Privacy Notices
This notice was last modified on and has an effective date of July 1, 2026.
This Privacy Notice (“Notice”) provides explains how Trans Union LLC and TransUnion Digital LLC (and their United States subsidiaries and affiliates) (“we,” “us,” or “our”) handle personal information and outlines your rights. Use of our services constitutes your agreement to the terms of this Notice. If you do not agree with the terms of this Notice, please do not use our services.
Scope: This Notice applies to the extent we act as a data controller with respect to the services and products we provide via the marketing solutions website and our related applications. This Notice does not cover practices of other TransUnion businesses or products, nor your interactions with us as a job applicant. Please see those respective privacy notices listed on the left-hand panel of this page for more information on those privacy practices.
Visit our Consumer US State Privacy Rights page to exercise your US privacy rights and choices.
Notice at Collection: We collect personal information as described in this Notice. The categories of personal information that we collect are listed below under “Personal information we collect,” and the purposes for which we collect and use personal information are listed below under “Purpose for collecting and use of personal information.” To learn more about your privacy rights, including your right to opt out of the sale or sharing of your personal information, please navigate to the “Privacy rights and choices” section below. Our retention practices are outlined below under “Retaining personal information.”
View annual consumer requests metrics (California Consumer Privacy Act (CCPA) and California Data Broker Registration) for TransUnion Companies.
Through TransUnion’s Marketing Solutions services, we enable our business partners to provide customers with marketing and other solutions. In an effort to provide relevant products and services to consumers, these businesses use our data and technology to create, deploy, and measure targeted advertising programs across marketing and digital advertising technology ecosystems. In addition, we may aggregate and depersonalize data for analytical purposes, to provide reporting to our business partners, and for measuring advertising performance. As a part of enabling our Marketing Solutions, we may use service providers.
The information we collect and maintain (“Marketing Data”) for our Marketing Solutions is separate from traditional consumer reporting agency information. Marketing Data may include information on consumers, households, properties, and businesses as well as advertising program performance data. Marketing Data includes information about consumers such as demographics, life events, public records, or firmographics. Demographic data includes information such as age, gender, income, occupation, education, and marital status. Life events data includes information such as a recent move or home purchase. Public records data includes information such as summarized U.S. Census data, geographic data, and property data from local tax assessors and recorded deed information. Firmographic data includes information such as type of business, years in business, size of business, and job titles.
The below chart describes the categories of personal information we may have collected in the past 12 months, and from whom we collected the personal information, listed by category of personal information.
Category of Personal Information | Personal information we collect, by source category |
Identifiers and personal information categories listed in the California Customer Records statute Including, but not limited to, real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, and email address, as well as Categories of Sensitive Personal Information such as account name, Social Security Number, driver’s license number, passport number, or other similar identifiers Note that personal information in this category may overlap with other categories |
|
Characteristics of protected classifications under state or federal law An individual’s age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information) |
|
Commercial information Including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies |
|
Biometric information Including, but not limited to, information pertaining to bodily characteristics, facial information, fingerprints, or eye scans |
|
Internet or other similar electronic network activity Including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement |
|
Geolocation data Various technologies to determine your location, including, but not limited to, IP address, Wi-Fi access points, and cell towers. |
|
Sensory data Audio, electronic, visual, thermal, olfactory, or similar information |
|
Professional or employment-related information Including, but not limited to, professional licenses, employment dates, employer name, and employer information |
|
Non-public education information (per the Family Educational Rights and Privacy Act) Education records directly related to a student and maintained by an educational institution or party acting on its behalf |
|
Inferences drawn from other personal information Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes |
|
We describe the purpose for collecting personal information, listed by categories of personal information, in the chart below. Please note that a specific piece of personal information may fall into one or more categories of personal Information.
We may also use your personal information for other purposes disclosed at the time you provide your personal information or otherwise with your consent.
Category of Personal Information | Purpose of Collection |
Identifiers and personal information categories listed in the California Customer Records statute |
|
Characteristics of protected classifications under state or federal law |
|
Commercial information |
|
Biometric information |
|
Internet or other similar electronic network activity |
|
Geolocation data |
|
Sensory data |
|
Professional or employment-related information |
|
Non-public education information (per the Family Educational Rights and Privacy Act) |
|
Inferences drawn from other personal information |
|
Under the definitions and exceptions of the Connecticut Data Privacy Act, we do not use your personal data to train large language models in our services where we act as a controller. You may consent to have your personal data shared with a third party, who may use personal data to customize a large language model (for example, if you enable a data connection to your AI agent). When we sell personal data to our customers, they may use that data to customize large language models for internal purposes or as necessary to provide their products and services.
We sell/share Marketing Data, including personal information, with our business partners, such as platform providers, publisher and other entities that provide targeted marketing services, to facilitate the creation and deployment of digital advertising. For example, when we segment our data into groups of consumers (“Audiences”), we share it using unique identifiers (“Unique IDs”). We may also share aggregated and depersonalized data with our business partners for analytical purposes, including measuring advertising performance and reporting.
In order to enable our business partners to communicate with consumers across marketing and digital advertising technology ecosystems and to provide relevant products and services to consumers, during the prior 12 months, we may have disclosed (business purpose) or sold/shared (commercial purpose) your personal information with different third parties, as detailed in the chart below. Please note that we may share your personal information for a targeted advertising purpose.
In accordance with applicable laws and their defined terms – NOTICE: We may sell your sensitive personal data. The entity maintaining this website and notice is a data broker under Texas law. To conduct business in Texas, a data broker must register with the Texas Secretary of State (Texas SOS). Information about data broker registrants is available on the Texas SOS website.
Category of Personal Information | Sold or shared, by third party category | Disclosed for a business purpose, by third party category |
Identifiers and personal information categories listed in the California Customer Records statute |
|
|
Characteristics of protected classifications under state or federal law |
|
|
Commercial information |
|
|
Biometric information |
|
|
Internet or other similar electronic network activity |
|
|
Geolocation data |
|
|
Sensory data |
|
|
Professional or employment-related information |
|
|
Non-public education information (per the Family Educational Rights and Privacy Act) |
|
|
Inferences drawn from other personal information |
|
|
When we act as a data controller, you may have certain privacy rights under applicable US state privacy laws. These may include the right to access, correct, or delete your personal information. You may also have the right to appeal if we deny your request.
To exercise your US state privacy rights (subject to applicable legal limits and exceptions), visit our US State Privacy Rights page to submit a request. We may request your name, address, email, phone number, date of birth, and either your full Social Security number or the last four digits to locate your records. For certain requests, we require you to answer some security questions to verify your identity. If we provide your information electronically, we will do so in a portable format. When technically possible, we will provide it in a format that is easy to use and transfer to another entity. If you have a TransUnion account, you can use it to make your request.
To make an opt-out request or to limit our use of your sensitive personal information (subject to limitations and exceptions under applicable law), visit Submit an Opt-Out / Limitation Request.
In some instances, we offer our services to customers as a service provider/data processor or subject to other exceptions under the applicable state privacy laws. Where we’re acting as a service provider/data processor, we are processing data on behalf of others who will provide you with applicable privacy rights.
The US State Privacy Rights and Submit an Opt-Out / Limitation Request rights pages apply to the services covered in the notices for Transunion LLC, TUI, TURSS, TRADS, and Marketing Solutions. If you use a consumer right using these links, you do not need to make consumer rights again for the other related services.
Explanation of Privacy Rights and Choices
In the US, residents of California, Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia have some or all of the below privacy rights. We may offer these rights to other jurisdictions where required by law or at our discretion.
These rights are subject to limitations and exceptions under applicable privacy laws. They may vary by region, and the functionality and features available on our websites are subject to change. We do not discriminate against you based on your exercise of your privacy rights.
Analytics Disclosure: We use Google Analytics 360, including Google Tag Manager and Google Ads. If you would like to learn more about Google Analytics, or opt out of this data collection and sharing activity, please use this link: https://www.google.com/policies/privacy/partners/. Please visit our Cookies and Similar Technologies Notice for information regarding our tracking technologies.
A. Opt-Out Requests and Requests to Limit Use of Sensitive Personal Information
For an authorized agent (with or without power of attorney) to submit an opt-out request or a request to limit the use of a consumer’s sensitive personal information on behalf of a consumer, the authorized agent is required to provide written authorization signed by the consumer, clearly permitting the agent to act on their behalf. The agent’s name must match the name listed in the authorization. The authorized agent must also have sufficient consumer identification details to submit the request on their behalf, including: first and last name (middle name optional) and residential address (including unit number, city, state, and ZIP code). It’s strongly recommended but optional for the authorized agent to additionally have the consumer’s Social Security number and date of birth to provide in their submission to assist in finding relevant records.
B. Verifiable Requests (Access, Correction, Deletion)
For an authorized agent to submit a verifiable privacy request with a valid power of attorney, the agent must provide:
A valid power of attorney executed in accordance with applicable law
Sufficient information to allow us to locate the consumer’s file
For an authorized agent to submit a verifiable privacy request without a power of attorney, the authorized agent must provide each of the following:
Signed Authorization. Signed permission from the consumer authorizing the agent to submit the request. The agent’s name must match the name on the authorization. The authorization must describe the type(s) of request (e.g., access, correction, deletion)
Identity Verification. Sufficient proof of identification for us to verify the consumer’s identity, such as, Social Security number or a copy of a Social Security card, a certified or official copy of a birth certificate, or a valid driver’s license or other government-issued identification. The identification provided must match the name in the authorization.
Consumer Information. The submission must include sufficient information for us to locate the consumer’s file. The authorized agent may review the types of information we require by looking at information requested on the US State Privacy Rights page.
C. Submission Instructions
Documentation may be sent to:
TransUnion Data Privacy
Attn: Authorized Agent Request Processing
PO Box 130
Woodlyn, PA 19094
You can also email the information to privacy+authorizedagent@transunion.com
To enhance data security, the authorized agent may use confidentiality features offered by their email provider. All personal information collected as part of this process will be deleted after verification is complete.
This Notice does not apply to credit reports or other personal information that we may maintain and use as a consumer reporting agency subject to the Fair Credit Reporting Act (FCRA). For additional information regarding your rights under the FCRA, please visit the Summary of FCRA Rights.
Our services are not intended for use by nor directed to individuals under the age of eighteen (18). If we learn that we have collected or received personal information from individuals under the age of eighteen (18), we will delete the personal information or otherwise comply with applicable law. We do not knowingly sell personal information of children under the age of eighteen (18).
We maintain a comprehensive information security program with administrative (policies, standards, and processes), physical, and technical controls designed to protect the confidentiality, integrity, and accessibility of personal information.
We retain personal information for as long as necessary to fulfill the purposes for which it was collected or processed, as previously described in this Notice. For instance, we retain personal information, collected through our services and websites, for as long as a user’s account is active or as needed to provide services to our customers.
When determining retention periods, we consider our relationship with users and their information, the nature and sensitivity of the information, and what is reasonably necessary and proportionate to provide and improve our services. We also adjust retention periods to comply with our legal, reporting, or accounting obligations, to resolve disputes, and to enforce our agreements. We regularly review our retention periods and assess our data minimization practices, retaining the least amount of information for the shortest retention period, while still upholding all our obligations.
In the event that we enter into, or intend to enter into, a transaction that alters the structure of our business, such as a reorganization, merger, acquisition, sale, joint venture, assignment, consolidation, transfer, change of control, or other disposition of all or any portion of our business, we may share your personal information. We may also share your personal information if we undergo bankruptcy or liquidation, in the course of such proceedings.
This Notice does not apply to other third-party sites or services. If you click on a link or browse to a third-party site from our site/service, your activity and interaction is subject to that third-party's rules and policies. This Notice does not apply to our customers or areas where we act as a service provider or processor for another company. We recommend reviewing the privacy statements on those other sites to understand their privacy practices and make an informed decision regarding your use or interaction with their site/service.
If you have questions or concerns regarding this Notice, our privacy practices and the protection of your personal information, or the privacy rights and choices available to you, you may contact us in the following ways:
Phone | 1-866-310-8783 |
Postal Mail | TransUnion Data Privacy |
This Notice is subject to change at any time. If we make any changes to this Notice, we will post the revised Notice on this page with its effective date. If we change this Notice in a material way, we will provide appropriate notice as required by law. Such notice may be provided, for example, via a temporary banner on our Site, an email sent to users for whom we have an email address, or by temporarily noting “UPDATED” next to the Privacy Policy link on the footer of our Site.