BMW of North America Responds to Mozilla Foundation’s “Privacy Not Included” Survey.

Woodcliff Lake, NJ – September 14, 2023… BMW of North America takes data privacy and the data security of our customers very seriously. We provide our customers with comprehensive data privacy notices regarding the collection of their personal information and allows vehicle drivers to make granular choices regarding the collection and processing of their personal information. Further, we allow our customers to delete their data whether on their apps, vehicles or online. BMW NA does not sell our customer’s in-vehicle personal information and provides our customers the opportunity to opt out of BMW targeted behavioral advertising on the Internet. 
With that, we would also like to clarify a few of the allegations made by Mozilla Foundation in their recent “Privacy Not Included” survey.  While the story published on September 6, 2023, includes several inaccuracies, we wanted to address and correct five important points. 
  1. All BMW vehicle interfaces permit consumers to opt in or out of various types of data collection and processing that may happen on their vehicles. If they choose, BMW customers may opt out of ALL optional data collection relating to their vehicles at any time by visiting the BMW iDrive screen in their vehicle.

    In addition, BMW drivers may, at any time, completely disable the transfer of any data from BMW vehicles to BMW services by disabling their embedded SIM on their vehicles via contacting BMW and completing a form. However, many customers voluntarily enable this feature, given that eCall and SoS calls would not be possible after the cellular connection to the vehicle is disabled.
  2. BMW’s collection of data relates to BMW’s own marketing efforts, legal compliance obligations, law enforcement issues and related items.  Using commonly available web browser controls, BMW NA customers may opt out of data collection used to make inferences about drivers’ preferences and habits and to opt out of receiving marketing communications at any time.
  3. The report expresses concerns over BMW sharing customer data within our “family of companies” and “with third party dealers, service providers, and business partners.” BMW centralizes data collection and processing activities to create efficiencies and to better secure its systems. Additionally, BMW NA shares personal information with authorized dealers to better service our customers, and BMW NA customers choose which dealers they interact with. Much like any other company in the world, BMW NA uses service providers to accomplish certain tasks. For example, we may use an email service provider to send emails or use advertising companies to advertise. These providers are contractually obligated to keep confidential any information BMW provides to them. They are also not permitted to use that information for their own purposes. Finally, we only share personal information with business partners when our customers request that we do so.

    Regarding Mozilla’s comment that states: “we can't quite tell if they share (or sell) all that data with other third parties for their advertising purposes as well,” – we would like to confirm that BMW NA’s privacy policy explicitly states that BMW NA does not sell its customers personal information, such as their names, addresses, driving habits, Vehicle Identification Numbers, or other information that is tied to the customers or their vehicles. Additionally, BMW NA engages in online behavioral advertising solely for its own products or services (that is, to sell its vehicles to consumers). We do not sell this online information for use by other third-party companies for their own marketing purposes.
  4. Contrary to Mozilla’s report, BMW NA provides multiple avenues for every customer to completely delete their data. First, customers’ may exercise their privacy rights using an online portal (whether for access, correction, or deletion). Second, BMW NA customers may delete their data from their vehicles using available features on iDrive. Third, BMW NA customers may delete the information relating to their My BMW app using the delete functionality near the privacy and terms portion of the app. Furthermore, BMW NA voluntarily complies with every individual’s privacy requests in the US regardless of the customer residing in a state where consumer privacy laws allow for such rights (whether relating to access, correction, deletion, or opting out of sale with respect to online behavioral advertising) exist.
  5. With regard to Mozilla’s warning to drivers that “you might not want your insurance company to know about your lead foot.... except, there's a pretty high likelihood they already do,” BMW NA operates a permission and consent based CarData program that is available to each customer on their My Garage feature within Each BMW customer can specifically select any business partner with whom they would like to share data from their vehicles, and can revoke these permissions at any time. BMW NA does not share customer’s personal information with insurance companies without consent. Insurance carriers have been operating telematics-based insurance programs for over a decade. If BMW customers wish to share their telematics information with their insurance carriers, then that is solely based on their choice. BMW merely ensures that any such sharing of data is done in an informed, controlled, consented, and secure manner. Furthermore, BMW customers may choose to share data relating to their driving behavior with their insurance carriers (without using any BMW vehicle system or the BMW back end) simply by using their insurance carrier’s mobile app or OBD2 hardware connected insurance programs.


Please Note

To the extent that historical press releases reference BMW Manufacturing Co. LLC as the manufacturer of certain X model vehicles, the referenced vehicles are manufactured in South Carolina with a combination of U.S origin and imported parts and components.