Track 1 platform and get the weekly governance digest. No credit card required.
This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology
This document establishes General Motors' privacy practices for U.S. consumers regarding personal data collection and use across GM vehicles, OnStar services, GM applications, and GM websites. GM collects precise location data, driving behavior information, and vehicle occupant details through connected vehicle and OnStar systems, and authorizes sharing this data with affiliated companies, dealers, and third-party partners for marketing and business purposes. The document permits California residents to submit requests to opt out of personal information sales or sharing through GM's privacy request portal.
This document is General Motors' U.S. Consumer Privacy Statement, governing the collection, use, sharing, and retention of personal information across GM's vehicles, connected services (including OnStar), websites, mobile applications, and dealer interactions, with its legal basis rooted in consent, contractual necessity, and legitimate business interests as articulated throughout the statement. The policy states that GM collects a broad range of data categories including vehicle location and telematics data, driving behavior, biometric identifiers, precise geolocation, financial information, and inferences drawn from personal information, and the terms authorize sharing this data with affiliates, dealers, service providers, data brokers, and marketing partners. Notably, the policy discloses the collection and sharing of precise geolocation and detailed driving behavior data from connected vehicles, which creates operational exposure beyond typical website privacy policies; the statement also discloses that certain data sharing with third parties may constitute a 'sale' or 'sharing' of personal information under California law, triggering opt-out rights under CCPA/CPRA. The policy engages CCPA/CPRA for California residents (providing enumerated rights including deletion, correction, portability, and opt-out of sale/sharing), and may require evaluation under state biometric privacy laws such as Illinois BIPA where biometric identifiers are collected; federal frameworks including the FTC Act's unfair or deceptive practices standards and the Driver's Privacy Protection Act (DPPA) are also relevant given the nature of vehicle and driver data collected.
Institutional analysis available with Compliance
Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Compliance.
Start Compliance free trialMonitoring
General Motors has updated this document before.
Monitor includes same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
Compliance Governance Intelligence
Need provision-level monitoring and regulatory mapping?
Compliance includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.
Start Compliance free trialCross-platform context
See how other platforms handle Biometric Identifier Collection and similar clauses.
Compare across platforms →Governance Monitoring
Structured alerts for policy changes, governance events, and provision updates across 318+ platforms.