Mears Nissan, LLC dba Mears Nissan

Privacy Policy

Effective Date: 1 March 2026

A brief note from Mears Nissan, LLC dba Mears Nissan:

Thank you for choosing Mears Nissan. We want you to know that we genuinely respect each and every one of our customers – respect that extends and very especially to customer data. In order to provide our customers with the very best experience and service, we collect and use data in various ways. We only collect and use data that is implicated in the marketing, sales, and support of automobiles and other services provided via our business. This privacy policy discloses what data we collect and how that data is used, and it provides you with information about your rights and how to exercise those rights. It’s important that you understand that by using our website and apps, visiting our stores, or otherwise engaging with our dealership, you understand that the following information has been made available to you and that you have been provided an opportunity to understand and exercise your rights. For a list of current US and international regulations, you may consult information provided at https://iapp.org/resources/global-privacy-directory/. If you ever have any questions or concerns about this privacy policy and/or your data rights, please never hesitate to reach out to us at privacy@parkwayauto.com.

Introduction and Scope

This Privacy Policy describes how we collect, use, disclose, and protect personal information both online and offline, including through our dealership websites, mobile applications, in-store showroom visits, service center interactions, and paper forms. We are committed to handling your personal information responsibly and in accordance with applicable laws and industry best practices. By using our services or interacting with us, you acknowledge that you have read and understood this Privacy Policy.

This policy applies to all consumer personal information collected by Mears Nissan, LLC dba Mears Nissan (“Mears Nissan,” the “Company,” “we,” “us,” or “our”) in connection with our products and services. It covers information collected through our websites and mobile apps (“Online Services”) as well as information gathered when you visit our physical locations or otherwise communicate with us (e.g., by phone, email, or paper forms). This Policy does not apply to any third-party websites or services that are not controlled by us, even if linked to our services; those are subject to their own privacy policies.

Information We Collect

We collect personal information about you from a variety of sources, including information you provide directly, information collected automatically, and information from third parties. The types of personal information we collect include:

• Information You Provide. When you interact with us, whether online or in person, you may provide certain personal details. This includes information collected when you fill out forms on our website or at our dealership, such as when you inquire about a vehicle, schedule a test drive, purchase or lease a vehicle, sign up for financing, have your vehicle serviced, or participate in a promotion. For example, we collect information you provide when you create an online account, submit a lead or inquiry about a car, visit our showroom, test drive a vehicle, complete a purchase or sale, apply for financing, or sign up at our service department. This information typically includes:
  • Identifiers and Contact Details. May include one or any combination of name, address, phone number, email address, driver’s license number, Social Security Number (SSN), and other government-issued ID numbers.
  • Customer Records and Transaction Information. Details about the vehicle you purchase, lease, or service with us; vehicle identification number (VIN); purchase and service history; trade-in and appraisal information; warranty and repair details; and any feedback or survey responses.
  • Financial and Payment Information. Credit application details (such as income, credit history, and financing requested), credit score or reports (as permitted by law), bank account or payment card information, and other details needed to process payments or evaluate financing.
  • Demographic and Personal Characteristics. Information such as date of birth, age, gender, marital status, military status, language preferences, and other demographic details you may provide to us. Some of this information may be considered sensitive under certain laws. We will only collect sensitive personal information where necessary (for example, government ID for a test drive or financing) and handle it in accordance with applicable law.
  • Professional or Employment Information. If you provide it to us (for instance, on a credit application or service form), we may collect information about your occupation, employer, and income, as needed for financing or verification purposes.
  • Communication Records. Copies of your communications with us, such as emails, texts, chats, or call recordings when you contact customer service or sales representatives. For example, phone calls to our sales or service departments may be recorded for quality and training purposes, and we retain chat transcripts or voicemails you leave with us.
  • Visual/Audiovisual Information. If you visit our premises, please note that for security we may use CCTV/video surveillance. We may also collect photographs or videos. If you use certain features on our website, we might receive your image (for instance, if you upload documents or images as part of a transaction). Similarly, any photos or videos you submit to us (such as a driver’s license scan or trade-in vehicle photos) would be collected as personal data.
• Information Collected Automatically. When you use our Online Services, we and our third-party partners may collect certain information by automated means, such as cookies, tags, scripts, and/or other similar technologies. This online usage information may include:
  • Device and Browser Data. IP address, device identifiers, browser type, operating system, device model, and system settings.
  • Usage and Browsing Data. Details about how you interact with our websites or apps, such as pages or vehicle listings viewed, links or buttons clicked, search queries, time spent on pages, and referring webpage or app. We may also capture clickstream data (the path you take through our site) and log the dates and times of access.
  • Location Information. The approximate location of your device or computer, inferred from your IP address, or precise geolocation if you explicitly allow it via your mobile device settings or browser. For example, our website might ask for your location to show the nearest dealership or inventory.
  • Cookies and Tracking Technologies. We use cookies and similar technologies to enhance your experience and gather data. Cookies are small text files stored on your device that help websites remember your preferences and activity. We (and service providers acting on our behalf) use cookies to remember your settings, keep you logged in, personalize content, and understand how you use our site. Web beacons (also known as pixels or clear GIFs) may be used in emails or on our site to track that you’ve opened emails or to measure engagement with our content. This automated collection helps us (a) remember your preferences (so you don’t have to re-enter information each visit), (b) understand and analyze usage of our online platforms, (c) customize our services to your interests, (d) measure the effectiveness of our marketing or communications, and (e) identify and fix technical issues. For more details, see the “Cookies & Tracking” section below.
• Information from Third-Party Sources. We may also obtain information about you from other sources to the extent permitted by law.
  • Credit and Finance Partners. If you apply for financing or leasing, we may receive information from credit bureaus or finance companies, such as your credit history or credit score. We may also receive information from banks or financial institutions handling your vehicle loan or lease.
  • Referral Partners and Lead Providers. If you were referred to us by a third-party program or website (for instance, an online automotive marketplace, a dealership referral service, or a membership/buying club), we may receive your contact information and vehicle interests from that third party. In some cases, if you provided information to a lead generation service (e.g., an online car buying service) that directed you to us, our contract with that service may require us to report back on the outcome (e.g. whether you purchased a vehicle).
  • Social Media and Connected Accounts. If you choose to connect or interact with our services via third-party platforms (such as logging in with social media or gmail account, or engaging with us on social media), we may receive certain profile information from that platform. For example, if you log into our website using Facebook, we might receive your name, email, and public profile information as allowed by your Facebook privacy settings. We also collect any information you publicly share on our official social media pages (like posting a comment or sending us a direct message on our brand’s Facebook/Twitter/Instagram page).
  • Service and Warranty Providers. If your vehicle’s manufacturer (OEM) or an extended warranty administrator provides us with information (for example, recall notices, warranty claims, or maintenance history), we may add that to your profile. We may also receive updated address or contact details from third-party sources to keep our records accurate.

Categories of Personal Data. In summary, within the last 12 months we may have collected the following categories of personal information (as defined by applicable privacy laws): identifiers; contact information; customer records (paper or electronic) including payment and financing details; characteristics of protected classifications (e.g. age, gender, marital status when you provide them); commercial information (such as records of products or services purchased or considered); biometric information (if, for instance, you use fingerprint authentication in an app. IMPORTANT NOTE: Our dealership generally does not collect biometric data, and if we ever do, we will obtain consent where required;); internet or other electronic network activity information (browsing history, interactions with our website/app); geolocation data; audio, electronic, visual or similar information (call recordings, CCTV); professional or employment-related information (if you apply for credit or employment with us); and inferences drawn from the above. We may collect and use these categories of information for the business and commercial purposes described in the next section.

Cookies and Online Tracking

We use cookies and similar tracking technologies on our websites and mobile apps to personalize your experience and deliver relevant content/ads. When you visit our Online Services or interact with our emails, certain information is collected automatically as described above. This section provides more detail about those technologies and your choices.

• Cookies. Cookies are small files stored on your browser or device. We use “first-party” cookies (set by us) to remember your site preferences, keep you logged in, and gather analytics about usage of our site. We also allow certain “third-party” cookies (set by our analytics and advertising partners) to collect information about your online activities across our site and other sites, so that we and those partners can provide you with personalized content and ads (this is called interest-based advertising or cross-context behavioral advertising). For example, we use Google Analytics to understand how visitors use our site and to improve user experience; Google may set cookies on your browser to collect usage data (see Google’s Privacy Policy for details). Likewise, advertising partners like Google and Facebook may use cookies or pixels to track your browsing activity on our site and show you targeted ads for our products on other platforms. These cookies and pixels allow us and our partners to (a) track ad impressions and click-through rates, (b) limit the number of times you see the same ad, and (c) measure the effectiveness of our marketing campaigns.
• Web Beacons and Pixels. We may include small graphic images (sometimes called web beacons, pixel tags, or clear GIFs) in our website pages or emails. These help us determine whether you have opened an email or accessed certain content. For instance, if you sign up for our newsletter, we might use a beacon to count how many users open the email and clicked on an offer. This information helps us gauge the effectiveness of our communications and tailor future messages.
• Do Not Track. Your browser or device may offer a “Do Not Track” (DNT) option or Global Privacy Control (GPC) signal that allows you to signal your privacy preferences to websites. At this time, our websites recognize and respond to certain opt-out preference signals, such as the Global Privacy Control, as required by applicable law. If our site detects a valid GPC signal from your browser, we will treat it as a request to opt out of the collection, tracking, sale and/or sharing of your data for targeted advertising purposes as described in the “Your Privacy Rights” section below. Aside from GPC, you can also manage cookies through your browser settings using the “Cookie Consent” button located on our website, and as otherwise described herein.
• Your Choices for Cookies. You can control or delete cookies by adjusting your browser settings. Most web browsers automatically accept cookies, but you can usually modify your settings to decline cookies or alert you when a cookie is being placed. Please note, however, that if you disable cookies, some features of our site may not function properly (for example, remembering your preferences or login might not work). For more information on how to manage cookies and targeted advertising, see the “Your Choices” section of this Policy.

How We Use Your Information

We use the personal information we collect for the following business and commercial purposes (each purpose may not apply to every individual, but this is a comprehensive list of ways we may process personal data):

• To Provide Products and Services. We use personal information to facilitate your car buying, selling, or servicing transactions with us. This includes using your information to respond to inquiries, help you find a vehicle, process vehicle purchase or sale documents, register and title your vehicle, schedule test drives or service appointments, perform vehicle maintenance and repairs, fulfill orders for parts or accessories, and otherwise carry out the requests you make to us. For example, if you schedule a service appointment, we’ll use your contact and vehicle information to confirm the appointment and service your vehicle. If you purchase a car, we’ll use your personal and financial details to complete the sale, register the vehicle, and provide any related services (like insurance or warranty activation).
• Customer Service and Support. We use your information to provide customer support and improve your experience. For instance, we may use your communication records (calls, emails, chats) to assist you with questions or complaints, ensure quality assurance, and train our staff. We also send service notifications and administrative messages – for example, we might email you a purchase receipt, text you a service reminder, or call you about important safety recalls or updates concerning your vehicle.
• Financing and Financial Services. If you apply for financing or leasing, we use the provided information (like SSN, income, and credit history) to process your application, which may include sharing with lenders or financial partners as needed to obtain credit approval. We also use personal data to manage payments, enforce loan agreements, or extend offers like refinancing (as permitted by law).
• Marketing and Promotions. We may use your contact information, demographic data, and online identifiers to send you marketing communications and offers, but only in accordance with your preferences and applicable law. This includes sending promotional emails or text messages about sales events, new models, service specials, or loyalty programs that we believe may interest you. We do not send such messages without the appropriate consent where required by the TCPA or other laws. You can opt out of marketing communications at any time, as described in the “Opt-Out Requests (TCPA)” section. We may also use information about your past interactions or purchases to personalize the marketing messages and advertisements you receive, ensuring they are relevant (for example, highlighting service deals if you’ve bought a car from us, or new model releases similar to the vehicle you showed interest in).
• Analytics and Improvement of Services. We analyze usage data, feedback, and transactions to understand trends and improve our products and services. This helps us enhance the dealership experience – for example, by optimizing our website’s user interface, improving our vehicle inventory mix based on customer interest, or streamlining our sales and service processes. We may use aggregated insights to develop new features or services (such as a new online appointment system or a mobile app feature). We also monitor metrics like website traffic, email open rates, and campaign performance to measure the effectiveness of our marketing and informational materials.
• Personalization. To provide a tailored experience, we may use information to personalize content and recommendations on our site or in communications. For example, our website might use your browsing history or search queries to suggest vehicles you might like. In our dealership, staff might use notes from your previous visits to better assist you. Personalization extends to remembering your preferences (such as preferred contact method or language) and connecting your interactions across channels for a seamless experience.
• Security and Fraud Prevention. We are dedicated to protecting our customers, employees, and business against security threats and fraud. Personal information may be used to verify your identity, especially when you exercise your data rights or access your account, to help prevent unauthorized access. We also may use and share information as needed to detect, investigate, and prevent fraudulent transactions, spam, cyberattacks, or other malicious or illegal activities. For example, if we suspect a fraud (such as someone impersonating a customer), we may use device information and internal signals to block the activity and alert you. We also maintain internal logs and employ tools to identify anomalies or suspicious patterns that could indicate security issues.
• Legal and Regulatory Compliance. We process personal information as required to comply with our legal obligations and industry standards. This includes using data to meet recordkeeping and reporting requirements (e.g., maintaining sales records for tax purposes, or finance records under the Gramm-Leach-Bliley Act), performing audits, fulfilling contracts with OEMs or vendors, and complying with court orders or government inquiries. For example, car dealerships must retain certain purchase and payment records for a number of years under financial regulations; we will keep and use that data as needed to satisfy those laws. We may also use your information to send legally required communications, such as recall notices from a manufacturer or notices about changes in terms.
• Protection of Rights and Interests. Where necessary, we will use personal information to protect our rights, privacy, safety or property, or those of our customers, employees, or the public. For instance, we may use personal data to pursue or defend against legal claims – such as using transaction records to handle a dispute with a customer, or sharing information with law enforcement if someone engages in illegal or threatening behavior at our dealership. We will also use information to enforce the terms of our contracts and agreements, including our website’s Terms of Use.
• Business Transfers and Corporate Transactions. In the event that we consider or undergo a merger, acquisition, bankruptcy, restructuring, or sale of some or all of our business or assets, personal information may be disclosed or transferred to the entities involved as part of due diligence or execution of the transaction. We would seek appropriate protection for information disclosed in these contexts. If another company acquires our dealership (or a portion of our business), personal information may be transferred to that successor or affiliate as part of the transaction, and that entity will have the right to continue using the information as set forth in this policy.
• Other Purposes. We may use your information for any other purpose that we describe at the time of collection or otherwise with your consent. We will not use personal data in a manner that is incompatible with the purposes for which it was collected, unless required or permitted by law. If we need to process your information for a new purpose, we will update this Privacy Policy and/or obtain your consent as needed.

Lawful Bases for Processing (GDPR)

We do not intentionally market to individuals or entities outside of the United States. However, if you are located in the European Economic Area (EEA), United Kingdom, or another jurisdiction with similar laws, we process your personal data only when we have a lawful basis to do so. This means we rely on one or more of the following grounds:

• Performance of a Contract. We process personal data to provide you with the products or services you requested – for example, using your information to complete a vehicle sale or to perform a service on your car. This also covers steps taken at your request before entering into a contract (e.g., processing a finance application or sending a quote). We cannot provide the requested services without this information.
• Legal Obligation. We process personal data where we are legally or regulatorily required to do so. For instance, we may be obligated to retain transaction records for accounting purposes or to verify identity to comply with anti-fraud or anti-money laundering laws. When we process personal data to comply with a legal obligation, we limit the data to what is necessary for that obligation.
• Legitimate Interests. We process personal data as needed for our legitimate business interests (or those of third parties), provided that such interests are not overridden by your fundamental rights and freedoms. Our legitimate interests include, for example, improving and securing our products and services, understanding our customers and market trends, preventing fraud, protecting our legal rights, and sending marketing to our customers. We rely on legitimate interests to process data like CCTV at our stores for security, or to send marketing about similar products to our existing customers (subject to opt-out rights). When we rely on this basis, we carefully consider and balance our interests against your privacy rights to ensure fair processing.
• Consent. In certain cases, we will ask for your consent to process your information. For example, we seek consent before sending promotional text messages or emails to individuals when required by law, and we will ask for consent before collecting sensitive personal data for a clearly defined purpose (if such collection is not otherwise allowed by law). If we rely on your consent, we will make it clear at the point of collection and you have the right to withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of processing already carried out, but it will stop the further use of your data for the purpose you originally consented to.
• Other Bases. In rare cases, we may need to process personal data to protect vital interests (e.g., in life-threatening situations) or to perform a task in the public interest, but these bases are uncommon in the context of dealership operations.

If you have questions about the lawful bases we rely on in a specific context (for example, our basis for a particular marketing activity in your country), feel free to contact us for more information.

Disclosure of Information: Sharing and/or Selling of Data

We do not sell your personal information to third parties in exchange for money. However, we do share personal information with third parties in certain circumstances as part of our business operations, and some of those disclosures (such as sharing for online advertising) may be considered a “sale” or “share” of data under laws like the CCPA/CPRA. This section explains who we share information with and why. We take care to share only the minimum data necessary for each purpose and require our partners to safeguard your information.

Categories of Recipients. We may disclose (and may have disclosed in the last 12 months) personal information to the following categories of third parties:

• Service Providers. These are companies that perform services on our behalf, under our instructions. For example, we share personal information with:
  • IT and Hosting Providers. Companies that host our websites, databases, and applications or provide technical infrastructure (for instance, cloud storage providers).
  • Payment Processors. Banks and payment gateways that process credit card transactions or loan payments.
  • Email, Marketing, and Advertising Partners. Vendors that send out emails or postal mail on our behalf, manage customer surveys, or serve advertisements for us (e.g., our digital marketing agencies and ad networks). We allow some advertising and analytics providers to collect information via our site (as described in the Cookies section) to enable targeted advertising; those partners may in turn provide us aggregated metrics and insights. For example, we might share a cryptographic hash of your email (a de-identified form) with a social media platform to try to show you ads on that platform, or allow a partner to place cookies that collect your browsing behavior for ad targeting.
  • Customer Service and Support Tools. Platforms that help us manage communications with you (for instance, a live chat service provider). IMPORTANT NOTE: if you use our website’s live chat, the content of your chat may be recorded and stored by our chat vendor, and may even be shared with vehicle manufacturers if necessary to address your inquiry.
  • Professional Advisors. Accountants, auditors, lawyers, and consultants who need access to information to provide advice or auditing services.
  • Shippers and Logistics. If we deliver a vehicle or parts to you, we share the necessary information with the shipping/delivery company (like your name and address). We require service providers to only use your information to carry out the services we have requested, in a manner consistent with this policy and applicable law. They are not permitted to use your data for their own independent marketing purposes.
• Financial Institutions and Lenders. If you request financing or leasing, we will share your information with banks, finance companies, or other third-party lenders to process your application. This can include the personal data on your credit application and any relevant supporting documentation. Similarly, if you use a branded credit card or financing program (for example, a manufacturer’s financial services arm), we share necessary details with those institutions. We may also share information with insurance companies or service contract providers if you purchase those products through us (for instance, we’d send your contact and vehicle info to an extended warranty provider to register your plan).
• Vehicle Manufacturers (OEMs). We have relationships with the manufacturers of the vehicles we sell (e.g., Ford, Toyota, GM, etc.). We may share certain personal information with the relevant manufacturer and its affiliates for various purposes. For instance, we provide sales and service records to the manufacturer for warranty, safety recall, and customer satisfaction purposes. The OEMs may also use personal information we provide for their own business purposes, such as research and development of new vehicles, or to contact you with offers and information about their products and services. In some cases, manufacturers might combine data from many dealerships to better understand product performance or customer demographics. If you purchase or service a vehicle with us, the manufacturer may receive data such as your name and contact information, vehicle identification information, and details of the transaction or service performed. IMPORTANT NOTE: Once shared, such information is also subject to the manufacturer’s privacy policy, and the manufacturer will have its own compliance obligations. We share with OEMs both to fulfill our contractual obligations to them and to ensure you receive integrated services (for example, notice of a manufacturer recall). Manufacturers may also share back with other dealerships or use the data to direct you to nearby authorized dealers if needed. If required by law, we will obtain your consent before sharing data with manufacturers for their independent marketing purposes.
• Marketing and Promotional Partners. Sometimes we conduct joint promotions or events with other organizations (such as a local business fair, charity event, or co-sponsored sweepstakes). If you choose to participate in such an event, we might share your information (for example, name, contact, and maybe an indication that you are our customer) with the co-sponsor or partner running the promotion. They in turn might use the data for prize fulfillment or marketing, as described in the event’s consent or rules. We will provide specific disclosures at the time of collection in these cases. Additionally, if you were referred to us by a business partner (for example, through a referral program where an existing customer or another business sent you our way), we might (as noted above) share information back to that partner about the status of your referral.
• Third-Party Lead Providers and Referral Sources. If we obtained your information from a third-party lead source (with your permission), we may have an obligation to report certain outcomes to that source. For example, if a membership club or online car marketplace provided your info to us as a sales lead, and you end up buying a car from us, our agreement with that source might require us to inform them of the sale (often just in aggregate or in terms of conversion rate). We do not sell your data to these lead sources; rather, we often pay a fee for the introduction, and any subsequent sharing back is to fulfill our contract with the lead source.
• Law Enforcement and Legal Requests. We may disclose personal information when we believe it is necessary to comply with a law, regulation, valid legal process, or governmental request. This includes responding to subpoenas, court orders, or discovery requests in litigation. We also may share information if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of our company, our customers, or others. For example, we might share information with law enforcement agencies in cases of suspected fraud, theft (such as a stolen vehicle report), identity theft, or if the data is requested as part of an investigation. We reserve the right to report to law enforcement any activities that we, in good faith, believe to be unlawful or fraudulent.
• Business Transfers. As noted in the “How We Use” section, if we are involved in a merger, acquisition, sale of assets, reorganization, bankruptcy, or other transaction, personal information may be transferred to a successor or affiliated entity as part of that deal. We will ensure any such transfer is subject to appropriate confidentiality protections and, if required by law, will notify you or obtain your consent.
• Affiliates. Our dealership may be part of a larger corporate group or might have affiliates (companies under common ownership or control). We may share personal information with our current or future affiliates (such as other dealerships in our family of companies, a parent holding company, or subsidiaries) for purposes consistent with this Policy. For example, if you request a particular vehicle and it’s at an affiliated dealership, we might transfer your information to that affiliate to fulfill your request. Or, if our parent company provides centralized administrative services (like IT or marketing) for all its dealerships, your data might be accessed by those centralized teams. All affiliated entities are required to honor the privacy commitments made in this Policy.
• With Your Consent or At Your Direction. We will share your personal information with other third parties if and when you expressly consent or direct us to do so. For instance, if you ask us to share your information with an insurance broker or a car detailing service, we will do so with your authorization. If you use integrations or connections we offer (for example, if you request that we sync your vehicle purchase information with a third-party vehicle history app), we will share data as needed to fulfill your request. Apart from the situations above, we won’t disclose your personal information to third parties unless you have requested or agreed that we do so.

We do not knowingly disclose personal information to third parties for their own independent direct marketing purposes without your consent. We also do not sell or share sensitive personal information (such as Social Security Number or driver’s license number) except as necessary to provide services to you or as otherwise allowed by law (for example, using a credit bureau for a finance application).

No Sale of Personal Information for Monetary Value. As stated, we do not sell personal data in exchange for money. However, various laws define “sale” and “sharing” more broadly to include some of our routine data disclosures (for example, using advertising cookies could be deemed a “sale”/“share” of identifiers and internet activity to advertising partners for cross-context behavioral advertising). To the extent our use of third-party analytics and advertising cookies, or sharing limited data with OEMs or partners, is considered a “sale” or “sharing” under those definitions, consumers may have the right to opt out of that as described in the “Your Privacy Rights” section below. Other than the cases outlined above (OEM programs, targeted advertising, and lead referrals), we do not disclose personal information in ways that would be considered a sale or exchange for valuable consideration.

Aggregated or De-Identified Information. We may share information that has been aggregated or de-identified in such a way that it can no longer reasonably be used to identify an individual. For example, we might share statistical information about our sales with advertisers or industry partners. This information will not contain personal data and is not subject to the same restrictions.

We take steps to contractually require recipients of your personal information to protect it and use it only for the purposes we specify. However, if you disclose information to third parties directly (for example, by clicking a link to a third-party website or interacting with a third-party service that is outside our control), that information will be governed by the third party’s privacy practices. We encourage you to review the privacy policies of any third-party sites or services you engage with.

International Data Transfers

Our dealership is based in the United States, and the personal information we collect is generally processed and stored in the U.S. We do not market to or otherwise intend to engage individuals or entities outside of the United States whatsoever. However, we may transfer or allow access to personal data from other countries as necessary for the purposes described in this Policy. For example, if you are an international customer purchasing a vehicle to export, your data will be processed in the U.S., or if one of our service providers or business partners is located abroad, your data may be transferred to that country.

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, please note that your personal information may be transferred to and processed in the United States or other jurisdictions that may not provide the same level of data protection as your home country. In such cases, we will ensure that appropriate safeguards are in place to protect your information in accordance with GDPR requirements. This may include using European Commission-approved Standard Contractual Clauses with our service providers or ensuring the recipient is certified under an approved data protection framework. You can request a copy of the relevant contractual protections by contacting us (see the “Contact Us” section below).

We will only transfer personal data internationally in compliance with applicable laws and will take reasonable steps to make sure your privacy rights are protected. By using our services or submitting information to us, you understand that your personal information may be transferred to the U.S. or other countries as needed. We remain responsible for the processing of personal information we receive under each privacy framework and subsequent transfers to third parties acting on our behalf.

Data Retention and Security

Data Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. This means we will keep your personal data for as long as you are a customer or otherwise have a relationship with us, and thereafter for the period needed for us to comply with legal obligations, resolve disputes, establish or defend legal claims, or for legitimate business purposes. For example:

• Transaction Records. Sales and lease records, finance agreements, and warranty/service contract details are generally kept for a number of years to comply with financial and regulatory requirements (often 7 years or more, depending on the jurisdiction).
• Service and Repair Records. We may retain vehicle service history to assist with future repairs, verify warranty coverage, or for safety recall management. These could be kept for the life of the vehicle (especially for safety-related information) or as required by law.
• Marketing Preferences. If you’ve opted out of marketing communications, we will retain minimal contact information on a suppression list to honor your opt-out request going forward (so we don’t inadvertently re-add you).
• Web Analytics Data. Information collected via cookies and similar tools may be retained for a shorter period, such as 26 months, unless you clear those cookies sooner. Aggregated analytics may be kept longer for trend analysis.
• Legal Holds. If we are under a duty to preserve data for litigation, investigations, or regulatory inquiries, we will retain the data for as long as instructed by the relevant authority.

We periodically review the personal data we hold and either delete or anonymize information that is no longer needed. The exact retention periods can vary based on the category of data and legal requirements. If you would like more information about our specific data retention periods for different types of personal information, you may contact us (see “Contact Us” below).

You have the right to request that we delete your personal information under certain circumstances – see “Your Privacy Rights” for details. Please note that even if we delete your personal information from active databases, it may remain in backup or archival records for a period of time until those are cycled out.

Requesting Further Information. You can request further information on our data retention times and the criteria we use to determine those periods by reaching out to us via the contact information provided. We believe in transparency and will gladly explain how long we typically keep different categories of data and why.

Data Security

We have implemented a comprehensive information security program with administrative, technical, and physical safeguards designed to protect your personal information from unauthorized access, disclosure, alteration, and destruction. These measures include, for example:

• Secure network firewalls and encryption of sensitive data (such as financial information and Social Security numbers) during transmission.
• Secure storage systems with controlled access – personal data is stored on systems that are password-protected and accessible only by authorized personnel with a business need. We limit access to your personal data to employees and service providers who need it to perform their duties.
• Employee training and confidentiality obligations – our staff are trained on the importance of privacy and security, and we have internal policies in place to safeguard data. Any employee or contractor who violates our privacy or security policies may be subject to disciplinary action.
• Physical security at our facilities – we maintain secure offices and archives; for instance, paper records are kept in locked cabinets or rooms with restricted access, and our dealerships have security measures like alarms and surveillance.
• Monitoring and testing – we monitor our systems for vulnerabilities and have incident response plans ready. We also use up-to-date security tools and regularly test the effectiveness of our safeguards (penetration testing, vulnerability scans, etc.).

Despite our efforts, please be aware that no security measure or data transmission over the Internet can be guaranteed to be 100% secure. Cyber threats evolve rapidly, and while we strive to protect your information, we cannot warrant absolute security. It is important for you as well to protect against unauthorized access to your account credentials and to notify us immediately if you suspect any unauthorized activity or security breach. If we become aware of a data breach that affects your personal information, we will notify you and/or the appropriate regulatory authorities as required by law.

We also ask that you do not send sensitive personal information to us by email, as email may not be secure. Use our secure web forms or portals when available (for example, for submitting DSAR requests or credit applications), or contact us by phone or in person.

Security and data protection are ongoing commitments. We regularly review and update our security practices to address new threats and to incorporate industry best practices. If you have specific questions about the security of our systems or wish to report a particular concern, please contact us.

Your Privacy Rights and Choices

You have certain rights and choices regarding your personal information. We are committed to facilitating the exercise of these rights. Depending on your place of residence or the law that applies, your rights may include:

• Right to Know / Access. You have the right to request that we disclose what personal information we have collected about you. This includes the specific pieces of information, as well as additional details like the categories of personal information collected, the categories of sources, the purposes for collecting it, and the categories of third parties with whom we share it. Upon verification of your identity (and if required by law), we will provide you with the information we have about you in a portable format (to the extent required, e.g., by CCPA/CPRA or GDPR).
• Right to Correct. You have the right to request that we correct any inaccurate personal information we maintain about you. If you find that any of your details (e.g., contact information or account data) are incorrect or outdated, please let us know and we will rectify it where required by law.
• Right to Delete. You have the right to request deletion of personal information we have collected from you, subject to certain exceptions. Once we receive and verify a valid deletion request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies. For example, we may retain information needed to complete a transaction you initiated, to comply with a legal obligation (such as maintaining sales records), or to exercise or defend legal claims. We will inform you of any denial of deletion and the reason, to the extent required by law.
• Right to Opt-Out of “Sale” or “Sharing” of Personal Information. If you are a California resident (or similar rights apply in your state), you have the right to opt-out of the sale or sharing of your personal information for cross-context behavioral advertising. As noted, while we do not sell data for money, our use of third-party marketing cookies or sharing with OEMs might be considered a sale/sharing under CPRA. You can instruct us at any time not to sell or share your personal information by using the methods described in the “Exercising Your Rights” section below. Once you opt-out, we will honor your request and refrain from selling/sharing your data unless you later provide consent allowing us to do so.
• Right to Limit Use of Sensitive Personal Information. We do not use or disclose sensitive personal information (as defined by CPRA, e.g., Social Security number, precise geolocation, etc.) for purposes beyond what is necessary for providing our services or other exempt purposes. Therefore, we do not offer a widespread “limit use of sensitive info” request because we automatically limit such uses to what's allowed by law. However, if in the future we were to use sensitive data in additional ways, you would have the right to direct us to limit those uses.
• Right to Non-Discrimination. We will not discriminate against you for exercising any of your privacy rights. This means, for example, we will not deny you goods or services, charge you a different price, or provide a different level or quality of service just because you exercised your rights under relevant privacy laws. (However, please note that if you ask us to delete data that is necessary for us to provide a service, we may not be able to continue providing that service – e.g., deleting your account data may mean you can no longer use an associated service. But we will inform you of any such implications at the time of your request.)
• Additional Rights (GDPR/EEA residents). If you are in the European Union/EEA or a similar jurisdiction, you have some additional rights under GDPR or applicable law, including:
  • Right to Object. You may have the right to object to the processing of your personal data in certain situations – for example, objecting to processing based on our legitimate interests, or opting out of direct marketing (which you can do at any time). If you object, we will consider your request and will no longer process the data unless we have compelling legitimate grounds or it is needed for legal claims.
  • Right to Restrict Processing. You can request that we restrict (pause) processing of your personal data under certain circumstances – such as while we verify your data accuracy or consider an objection you have raised. When processing is restricted, we will store your data but not use it until the restriction is lifted (unless necessary for legal reasons).
  • Right to Data Portability. You have the right to request a copy of certain personal data in a structured, commonly used, and machine-readable format, and to have that information transmitted to another controller (where technically feasible). This right applies to data you provided to us and that we process by automated means on the basis of consent or contract (for example, if you provided us some data in applying for a service, you can ask for a digital copy of that data).
  • Right to Withdraw Consent. If we are processing your personal data based on your consent, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing before withdrawal, but it will mean we stop the specific activities you previously consented to (e.g., you can opt out of marketing emails by withdrawing consent, and we will stop sending them).
  • Right to Lodge a Complaint. You have the right to lodge a complaint with a supervisory authority (such as a Data Protection Authority in the EU or the UK’s Information Commissioner’s Office) if you believe we have infringed your privacy rights or violated data protection laws. We encourage you to reach out to us first so we can address your concerns, but you are entitled to contact the regulator directly.

These rights may be subject to certain conditions and exceptions under applicable law. For instance, if fulfilling your request would reveal personal information about another person, we may need to redact or deny part of the response. Similarly, we may refuse a request to delete if the information is needed to complete a transaction you requested or to comply with a legal obligation. We will explain any such decisions in our response.

Exercising Your Rights (Submitting DSAR Requests)

If you wish to exercise any of the above rights, or to submit a Data Subject Access Request (DSAR) or other privacy request, please contact us through one of the following methods:

• Phone. You may call us at (330) 639-4411 to submit your request by phone. Our Privacy team is available during normal business hours to assist with requests.
• Email. You can also email your request to privacy@parkwayauto.com. Please include your name, contact information, and detail which rights you wish to exercise (e.g., “Right to Access Request” or “Deletion Request”) so we can process your request efficiently.
• Mail. If you prefer, you may send a written request to: Mears Nissan at 4825 Tuscarawas St W, Canton, OH 44708. Please indicate “Privacy Rights Request” in your correspondence and specify the nature of your request and include your first and last name in order that our team might timely honor your request.

Verification. For your protection, we will need to verify your identity before fulfilling certain requests (such as providing access to or deleting personal data). Verification steps may vary depending on your relationship with us and the sensitivity of the data. For instance, we may ask you to confirm contact details we have on file, provide a government-issued ID, or answer knowledge-based questions to authenticate your identity. If you have an online account with us, we may ask you to log into the account or respond to a communication sent there. We use third-party identity verification services in some cases. Information you provide for verification will only be used to verify and document your request.

If you are making the request through an authorized agent (such as an attorney or someone acting on your behalf), we will require proof of that authorization. The agent must provide either (a) a valid power of attorney, or (b) a written, signed permission from you along with verification of their identity, and we may need you to directly confirm with us that you provided the agent permission (except where the law exempts this). We will also verify the identity of the agent. Likewise, if you are a legally authorized parent or guardian making a request for information about a minor child, we will ask for proof of your status and perhaps information about the child to match our records.

Response Timing. We aim to respond to privacy requests as soon as possible, generally within 30 days. If we need more time (up to an additional 45 days), we will let you know the reason for the delay. For GDPR requests, we generally respond within one month, and can extend by two further months if necessary, but will inform you of any extension. If we cannot fulfill your request, we will explain the reasons in our response (for example, if an exemption applies).

Right to Appeal. If we deny your request or you are not satisfied with our response to a privacy request, some laws provide you the right to appeal our decision. For example, residents of certain U.S. states (like Colorado or Virginia) may appeal a refusal. To do so, you may contact us within a reasonable time and indicate that you are lodging an appeal of our decision regarding your privacy request. We will review the appeal internally (usually by a higher authority or a different reviewer) and respond within the timeframe required by law (e.g., 45 days). If we ultimately deny the appeal, we will provide you with an explanation and information on how you can contact your state’s Attorney General or relevant authority to lodge a further complaint.

We want to emphasize that all consumers, regardless of where they live, may contact us to inquire about their privacy rights or submit requests, and we will do our best to honor them in accordance with applicable law.

Opting Out of Marketing Communications (TCPA & CAN-SPAM)

You may opt out of telephone marketing communications anytime by emailing us at privacy@parkwayauto.com

We may send you marketing communications about our products and services (such as special offers, promotions, newsletters, or event invitations) if you have not opted out of such communications. These may include emails, text messages (SMS/MMS), telephone calls, or postal mail, depending on the contact information you have provided and your communication preferences. We strive to comply with the Telephone Consumer Protection Act (TCPA), CAN-SPAM Act, and other applicable laws governing marketing communications. This section explains how you can manage or opt out of these communications.

Emails. Every marketing email we send will contain an unsubscribe link or instructions. To stop receiving promotional emails, you can click the “Unsubscribe” link at the bottom of any marketing email or update your email preferences through your online account (if you have one). You may also contact us at privacy@parkwayauto.com to request removal. Please note that even if you opt out of marketing emails, we may still send you transactional or service-related emails that are not promotional – for example, messages about your current car purchase, service reminders that you’ve requested, recall notices, or responses to your direct inquiries. These are not marketing communications and are necessary to provide our services.

Text Messages (SMS/MMS). We require your consent to send marketing text messages using an automatic telephone dialing system, as per the TCPA’s requirements for promotional texts. If you have given such consent (for example, by texting a keyword to our shortcode, or checking a box to receive texts), you can always opt out. To opt out of text messages, you can reply “STOP” (or “STOP ALL”) to any promotional text message you receive from us. After texting STOP, you may receive one final confirmation message, and then you will not receive any further marketing texts. Please be aware that opting out of marketing texts will not prevent transactional texts from us. We may still text you in response to your requests or regarding your transactions (e.g., a confirmation of a service appointment or a notice that your vehicle is ready for pickup), as permitted by law and as these are not considered telemarketing. Message and data rates may apply to any texts, and message frequency varies.

We maintain an internal Do Not Call list and an internal Do Not Text list. Once you opt out, your contact information is placed on the appropriate list to ensure we honor your opt-out for future communications. We process opt-out requests promptly and in any event within the timeframe required by law (for emails, usually within 10 business days per CAN-SPAM; for texts/calls, typically immediately or as required by the TCPA and related FCC regulations). Note: If you have multiple accounts or relationships with us (e.g., separate dealership locations or multiple services), you may need to opt out for each or specify all contact points, so we cover everything.

You may opt out of telephone marketing communications anytime by emailing us at privacy@parkwayauto.com

Calls. If you prefer not to receive marketing sales calls from us, you may request to be added to our internal Do Not Call list. Simply inform the caller, or contact us via the methods in the Contact section, and provide the phone number that you wish to not be called. We will record your number on our do-not-call list and refrain from telemarketing calls to that number in the future. Please allow a short time for your number to be processed in all systems. Keep in mind, even if you opt out of marketing calls, we may still call you for non-marketing purposes as allowed by law – for instance, to give you information about an upcoming service appointment, or if we need to clarify an order you placed (these are transactional/service calls, not telemarketing). We will also continue to call if you have an active vehicle recall or safety issue to communicate, as those are important service messages.

We respect the National Do Not Call Registry. If your number is registered on the federal DNC list, we will not call you for telemarketing purposes in the absence of an exception (such as if you provided consent or have an established business relationship with us, as defined by law). In all cases, if you tell us you do not want to be called, we will honor that request.

You may opt out of telephone marketing communications anytime by emailing us at privacy@parkwayauto.com

Opt-Out for Third-Party Advertising Cookies. As described in the Cookies section, you can opt out of certain interest-based advertising by third parties. In addition to using our “Do Not Sell/Share” link for California residents, you can use industry opt-out tools such as the DAA’s WebChoices Tool (aboutads.info/choices) or the NAI’s opt-out page (networkadvertising.org/choices). These tools allow you to opt out of many participating ad companies’ targeted ads. Note that these opt outs are typically browser-specific, so you should set them on each browser and device you use. For mobile apps, you can use your device settings to limit ad tracking or reset your mobile advertising ID. We also honor the Global Privacy Control (GPC) signal as described earlier, as a mechanism for opting out of cookie-based selling/sharing.

To summarize, you have control over how we communicate with you.

• You can unsubscribe from emails,
• reply STOP to texts to cease messaging,
• ask to be put on our Do Not Call list, and
• opt out of targeted ads through browser signals or our website link.

We will not retaliate or penalize you for opting out of marketing. However, please understand that it may take a short time to process opt-outs, and in the interim you might receive communications already in the pipeline. If you receive unwanted communications from us after opting out, please inform us so we can investigate.

You may have the right to object to or restrict certain types of data processing (subject to applicable law). To exercise these rights or if you have any questions about your rights, please contact us at privacy@parkwayauto.com and/or (330) 639-4411. To opt out of telephone communications (calls/texts), please email us at privacy@parkwayauto.com

Children’s Privacy

Our services are not directed to children under the age of 13 (or under 16 in certain jurisdictions), and we do not knowingly collect personal information from children in these age groups without parental consent. For example, our website and showroom services are intended for adults (or minors accompanied by adults) who are interested in purchasing or servicing vehicles. If you are under the age threshold, please do not provide personal information to us. If we learn that we have inadvertently collected personal information from a child under 13 (or 16, as applicable) without appropriate consent, we will take steps to delete that information promptly.

Parents or legal guardians: If you believe that a child for whom you are responsible has provided us personal information without your consent, please contact us so that we can investigate and delete the data if necessary. We are committed to complying with the Children’s Online Privacy Protection Act (COPPA) in the United States and applicable minors’ data laws in other regions.

Updates to this Privacy Policy

We may update or revise this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make changes, we will post the updated policy on our website and change the “Effective Date” at the top of this Policy accordingly. If the changes are material, we will provide a more prominent notice or seek your consent if required by law. For example, if we plan to use your personal information for new purposes not previously disclosed, we may notify you via the email address we have on file, or by posting a notice on our homepage. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our services after any update to this Policy will signify your acceptance of the changes, to the extent permitted by law.

In the event we ever merge or consolidate with another company, or if there is a transfer of assets (as discussed earlier), the new entity’s handling of personal information will still be governed by this Privacy Policy until it is amended, and any material changes will be communicated as described.

Contact Us (Privacy Inquiries)

If you have any questions, concerns, or comments about this Privacy Policy or our privacy practices, or if you wish to exercise your rights, submit a complaint, or request further information (for example, about our data security or retention practices), please do not hesitate to contact Mears Nissan:

You may have the right to object to or restrict certain types of data processing (subject to applicable law). To exercise these rights or if you have any questions about your rights, please contact us at privacy@parkwayauto.com and/or (330) 639-4411. To opt out of telephone communications (calls/texts), please email us at privacy@parkwayauto.com

When contacting us, please provide your name and contact information and a detailed description of your request or question. If you are contacting us to exercise a specific privacy right, you may use the methods in the “Exercising Your Rights” section above for fastest service, but you can also reach out through the above general contact info.

We will respond to inquiries or concerns as soon as reasonably possible, generally within 30 days or as required by law. If you do not receive a timely reply or are unsatisfied with our response, please let us know, or you may additionally contact the relevant regulatory authority as described above (for example, a state Attorney General for U.S. state law concerns or a Data Protection Authority for GDPR concerns).

Your trust is important to us, and we are committed to keeping your personal information safe and respecting your privacy. Thank you for visiting our Privacy Policy and for being a valued customer of our dealership. If you have any further questions or need clarifications, we are here to help.