights exercise

8.3 European Residents (GDPR)

EU/UK residents have additional rights:

  • Right to Portability: Receive your data in a structured, machine-readable format
  • Right to Restrict Processing: Limit how we process your information
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for consent-based processing

To exercise these rights, contact us using the information in Section 12.

9. Cookies and Tracking Technologies

9.1 Types of Cookies We Use

  • Essential Cookies: Required for website functionality and security
  • Authentication Cookies: Keep you logged in during your session
  • Preference Cookies: Remember your settings and preferences
  • Analytics Cookies: Help us understand website usage and performance

Yes, cookies are needed and used to know that you are logged into the system during your use of the site's software, to make your experience easier and to detect any potential security breach attempts. This is needed to recognize you when you are using our system.

Cookies are small files that a site or its service provider transfers to your computer's hard drive through your Web browser (if you allow) that enables the sites or service providers systems to recognize your browser and capture and remember certain information.

9.2 Cookie Management

You can control cookies through your browser settings. Note that disabling essential cookies may affect website functionality.

9.3 Do Not Track

We do not currently respond to Do Not Track signals, but we provide clear opt-out mechanisms for non-essential tracking.

10. International Data Transfers

If you are located outside the United States, your information may be transferred to and processed in the United States. We implement appropriate safeguards for international transfers, including:

  • Standard Contractual Clauses for EU transfers
  • Adequacy decisions where applicable
  • Additional security measures as required by law

11. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected information from a child under 18, we will take steps to delete such information promptly, unless an order has been placed and retention of information is required to show compliance. Any abandoned orders for minors can be requested to be deleted from our system.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, services, or legal requirements. We will:

  • Post updated policies on this page with a new "Last Updated" date
  • Notify users of material changes via email or prominent website notice
  • Provide a 30-day notice period for significant changes that affect user rights

If we decide to change our privacy policy, we will post those changes on this page, and/or update the Privacy Policy modification date below.

13. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Email: Provided via Contact form.
Phone: 850-745-4562
Mailing Address:
Mailing address can be provided upon request via our contact form.

If there are any questions regarding this privacy policy, you may contact us via the form linked above.

This Privacy Policy was last updated on July 27, 2025 and is effective as of April 2, 2008.