DealerSoftware.net ("DealerSoftware", "we", "us", or "our"), operated by ABCD Systems LLC, provides a cloud-based dealer management platform for independent and franchise dealerships. This Privacy Policy describes how we collect, use, store, share, and protect information about dealership businesses ("Dealers") and their customers ("End Customers") when you use our website at dealersoftware.net and our Services.
By creating an account or using our Services, you acknowledge that you have read this Privacy Policy and agree to its terms. If you do not agree, please do not use our Services.
When a dealership creates an account, we collect:
We store data that dealers enter into the platform, including:
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Provide and operate the platform | Account, inventory, deal data | Contract performance |
| Process payments and collect platform fees | Processor credentials, transaction amounts | Contract performance |
| Generate deal documents and state forms | Dealer license data, deal terms, customer PII | Contract performance |
| Send transactional emails (reset, receipts) | Email address | Contract performance |
| Fraud prevention and security | Login logs, IP addresses | Legitimate interest |
| Platform analytics and improvement | Aggregated usage data | Legitimate interest |
| Legal compliance | As required by law | Legal obligation |
We do not sell your data. DealerSoftware does not sell, rent, or trade dealer or customer data to third parties for marketing purposes.
DealerSoftware uses a Bring Your Own Credentials model. Each dealer connects their own merchant account from a supported payment processor (Stripe, Authorize.net, Helcim, Square, or NMI). DealerSoftware does not act as a payment processor and does not hold merchant accounts on behalf of dealers.
Disclosure: DealerSoftware charges a 0.5% platform transaction fee on payments processed through the platform. This fee is collected automatically via Stripe Connect (for Stripe users) or invoiced separately. This fee is in addition to the dealer's own processor fees (e.g., Stripe's 2.9% + 30¢). By using the payment features, dealers agree to this fee.
Payment processor API keys and credentials entered by dealers are:
DealerSoftware does not store, process, or transmit raw credit card numbers, CVV codes, or magnetic stripe data. All card data is handled directly by the connected payment processor (Stripe, Authorize.net, etc.) under their PCI DSS compliance programs. DealerSoftware only stores transaction IDs and masked card references (last 4 digits).
Dealers may optionally enable credit card surcharges on customer transactions in states where permitted by law. DealerSoftware surfaces surcharge eligibility based on the dealer's registered state. Surcharges are the dealer's responsibility to comply with applicable state law. Surcharges are never applied to debit or prepaid card transactions.
Dealers may store credentials for state DMV portals (TxDMV WebDealer/CVR), finance platforms (Dealertrack, RouteOne), electronic signature services (DocuSign), and other third-party systems in the DealerSoftware credential vault.
Dealers enter personal information about their customers (buyers, lessees, co-signers) into DealerSoftware to generate deal documents and manage transactions. This includes:
Dealer Responsibility: Dealers are the data controllers for their customers' personal information. Dealers are responsible for obtaining necessary consent from their customers, complying with applicable privacy laws (CCPA, GLBA, FCRA, state consumer protection laws), and providing their own privacy notices to customers. DealerSoftware acts as a data processor on the dealer's behalf.
| Safeguard | Details |
|---|---|
| Encryption in transit | TLS 1.2+ on all connections (HTTPS enforced) |
| Encryption at rest | AES-256-CBC for credentials, SSNs, and sensitive fields |
| Password hashing | bcrypt with cost factor 12 — passwords never stored in plain text |
| Session security | Session regeneration on login, configurable session lifetime |
| Rate limiting | Login attempts rate-limited; brute-force lockout enforced |
| Access controls | Role-based permissions (platform_admin, dealer_owner, dealer_staff, viewer) |
| Database isolation | Dealer data is logically isolated by dealer_id in all queries |
| Audit logging | Login events, document generation, and payment activity logged with IP |
Despite these measures, no system is completely secure. We encourage dealers to use strong passwords, enable two-factor authentication when available, and report suspected security issues to support@dealersoftware.net.
We share data with trusted vendors who help operate the platform:
| Vendor | Purpose | Data Shared |
|---|---|---|
| GoDaddy (cPanel Hosting) | Web hosting and database | All platform data at rest |
| Brevo (Sendinblue) | Transactional email delivery | Email address, email content |
| Stripe | Payment processing, Connect platform fees | Transaction amount, connected account ID |
| Authorize.net / Helcim / Square / NMI | Payment processing (dealer's own account) | Transaction data via dealer's API key |
| Google Fonts / CDN Libraries | UI rendering | IP address (standard CDN request) |
We may disclose information when required by law, court order, or to protect the rights and safety of DealerSoftware, its users, or the public.
In the event of a merger, acquisition, or sale of assets, dealer and customer data may be transferred to the acquiring entity. We will notify affected dealers prior to any such transfer.
Dealers may request deletion of their account and data by contacting support@dealersoftware.net. Note that records subject to legal retention requirements (deal documents, payment records) may not be immediately deletable.
Depending on your location, you may have the following rights:
To exercise any of these rights, email support@dealersoftware.net. We will respond within 30 days.
DealerSoftware uses the following cookies:
| Cookie | Purpose | Duration |
|---|---|---|
| Session cookie (PHP) | Maintains authenticated login session | Session / configurable lifetime |
| CSRF token | Protects against cross-site request forgery | Session |
| dealer_token (localStorage) | API authentication token for dashboard | Session |
We do not use third-party advertising cookies, tracking pixels, or behavioral analytics. We do not serve ads in DealerSoftware.
DealerSoftware is a business platform intended for use by licensed dealers and their authorized staff. We do not knowingly collect personal information from individuals under 18 years of age. If you believe a minor has provided information to us, please contact support@dealersoftware.net and we will promptly delete it.
We may update this Privacy Policy from time to time. When we do, we will update the "Last Updated" date above and notify dealers via email if the changes are material. Your continued use of the platform after changes constitutes acceptance of the updated policy.
For privacy questions, data requests, or to report a concern:
For security vulnerabilities, please email us directly rather than posting publicly. We take security reports seriously and will respond within 48 hours.