Media & Digital Marketing Solutions Privacy Notice

Effective Date: 10/30/2020
Last Updated: 10/29/2020

Click here for TransUnion’s California Consumer Privacy Act (CCPA) Metrics.

1. Personal information we collect
2. Purpose for the collection of personal information
3. Sharing your personal information
4. Advertising opt outs
5. Securing your personal information
6. Personal information of children
7. California privacy rights
8. Contact information
9. Notice changes and effective date

Introduction

This Privacy Notice (“Notice”) provides information about how Trans Union LLC (and its United States subsidiaries and affiliates) (“We,” “Us,” “Our”) collects, uses, and shares personal information in its Marketing Solutions and Media businesses.   

Summary

Purpose and Use. Through TransUnion’s Marketing Solutions and Media services, we enable our business partners to provide customer with marketing and other solutions. In an effort to provide relevant products and services to consumers, these businesses use our data and technology to create, deploy, and measure targeted advertising programs across marketing and digital advertising technology ecosystems. In addition, we may aggregate and depersonalize data for analytical purposes, to provide reporting to our business partners, and for measuring advertising performance. And as a part of enabling Marketing services, we may use service providers.

Data Collected. The information we collect (“Marketing Data”) for our Marketing Solutions and Media business is separate from traditional consumer reporting agency information. Marketing Data may include information on consumers, households, properties and businesses as well as advertising program performance data. Marketing Data includes information about consumers such as demographics, life events, public records, or firmographics. Demographic data includes information such as age, gender, income, occupation, education, and marital status. Life events data includes information such as a recent move or home purchase. Public records data includes information such as summarized U.S. Census data, geographic data, and property data from local tax assessor and recorded deed information. Firmographic data includes information such as type of business, years in business, size of business, and job titles.

1. Personal information we collect

We collect the following categories of personal information:  Identifiers, Personal information categories listed in the California Customer Records statute, protected classification characteristics under California or federal law, Commercial information, Internet or other similar network activity, Geolocation data, Professional or employment data, and Inferences drawn from other personal Information. We do not collect biometric or sensory data, Non-public education information (per the Family Educational Rights and Privacy Act), and we do not collect information directly from consumers.

2. Purpose for the collection of personal information

Through TransUnion’s Marketing Solutions and Media services, we enable our business partners to communicate with consumers across marketing and digital advertising technology ecosystems. In an effort to provide relevant products and services to consumers, these businesses use our data and technology to create, deploy, and measure targeted advertising programs. We collect information as outlined below and use it for permitted marketing uses. We may also use the information we collect for analytical purposes, to provide reporting to our business partners, and for measuring marketing performance. In addition, as a part of enabling our Marketing Solutions and Media services, we may use service providers.

We collect your personal information for different purposes. We describe the purpose for collecting personal information, listed by categories of personal information in the chart below. Please note that a specific piece of personal information may fall into one or more categories of personal Information.

3. Sharing your personal information

In order to enable our business partners to communicate with consumers across marketing and digital advertising technology ecosystems and to provide relevant products and services to consumers, we share information as outlined below.   

We disclose and/or share your personal information with different third parties. We describe the third parties to whom we share or sell your Personal Information, listed by categories of personal information in the chart below. Please note that a specific piece of personal information may fall into one or more categories of personal Information.

We share Marketing Data, which includes personal information, with our business partners, such as platform providers, publisher and other entities that provide targeted marketing services, to facilitate the creation and deployment of digital advertising. For example, when we segment our data into groups of consumers (“Audiences”), we share it using unique identifiers (“Unique IDs”). We may also share aggregated and depersonalized data with our business partners for analytical purposes, including measuring advertising performance and reporting. Many of our business partners follow the guidelines provided by the Network Advertising Initiative (NAI) members and/or Digital Advertising Alliance (DAA).

4. Advertising opt outs

We take our commitment to privacy seriously. If you prefer to opt out of receiving marketing messages, we recommend that you visit the Association of National Advertisers (ANA) and register on their consumer web site: https://dmachoice.thedma.org/. TransUnion will apply DMAChoice opt-outs to our Marketing Data to implement your preferences and comply with ANA guidelines. In addition, you may choose to opt out of digital advertising through the NAI’s Consumer Opt-Out Program, DAA’s Consumer Choice Page, or the European Union/European Economic Area (EU/EEA). By clicking on the “Opt-Out” links below, you will be directed to the respective opt out website where your computer will be scanned to determine who maintains cookies on you. At that time, you can either choose to opt out of all targeted advertising or you can choose to opt out of targeted advertising by selecting individual companies who maintain a cookie on your machine.

• Association of National Advertisers opt-out registration - https://dmachoice.thedma.org/
• Network Advertising Initiative (NAI) Opt-Out - https://www.networkadvertising.org/managing/opt_out.asp
• Digital Advertising Alliance (DAA) Opt-Out - https://optout.aboutads.info
• European Union (EU) /European Economic Area (EEA) Opt-Out - http://www.youronlinechoices.eu

Please note that if you delete your cookies, you will need to repeat the opt-out process outlined above.

5. Securing your personal information

We maintain a comprehensive Information Security Program with administrative (policies, standards, and processes), physical, and technical controls to ensure the security and confidentiality of your information.

6. Personal information of children

In our Marketing Solutions and Media business, we define children as individuals under age 18, and we do not knowingly use, sell or disclose for a business purpose information on children.

7. California privacy rights

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA).

Right to know 

You have the right to request a disclosure of the personal information collected, sold, and shared about you over the past 12 months and the purpose for doing so. Upon submission of a verifiable consumer request, we will provide you with the following information.

• The categories of personal information we collected about you.
• The categories of sources from which we collected your personal information.
• Our business or commercial purpose for collecting or selling the personal Information.
• The categories of third parties with whom we share personal Information.
• The specific pieces of personal information we collected about you.
• The categories of personal information that we sold in the preceding 12 months, and for each category identified, the categories of third parties to which we sold that particular category of personal information.
• The categories of personal information that we disclosed for a business purpose in the preceding 12 months, and for each category identified, the categories of third parties with whom we disclosed that particular category of personal information.

If we provide this information to you electronically, the information will be in a portable format. To the extent that it is technically feasible, we will provide you the information in a readily useable format that you can easily transfer to another entity.

To make a verifiable consumer request to know, visit https://www.transunion.com/consumer-privacy. If you have a TransUnion account, you can use it to make your request. You can also make your request without setting up an account. To do so, we’ll need your first and last name, address, date of birth and the last four digits of your Social Security number. We’ll use that information to verify your identity so we can respond to your request.

Right to deletion

If we collected personal information from you, you have the right to request the deletion of this personal information.

To make a verifiable consumer request to delete, visit https://www.transunion.com/consumer-privacy. If you have a TransUnion account, you can use it to make your request. You can also make your request without setting up an account. To do so, we’ll need your first and last name, address, date of birth and the last four digits of your Social Security number. We’ll use that information to verify your identity so we can respond to your request.

Right to be free from discrimination

You have the right to be free from discrimination for exercising any of the California consumer privacy rights. If you choose to exercise any of your CCPA rights, we will not:

• Deny you goods or services;
• Charge you a different price or rate for goods or services, including through granting discounts or other benefits, or imposing penalties;
• Provide you a different level or quality of good or services; or
• Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

Right to opt-out of the sale of personal information

You have the right, at any time, to direct a business that sells your personal information to third parties to not sell your personal Information. If you would like to exercise this right, visit our “Do not sell my personal information” page.

Authorized agent

A consumer has the right to appoint another person to submit privacy requests on their behalf.

Using an authorized agent without power of attorney to submit a request to know or delete

In order to submit a request to know or delete personal information on behalf of another consumer, an authorized agent without power of attorney must provide one item from each of the three sections below.

1. Signed permission from the consumer authorizing the agent to submit the CCPA privacy request(s) on their behalf. Describe     the type of privacy request(s) being requesting (know/disclosure report and/or deletion).

AND

2. The consumer must verify their own identity directly with the business by submitting information or documentation that     provides sufficient proof of identification, such as:

1. a Social Security number or a copy of a social security card issued by the Social Security Administration,
2. a certified or official copy of a birth certificate issued by the entity authorized to issue the birth certificate, or
3. a copy of a driver's license, an identification card issued by the motor vehicle administration or any other government issued identification.

AND

3. Information or documentation that provides sufficient proof of identification to verify your identity, such as:

1. a Social Security number or a copy of a social security card issued by the Social Security Administration;
2. a certified or official copy of a birth certificate issued by the entity authorized to issue the birth certificate;
3. a copy of a driver's license, an identification card issued by the motor vehicle administration or any other government issued identification.

Using an authorized agent with power of attorney to submit a request to know or delete

In order to submit a request to know or delete personal information on behalf of another consumer, an authorized agent with power of attorney pursuant to California Probate Code sections 4000 to 4465, must provide one item from both of the sections below.

1. The valid power of attorney executed lawfully under California Probate Code sections 4000 to 4465.

AND

2. Information or documentation that provides sufficient proof of identification to verify your identity, such as:

1. a Social Security number or a copy of a social security card issued by the Social Security Administration;
2. a certified or official copy of a birth certificate issued by the entity authorized to issue the birth certificate;
3. a copy of a driver's license, an identification card issued by the motor vehicle administration or any other government issued identification.

 Using an authorized agent to submit an opt-out request

In order to submit a request to opt out of the sale of personal information, on behalf of another consumer, please provide the following:

• Written permission, signed by the consumer, authorizing the agent to submit the opt-out request.

Please send your letter and documentation to the following address:
TransUnion Data Privacy Request
P.O. Box 130
Woodlyn, PA 19094

Right to notice You have the right to receive timely notice, at or before the point of collection, about the categories of personal information we will collect from you and the purposes for which we will use the personal information. 

8. Contact information

If you have questions or concerns regarding this Notice or the protection of your personal information and privacy rights, you may contact us in the following ways:

All Locations

Phone: 1-866-310-8783

9. Notice changes and effective date

We may periodically make changes to this Notice and recommend that you check back to review this Notice so that you always know how we collect, use, and share your Personal Information. The effective date denotes the date that this Notice applies to our services.