Privacy Policy

1. INTRODUCTION AND SCOPE

This Privacy Policy ("Policy") describes how JDM Direct ("Company," "we," "us," "our," or "Dealership") collects, uses, discloses, stores, retains, and protects personal information and data obtained from customers, website visitors, prospective buyers, and other individuals who interact with JDM Direct through our website, email communications, phone calls, deposit submissions, vehicle purchase transactions, or any other engagement with our business.

This Privacy Policy applies to:

• Individuals who visit or use our website (www.jdmdirect.com or successor domain)
• Prospective and actual vehicle purchasers
• Individuals who submit deposits or payment information
• Website visitors and form submission participants
• Individuals contacted by JDM Direct regarding vehicles or services
• Any other individual whose personal information is collected by JDM Direct

This Privacy Policy does NOT apply to:

• Information collected by third-party auction houses, exporters, or dealers in Japan
• Information collected by third-party shipping companies, customs brokers, or freight forwarders
• Information collected or retained by vehicle manufacturers or other affiliated entities
• Information accessible through links to third-party websites
• Information practices of service providers or vendors unless explicitly stated herein

2. INFORMATION WE COLLECT

2.1 INFORMATION YOU PROVIDE DIRECTLY

JDM Direct collects personal information that you voluntarily provide to us, including but not limited to:

Contact Information

• Full legal name
• Email address(es)
• Phone number(s)
• Mailing address
• City, state, and zip code
• Country of residence

Financial and Payment Information

• Bank account information (for wire transfers)
• Payment method information (credit card, debit card, ACH)
• Payment history and transaction records
• Deposit amounts and payment dates
• Invoice and billing information
• Currency and payment preferences

Identification and Verification Information

• Government-issued identification numbers (to verify age and residency)
• State driver's license number (if provided voluntarily for verification)
• Passport or travel document information (if applicable)
• Business registration or tax identification information (if purchasing as a business entity)

Vehicle Transaction Information

• Vehicle preferences and specifications
• Desired vehicle year, make, model, and features
• Budget and price range
• Vehicle viewing or inspection requests
• Auction bidding activity and bid amounts
• Purchase history and vehicle selections
• Delivery address and logistics preferences

Communication Records

• Email correspondence and communications
• Phone call records and transcripts (if recorded with consent)
• Chat messages or instant messaging communications
• Support tickets and inquiries
• Feedback, complaints, and dispute resolution information
• Shipping and tracking requests

Form Submission Information

• Information provided through website contact forms
• Inquiry forms and request submission data
• Newsletter sign-ups and subscription preferences
• Survey responses and feedback
• Website account registration information

2.2 INFORMATION COLLECTED AUTOMATICALLY

JDM Direct may automatically collect certain information when you visit our website or engage with our digital services, including:

Website Usage Information

• IP address (Internet Protocol address)
• Browser type and version
• Operating system and device type
• Device identifiers and unique hardware identifiers
• Referring/exit pages and URLs
• Pages visited and time spent on pages
• Clicks, link interactions, and scroll depth
• Search queries and search results clicked
• Error messages and system diagnostics

Cookies and Tracking Technologies

• Session cookies (temporary, expire when browser closes)
• Persistent cookies (remain on device for extended periods)
• Web beacons and pixel tags
• Local storage and similar tracking technologies
• Analytics identifiers and tracking IDs
• Advertising identifiers (if applicable)

Analytics Information

• Website traffic patterns and trends
• User behavior and interaction patterns
• Conversion data and funnel analysis
• Geographic location (based on IP address geolocation)
• Device and hardware information
• Bandwidth and connection speed
• Timestamps and session duration

Marketing and Advertising Information

• Advertising impressions and ad interactions (if applicable)
• Email open rates and link clicks (if using email marketing)
• Marketing campaign responses and engagement metrics
• Referral sources and attribution data

2.3 INFORMATION FROM THIRD PARTIES

JDM Direct may receive personal information about you from third parties, including but not limited to:

Third-Party Vendors and Service Providers

• Customs brokers and logistics companies
• Shipping carriers and freight forwarders
• Payment processors and financial institutions
• Website hosting providers and technical service providers
• Email service providers and marketing platforms
• Data analytics companies
• Third-party verification services

Public Sources and Records

• Publicly available business information
• Public records and government databases (where legally permitted)
• Vehicle registration and titling information (when relevant to vehicle eligibility)
• Credit reporting information (only if financing is involved)

Other Sources

• Referrals and recommendations from other customers
• Social media information (if you link accounts or share information publicly)
• Information from your co-purchasers or authorized representatives
• Information from your legal counsel or designated agents

3. HOW WE USE YOUR INFORMATION

JDM Direct uses collected personal information for the following purposes:

3.1 TRANSACTIONAL PURPOSES

• Processing vehicle deposits and securing your position at auction
• Completing vehicle purchases and sales transactions
• Generating invoices, receipts, and transaction documentation
• Processing payments and refunds
• Fulfilling shipping and delivery obligations
• Arranging vehicle transportation and importation
• Providing vehicle documentation and title transfer assistance
• Communicating regarding your purchase and account status
• Providing customer service and support

3.2 LEGAL AND COMPLIANCE PURPOSES

• Verifying buyer identity and eligibility for vehicle ownership
• Complying with U.S. Customs and Border Protection (CBP) requirements
• Fulfilling EPA and DOT importation documentation requirements
• Meeting state motor vehicle administration registration requirements
• Complying with anti-money laundering (AML) regulations
• Complying with Know Your Customer (KYC) requirements
• Meeting tax reporting and compliance obligations (Form 1099, etc.)
• Responding to legal requests and court orders
• Enforcing contract terms and resolving disputes
• Maintaining records for audit and legal purposes
• Fraud detection and prevention
• Age verification (to ensure buyer is 18 years or older)

3.3 MARKETING AND BUSINESS DEVELOPMENT

• Sending informational emails about vehicles and services
• Notifying you of new vehicle inventory
• Providing updates regarding vehicles matching your preferences
• Sending promotions, special offers, and announcements
• Market research and customer preference analysis
• Improving website user experience
• Analyzing business trends and performance
• Creating customer segments for targeted outreach
• Following up on abandoned inquiries or incomplete transactions

3.4 OPERATIONAL AND SERVICE IMPROVEMENT

• Troubleshooting website technical issues
• Analyzing website performance and user experience
• Improving website functionality and security
• Preventing fraud and unauthorized access
• System maintenance and data backup
• Quality assurance and customer satisfaction improvement
• Training and internal business purposes
• Business analytics and reporting

3.5 RECORD KEEPING AND DOCUMENTATION

• Maintaining transaction histories and financial records
• Archiving communication and correspondence
• Creating vehicle inspection and condition records
• Documenting customer interactions and disputes
• Maintaining audit trails and compliance documentation
• Legal hold and litigation readiness

4. DATA RETENTION AND DELETION

4.1 RETENTION PERIODS BY DATA TYPE

JDM Direct retains personal information for the following periods, unless otherwise required by law:

4.2 DATA DELETION PROCEDURES

When personal information is no longer required for retention purposes, JDM Direct will:

• Secure Deletion: Delete or permanently destroy data using secure deletion methods that prevent recovery
• Anonymization: Anonymize data when possible, removing identifiers that connect information to individuals
• Archival: Archive inactive customer records to secure offline storage before deletion
• Documentation: Maintain records of what data was deleted, when, and the method used
• Third-Party Vendors: Require third-party service providers to delete information they retain on JDM Direct's behalf

4.3 DATA BREACH NOTIFICATION

In the event of a data breach or unauthorized disclosure of personal information, JDM Direct will:

• Investigate: Conduct prompt investigation to determine scope and impact of breach
• Notify: Notify affected individuals within 60 days of discovery of the breach (or as required by law)
• Disclosure: Disclose nature of breach, type of information compromised, and recommended protective actions
• Regulators: Report to appropriate regulatory agencies as required by applicable law
• Remediation: Implement corrective measures to prevent future incidents

5. SHARING AND DISCLOSURE OF INFORMATION

5.1 INFORMATION SHARED WITH THIRD PARTIES

JDM Direct may share personal information with the following third parties to fulfill business operations and transactional obligations:

5.2 INFORMATION NOT SHARED WITHOUT CONSENT

5.3 INFORMATION SHARED UPON REQUEST OR WITH CONSENT

JDM Direct may share personal information if:

• You have given explicit written consent for sharing
• You have requested a specific service requiring third-party involvement
• You have authorized a third party to access your information
• Legal process or court order requires disclosure
• Necessary to respond to law enforcement requests (with proper legal authority)
• Necessary to protect JDM Direct's legal rights or safety

5.4 AFFILIATE AND CORPORATE INFORMATION SHARING

If JDM Direct is acquired by, merges with, or transfers assets to another company, personal information may be transferred as part of that transaction. You will be notified of any such transaction and given the opportunity to opt out if legally permitted.

6. INTERNATIONAL DATA TRANSFERS

6.1 CROSS-BORDER DATA TRANSFERS

JDM Direct may transfer personal information to countries outside the United States, including Japan and other jurisdictions, in connection with:

• Arranging vehicle purchases from Japanese auction houses and dealers
• Coordinating vehicle shipping and logistics
• Working with international customs brokers and service providers
• Utilizing cloud-based service providers with servers in multiple countries

6.2 PROTECTION OF INTERNATIONAL TRANSFERS

When personal information is transferred internationally, JDM Direct implements appropriate safeguards, including:

• Standard Contractual Clauses: Requiring third-party recipients to comply with data protection standards equivalent to U.S. protections
• Data Processing Agreements: Establishing clear data handling requirements in contracts with international service providers
• Encryption and Security: Ensuring data is encrypted during transmission and at rest
• Limited Data Sharing: Sharing only the minimum information necessary to complete the intended purpose

6.3 CUSTOMER ACKNOWLEDGMENT

6.4 GDPR AND EUROPEAN DATA SUBJECTS (If Applicable)

If you are a resident of the European Union, European Economic Area, or other jurisdiction subject to GDPR-equivalent laws:

• You have additional rights regarding your personal information (right to access, delete, object, etc.)
• Data transfers are subject to GDPR Chapter 5 requirements
• Transfers are based on your explicit consent or lawful basis for processing
• You may contact us to exercise your GDPR rights

7. COOKIES, TRACKING TECHNOLOGIES, AND ANALYTICS

7.1 COOKIES AND LOCAL STORAGE

JDM Direct uses cookies and similar tracking technologies on our website to:

• Maintain user sessions and remember login preferences
• Remember website preferences and personalization settings
• Analyze website usage and traffic patterns
• Display targeted content and marketing messages
• Enable website functionality (shopping cart, forms, etc.)
• Measure marketing campaign effectiveness

Types of Cookies:

7.2 COOKIE CONSENT AND OPT-OUT

• Consent: By using our website, you consent to the placement of non-essential cookies as described herein
• Opt-Out: You may disable cookies through your browser settings; however, disabling cookies may limit website functionality
• Google Analytics Opt-Out: You can opt out of Google Analytics tracking by using the Google Analytics Opt-Out Browser Add-on
• Do Not Track: We honor "Do Not Track" browser signals where technically feasible

7.3 ANALYTICS AND USAGE TRACKING

JDM Direct uses analytics tools to understand website usage, including:

• Google Analytics: Tracks visitor behavior, traffic sources, and conversion metrics
• Heatmapping: Analyzes user interaction patterns and page engagement
• Session Recording: May record sessions to identify technical issues (with consent options)
• A/B Testing: Tests website variations to optimize user experience

8. MARKETING COMMUNICATIONS AND OPT-OUT RIGHTS

8.1 EMAIL MARKETING

JDM Direct may send promotional emails, vehicle availability notices, and marketing communications to customers who have provided email addresses or opted in to marketing communications.

Types of Marketing Emails:

• New vehicle availability notifications
• Inventory matching your stated preferences
• Special offers and promotions
• Company announcements and updates
• Event invitations
• Newsletter and informational content

8.2 OPT-OUT AND UNSUBSCRIBE

Processing Time: Unsubscribe requests are processed within 10 business days. You may receive one final confirmation email.

8.3 SMS AND PHONE COMMUNICATIONS

If you have opted in to receive text messages or phone calls from JDM Direct:

• Content: SMS and phone communications are used for transaction notifications, appointment reminders, and vehicle availability alerts
• Opt-Out: Reply "STOP" to SMS messages or request removal by calling JDM Direct
• Do Not Call: If you are registered on the National Do Not Call Registry, JDM Direct will not make marketing calls unless you have established a business relationship

9. YOUR RIGHTS AND CHOICES REGARDING YOUR INFORMATION

9.1 ACCESS TO YOUR INFORMATION

You have the right to request access to the personal information JDM Direct holds about you:

• Request Method: Email [email protected] with "DATA ACCESS REQUEST" in the subject line
• Response Time: JDM Direct will respond within 30 days
• Verification: You may be asked to verify your identity
• Format: Information will be provided in a readable format

9.2 CORRECTION AND UPDATE

If your personal information is inaccurate or incomplete, you may request correction:

• Request Method: Email [email protected] with "DATA CORRECTION REQUEST" and specify the information to be corrected
• Response Time: JDM Direct will update records within 10 business days
• Verification: You may be asked to provide proof of correct information

9.3 DELETION REQUESTS

Subject to legal retention requirements, you may request deletion of personal information:

• Request Method: Email [email protected] with "DATA DELETION REQUEST" in the subject line
• Response Time: JDM Direct will respond within 30 days
• Limitations: JDM Direct may retain information required by law (tax records, customs documentation, fraud investigation records, etc.)

9.4 DATA PORTABILITY

If applicable under your jurisdiction's laws, you may request your personal information in a portable format:

• Request Method: Email [email protected] with "DATA PORTABILITY REQUEST"
• Format: Information will be provided in a commonly used, machine-readable format (e.g., CSV, JSON)
• Response Time: Within 30 days of request

9.5 WITHDRAWAL OF CONSENT

If you have provided consent for a specific use of your information, you may withdraw that consent:

• Request Method: Email [email protected] with "WITHDRAW CONSENT" and specify which consent you are withdrawing
• Effect: JDM Direct will discontinue that use of your information going forward
• Retroactive Effect: Withdrawal does not affect information already processed under previous consent

9.6 CALIFORNIA RESIDENT RIGHTS (CCPA/CPRA)

10. SECURITY AND DATA PROTECTION

10.1 SECURITY MEASURES

JDM Direct implements reasonable technical, administrative, and organizational security measures to protect personal information from unauthorized access, alteration, disclosure, and destruction, including:

Technical Measures

• Encryption of data in transit (HTTPS/SSL protocols)
• Encryption of sensitive data at rest
• Firewalls and intrusion detection systems
• Regular security updates and patches
• Database access controls and authentication
• Secure password requirements for user accounts
• Multi-factor authentication (where applicable)

Administrative Measures

• Limited access to personal information (need-to-know basis)
• Employee confidentiality agreements and training
• Secure data handling procedures
• Access logs and audit trails
• Regular security assessments and audits
• Incident response procedures

Organizational Measures

• Vendor security requirements and audits
• Data processing agreements with service providers
• Regular data backup and recovery procedures
• Business continuity and disaster recovery planning

10.2 LIMITATION ON SECURITY

10.3 PAYMENT CARD SECURITY

If you provide payment card information:

• PCI DSS Compliance: Payment processing complies with Payment Card Industry Data Security Standard (PCI DSS) requirements
• No Storage: JDM Direct does not store full credit card numbers in our systems
• Third-Party Processing: Payment card information is processed by Payment Card Industry-compliant third-party processors
• Encryption: Payment information is encrypted during transmission

11. DATA PROCESSORS AND VENDORS

11.1 SERVICE PROVIDERS

JDM Direct uses the following categories of third-party service providers who process personal information on our behalf:

11.2 DATA PROCESSING AGREEMENTS

JDM Direct requires all service providers to:

• Execute written Data Processing Agreements
• Maintain appropriate security measures
• Process personal information only as instructed
• Respect confidentiality of personal information
• Notify JDM Direct of data breaches
• Comply with applicable data protection laws
• Cooperate with regulatory requests

12. THIRD-PARTY LINKS AND SERVICES

JDM Direct website may contain links to third-party websites, applications, and services not operated by JDM Direct. This Privacy Policy does not apply to third-party services, and JDM Direct is not responsible for their privacy practices.

• Auction House Websites: Japanese auction house links
• Logistics and Shipping Websites: Third-party shipping company portals
• Government Websites: EPA, DOT, CBP, state DMV websites
• Payment Processors: External payment processing services
• Social Media: Facebook, Instagram, LinkedIn, and other social media platforms

13. CHILDREN'S PRIVACY

JDM Direct does not knowingly collect personal information from children under the age of 18. Our services are intended for adults and legal entities.

14. CHANGES TO THIS PRIVACY POLICY

JDM Direct reserves the right to modify, update, or amend this Privacy Policy at any time. Changes will be effective upon posting to our website.

Your continued use of JDM Direct services after changes are posted constitutes acceptance of the updated Privacy Policy. We encourage you to review this Policy periodically for updates.

15. CONTACT INFORMATION FOR PRIVACY INQUIRIES

For questions, concerns, requests regarding your personal information, or to exercise your rights under this Privacy Policy, please contact:

16. COMPLIANCE WITH APPLICABLE LAWS

This Privacy Policy complies with applicable privacy and data protection laws, including but not limited to:

United States

• Federal Trade Commission (FTC) Privacy Rule
• Fair Credit Reporting Act (FCRA)
• Gramm-Leach-Bliley Act (GLBA)
• Driver's Privacy Protection Act (DPPA)
• California Consumer Privacy Act (CCPA)
• California Privacy Rights Act (CPRA)
• VPPA (Video Privacy Protection Act)
• CAN-SPAM Act (regarding marketing emails)
• State privacy laws (Virginia, Colorado, Connecticut, Utah, Montana, Delaware)

International (if applicable)

• General Data Protection Regulation (GDPR) - for EU/EEA residents
• GDPR International Data Transfer Requirements
• Local privacy laws of countries where JDM Direct conducts business

17. GOVERNING LAW

This Privacy Policy is governed by the laws of the United States, without regard to its conflict of law principles. Any disputes regarding this Privacy Policy or privacy practices will be resolved through arbitration in accordance with JDM Direct's Terms and Conditions.