Privacy Notices
This notice was last modified on and has an effective date of June 26, 2026.
This Privacy Notice (“Notice”) explains how TransUnion LLC (“TransUnion”, “we,” “us,” or “our”) handles personal information and outlines your rights. Use of our services constitutes your agreement to the terms of this Notice.
Scope: This Notice applies when you use our customer and partner portal (the “Portal”), and controls how we process personal information to assess the credentials of our prospective business clients when determining whether to engage with them as customers or partners for our services. This assessment involves vetting a large amount of information, mostly pertaining to the relevant business entity, and any financial and reputational risk that may be associated with it. This Notice does not cover practices of other TransUnion businesses or products, nor your interactions with us as a job applicant. Please see those respective privacy notices listed on the left-hand panel of this page for more information on those privacy practices.
Visit our US State Privacy Rights page to exercise your privacy rights and choices.
Notice at Collection: We collect personal information as described in this Notice. The categories of personal information that we collect are listed below under “Collection and use of personal information,” which also provides the purposes for which we collect and use personal information. To learn more about your privacy rights, including your right to opt out of the sale or sharing of your personal information, please navigate to the “Privacy rights and choices” section below. Our retention practices are outlined below under “Retaining personal information.”
View annual consumer requests metrics (California Consumer Privacy Act (CCPA) and California Data Broker Registration) for TransUnion Companies.
When prospective business clients use the Portal, we collect personal information directly from users, from third parties, and automatically as outlined below. All personal information collected and used is processed in connection with users’ roles as an owner, employee, or representative of our prospective customer or partner.
Information we receive from prospective business clients (user’s employer/our client):
Information we collect directly from users:
When users send us a question or inquiry, or ask for other support, we’ll need users to provide us with identifiers (name and work email address). We use this personal information to respond to questions or inquiries, troubleshoot where necessary, and address any issues with the Portal.
Information we collect automatically:
In the landing page of the Portal (before logging in to the Portal): We use strictly necessary, functional, and analytics cookies and similar technologies to automatically collect internet and other electronic network activity information from you. Our collection and use of this information is governed by TransUnion’s Cookies and Similar Technologies Notice.
After logging in to the Portal: we use strictly necessary, functional, and analytics cookies and similar technologies to automatically collect internet and other electronic network activity information from users, to include:
Device information: We use strictly necessary, functional, and analytics cookies to collect certain information about the device used to access our Portal, such as browser type, browser language, hardware model, operating system, and user preferences. We use this personal information to: (i) conduct analytics; (ii) enhance user experience; (iii) prevent fraudulent use of the Portal; (iv) diagnose and repair errors; (v) remember user preferences; and (vi) provide enhanced functionality.
With service providers: We sell/share the personal information collected with certain service providers for the following purposes: the secure transfer of Categories of Sensitive Personal Information: Social Security numbers; certain aspects of the credentialing process, and to conduct site visits. We do not use or sell/share this information for marketing purposes.
With other third parties: We will disclose user personal information to legal advisors, law enforcement agencies and/or governmental/regulatory bodies (including public health authorities) if and to the extent we need to do so to defend against legal claims or as required to by law.
In the event of a corporate reorganization: In the event that we enter into, or intend to enter into, a transaction that alters the structure of our business, such as a reorganization, merger, acquisition, sale, joint venture, assignment, consolidation, transfer, change of control, or other disposition of all or any portion of our business, assets or stock, any personal information contained in the Portal would be sold/shared with the buyer or target (and their agents and advisors) for the purposes of facilitating and completing the transaction and providing functionality of the Portal going forward. We would also sell/share personal information with third parties if we undergo bankruptcy or liquidation, in the course of such proceedings.
With your consent: Apart from the reasons identified above, we may request permission to sell/share user personal information for a specific purpose. We will notify users and request consent before collecting the personal information or before the personal information users have already provided is sold/shared for such purpose. Users may revoke consent at any time.
Deidentified information: We may deidentify certain personal information collected, pursuant to applicable privacy regulations. We may sell/share such deidentified information with third parties for certain limited use cases, provided in all such cases that such third parties comply with applicable privacy regulations governing such deidentified data, including but not limited to adopting policies and procedures to prevent the re-identification of such information.
When we act as a data controller, you may have certain privacy rights under applicable US state privacy laws. These may include the right to access, correct, or delete your personal information. You may also have the right to appeal if we deny your request.
To exercise your privacy rights (subject to limitations and exceptions under applicable law), you may contact us at tuglobalsfdc@transunion.com, make the request in the Portal, or visit our US State Privacy Rights page to submit a verifiable request, and find additional detail below.
To make an opt-out request or to limit our use of your sensitive personal information (subject to limitations and exceptions under applicable law), visit Submit an Opt-Out / Limitation Request.
The US State Privacy Rights and Submit an Opt-Out / Limitation Request rights pages apply to the services covered in the notices for Transunion LLC, TUI, TURSS, TRADS, and Marketing Solutions. If you use a consumer right using these links, you do not need to make consumer rights again for the other related services.
To exercise your US state privacy rights (subject to applicable legal limits and exceptions), visit our US State Privacy Rights page to submit a request. We may request your name, address, email, phone number, date of birth, and either your full Social Security number or the last four digits to locate your records. For certain requests, we require you to answer some security questions to verify your identity. If we provide your information electronically, we will do so in a portable format. When technically possible, we will provide it in a format that is easy to use and transfer to another entity.
Explanation of Privacy Rights and Choices
In the US, residents of California, Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia have some or all of the below privacy rights. We may offer these rights to other jurisdictions where required by law or at our discretion.
These rights are subject to limitations and exceptions under applicable privacy laws. They may vary by region, and the functionality and features available on our websites are subject to change. We do not discriminate against you based on your exercise of your privacy rights.
Analytics Disclosure: We use Google Analytics 360, including Google Tag Manager and Google Ads. If you would like to learn more about Google Analytics, or opt out of this data collection and sharing activity, please use this link: https://www.google.com/policies/privacy/partners/. Please visit our Cookies and Similar Technologies Notice for information regarding our tracking technologies.
A. Opt-Out Requests and Requests to Limit Use of Sensitive Personal Information
For an authorized agent (with or without power of attorney) to submit an opt-out request or a request to limit the use of a consumer’s sensitive personal information on behalf of a consumer, the authorized agent is required to provide written authorization signed by the consumer, clearly permitting the agent to act on their behalf. The agent’s name must match the name listed in the authorization. The authorized agent must also have sufficient consumer identification details to submit the request on their behalf, including: first and last name (middle name optional) and residential address (including unit number, city, state, and ZIP code). It’s strongly recommended but optional for the authorized agent to additionally have the consumer’s Social Security number and date of birth to provide in their submission to assist in finding relevant records.
B. Verifiable Requests (Access, Correction, Deletion)
For an authorized agent to submit a verifiable privacy request with a valid power of attorney, the agent must provide:
For an authorized agent to submit a verifiable privacy request without a power of attorney, the authorized agent must provide each of the following:
C. Submission Instructions
Documentation may be sent to:
TransUnion Data Privacy
Attn: Authorized Agent Request Processing
PO Box 130
Woodlyn, PA 19094
You can also email the information to privacy+authorizedagent@transunion.com
To enhance data security, the authorized agent may use confidentiality features offered by their email provider. All personal information collected as part of this process will be deleted after verification is complete.
Our services are not intended for use by nor directed to individuals under the age of eighteen (18). If we learn that we have collected or received personal information from individuals under the age of eighteen (18), we will delete the personal information or otherwise comply with applicable law. We do not knowingly sell personal information of children under the age of eighteen (18).
If for some reason, you believe we have collected personal information from individuals under the age of eighteen (18), you may reach out to us via the contact center. Additionally, a parent or guardian may make a data privacy opt-out request or limit our use of sensitive personal information (subject to limitations and exceptions under applicable law) by visiting Submit an Opt-Out / Limitation Request.
We maintain a comprehensive information security program with administrative (policies, standards, and processes), physical, and technical controls designed to protect the confidentiality, integrity, and accessibility of personal information.
When handling categories of sensitive personal information such as Social Security numbers, we: (i) protect the confidentiality of Social Security numbers, (ii) prohibit their unlawful disclosure, and (iii) limit access to them only to the individuals for whom access is required for the performance of their job duties and the purpose for which the Social Security numbers were collected.
We retain personal information for as long as necessary to fulfill the purposes for which it was collected or processed, as previously described in this Notice. For instance, we retain personal information, collected through our services and websites, for as long as a user’s account is active or as needed to provide services to our customers.
When determining retention periods, we consider our relationship with users and their information, the nature and sensitivity of the information, and what is reasonably necessary and proportionate to provide and improve our services. We also adjust retention periods to comply with our legal, reporting, or accounting obligations, to resolve disputes, and to enforce our agreements. We regularly review our retention periods and assess our data minimization practices, retaining the least amount of information for the shortest retention period, while still upholding all our obligations.
This Notice does not apply to other third-party sites or services. If you click on a link or browse to a third-party site from our site/service, your activity and interaction is subject to that third-party's rules and policies. We recommend reviewing the privacy statements on those other sites to understand their privacy practices and make an informed decision regarding your use or interaction with their site/service.
If you have any questions or concerns regarding this Notice, please contact us at tuglobalsfdc@transunion.com.
If you have questions or concerns regarding our privacy practices, the protection of your personal information, or the privacy rights and choices available to you, you may contact us in the following ways:
Phone | |
Postal Mail | TransUnion Data Privacy |
This Notice is subject to change at any time. If we make any changes to this Notice, we will post the revised Notice on this page with its effective date. If we change the Privacy Policy in a material way, we will provide appropriate notice. Such notice may be provided, for example, via a temporary banner on our Site, an email sent to users for whom we have an email address, or by temporarily noting “UPDATED” next to the Privacy Policy link on the footer of our Site.