TransUnion Customer & Partner Portal Privacy Notice

This notice was last modified on and has an effective date of January 29, 2026.

We have recently updated our Privacy Notice. Be sure to review the notice carefully to understand our privacy practices.

This Privacy Notice (“Notice”) provides information about how Trans Union LLC (“TransUnion”, “we,” “us,” or “our”), including its subsidiaries and affiliates, handles personal information and describes the rights you may have regarding your personal information. Use of our services constitutes your agreement to the terms of this Notice. If you do not agree with the terms of this Notice, please do not use our services.

This Notice applies when you use our customer and partner portal (the “Portal”), and controls how we process personal information to assess the credentials of our prospective business clients when determining whether to engage with them as customers or partners for our services. This assessment involves vetting a large amount of information, mostly pertaining to the relevant business entity, and any financial and reputational risk that may be associated with it. This Notice does not cover practices of other TransUnion businesses or products, nor your interactions with us as a job applicant. Please see those respective privacy notices listed on the left-hand panel of this page for more information on those privacy practices. To learn how Sontiq, Argus Advisory, and Commerce Signals handle personal information about you and the rights you may have regarding that personal information, please visit the Sontiq Privacy Center, the Argus Privacy Notice, and Commerce Signals Privacy Notice respectively.

Analytics Disclosure: We use Google Analytics 360, including Google Tag Manager and Google Ads. If you would like to learn more about Google Analytics, or opt out of this data collection and sharing activity, please use this link: https://www.google.com/policies/privacy/partners/. Please visit our Cookies and Similar Technologies Notice for information regarding our tracking technologies.

Visit our Consumer Privacy Rights page to exercise your privacy rights and choices.

Notice at Collection: We collect personal information as detailed in this Notice. The categories of personal information that we collect are listed below under “Collection and use of personal information,” which also provides the purposes for which we collect and use personal information. To learn more about your privacy rights, including your right to opt out of the sale or sharing of your personal information, please navigate to the “Privacy rights and choices” section below. Our retention practices are outlined below under “Retaining personal information.”

View annual consumer requests metrics (California Consumer Privacy Act (CCPA) and California Data Broker Registration) for TransUnion Companies.

1. Collection and use of personal information

When prospective business clients use the Portal, we collect personal information directly from users, from third parties, and automatically as outlined below. All personal information collected and used is processed in connection with users’ roles as an owner, employee, or representative of our prospective customer or partner.

Information we receive from prospective business clients (user’s employer/our client):

• To conduct the eligibility assessment of the prospective client: We receive, from our prospective client, identifiers (e.g., name, date of birth, home address, and workplace address; categories of sensitive personal information: Social Security number) with respect to owners and certain officers of the prospective client.
• To conduct site visits: We receive, from our prospective client, identifiers (e.g., name, work email address, and workplace address) of the individuals who will serve as onsite contacts for the site visits.
• Create and maintain an account: We receive from our prospective client the identifiers (name, work email, and workplace address) of individuals who will be authorized users of the Portal. Once the account is created, we will also store the selected account password in an encrypted manner. We use this personal information to create the client’s account and facilitate access to and use of the Portal.

Information we collect directly from users:

When users send us a question or inquiry, or ask for other support, we’ll need users to provide us with identifiers (name and work email address). We use this personal information to respond to questions or inquiries, troubleshoot where necessary, and address any issues with the Portal.

Information we collect automatically:

In the landing page of the Portal (before logging in to the Portal): We use strictly necessary, functional, and analytics cookies and similar technologies to automatically collect internet and other electronic network activity information from you. Our collection and use of this information is governed by TransUnion’s Cookies and Similar Technologies Notice.

After logging in to the Portal: we use strictly necessary, functional, and analytics cookies and similar technologies to automatically collect internet and other electronic network activity information from users, to include:

• Usage information: This includes information such as: user’s time of visit to the Portal, pages visited, search terms, actions taken, how much time users spend on each page, use of widgets (e.g., providing a truncated view of “my order”) or customer objects throughout the Portal and frequency of access. We use this personal information to: (i) conduct analytics; (ii) enhance user experience; (iii) prevent fraudulent use of the Portal; and (iv) diagnose and repair errors.
• Error information: In the event of technical errors with the Portal, we collect information in connection with an error message including filename, error line number, and any related error message generated by the component that failed.

Device information: We use strictly necessary, functional, and analytics cookies to collect certain information about the device used to access our Portal, such as browser type, browser language, hardware model, operating system, and user preferences. We use this personal information to: (i) conduct analytics; (ii) enhance user experience; (iii) prevent fraudulent use of the Portal; (iv) diagnose and repair errors; (v) remember user preferences; and (vi) provide enhanced functionality.

2. Disclosing for a business purpose and selling/sharing of personal information

With service providers: We sell/share the personal information collected with certain service providers for the following purposes: the secure transfer of Categories of Sensitive Personal Information: Social Security numbers; certain aspects of the credentialing process, and to conduct site visits. We do not use or sell/share this information for marketing purposes.

With other third parties: We will disclose user personal information to legal advisors, law enforcement agencies and/or governmental/regulatory bodies (including public health authorities) if and to the extent we need to do so to defend against legal claims or as required to by law.

In the event of a corporate reorganization: In the event that we enter into, or intend to enter into, a transaction that alters the structure of our business, such as a reorganization, merger, acquisition, sale, joint venture, assignment, consolidation, transfer, change of control, or other disposition of all or any portion of our business, assets or stock, any personal information contained in the Portal would be sold/shared with the buyer or target (and their agents and advisors) for the purposes of facilitating and completing the transaction and providing functionality of the Portal going forward. We would also sell/share personal information with third parties if we undergo bankruptcy or liquidation, in the course of such proceedings.

With your consent: Apart from the reasons identified above, we may request permission to sell/share user personal information for a specific purpose. We will notify users and request consent before collecting the personal information or before the personal information users have already provided is sold/shared for such purpose. Users may revoke consent at any time.

Deidentified information: We may deidentify certain personal information collected, pursuant to applicable privacy regulations. We may sell/share such deidentified information with third parties for certain limited use cases, provided in all such cases that such third parties comply with applicable privacy regulations governing such deidentified data, including but not limited to adopting policies and procedures to prevent the re-identification of such information.

3. Privacy rights and choices

As applicable under privacy laws, when we’re acting as a data controller you may take advantage of certain privacy rights, such as to request access, correction, or deletion of your personal information. You may also have the right to appeal a denial of your privacy rights.

To exercise your privacy rights (subject to limitations and exceptions under applicable law), you may contact us at tuglobalsfdc@transunion.com, make the request in the Portal, or visit our Consumer Privacy Rights page to submit a verifiable request, and find additional detail below.

• If you have a TransUnion account, you can use it to make your request.
• You can also make your privacy request without setting up an account by continuing as a guest. To do so, we will need your name, address, email, phone number, date of birth, and either your full Social Security number or the last four digits.
• Depending on the type of privacy request, we may also need you to answer knowledgebase questions regarding data associated with you and/or provide a passcode sent to your phone number. We will use that information to verify your identity so we can respond to your request.
• If we return this information to you electronically, the information will be in a portable format, and to the extent that it is technically feasible, we will provide the information in a readily useable format that can be easily transferred to another entity.

To make an opt-out request or to limit our use of your sensitive personal information (subject to limitations and exceptions under applicable law), visit Your Privacy Choices.

• Because we may “sell” or “share” personal information or engage in “profiling,” “targeted advertising,” “cross-context behavioral advertising,” or use sensitive personal information, consistent with the defined terms in applicable state laws, you may also exercise your opt-out rights from such sales/sharing, profiling/automated decision making, targeted advertising, or cross-context behavioral advertising, and limit our use of your sensitive personal information.
• To exercise your right to opt out of the sale or sharing of your personal information through trackers or cookies on our websites, please visit the Cookies Settings page, also located in the footer of our website.

In some instances, we offer our services to customers and partners as a service provider/data processor or subject to other exceptions under the applicable state privacy laws. Where we are acting as a service provider/processor, we are processing data on behalf of others who will provide you applicable privacy rights.

Explanation of Privacy Rights and Choices

• Right to Access/Know. You may have the right to request a privacy report detailing the personal information collected, disclosed, sold, and shared about you and the purpose for doing so, unless such request proves impossible or would involve disproportionate effort.
• Right to Correct. You may have the right to request that we correct inaccurate personal information that we collect or maintain about you, subject to verification.
• Right to Delete. If we collected or maintain personal information about you, you may have the right to request the deletion of this personal information, unless an exception applies under applicable law.
• Right to Opt Out of the Sale/Sharing. You may have the right to opt out of the sale/sharing of your personal information to third parties.
• Right to Opt Out of Profiling/Automated Decision Making, Targeted Advertising, or Cross-Context Behavioral Advertising. You may have the right to opt out of our use of your personal information for purposes of profiling, automated decision making, targeted advertising, or cross-context behavioral advertising.
• Right to Limit the Use of Sensitive Personal Information. You may have the right to limit how we use your sensitive personal information. Depending on the applicable law, sensitive personal information may include: Social Security number, driver’s license number, biometric information, precise geolocation data, and racial and ethnic origin.
• Right to Request Specific List of Third Parties. You may have the right to request a list of the specific third parties with whom we have disclosed personal information.
• Right to Appeal. If you believe we have denied any of your consumer privacy rights in error, you may have the right to appeal by replying to our denial message or any communication from us.

These rights are subject to limitations and exceptions under applicable privacy laws. They may vary by region, and the functionality and features available on our websites are subject to change. We do not discriminate against you based on your exercise of your privacy rights.

4. Privacy rights via authorized agent

Using an authorized agent (with or without power of attorney) to submit an opt-out request or a request to limit the use of a consumer’s sensitive personal information. In order to submit an opt-out request or a request to limit on behalf of another consumer, please provide written permission, signed by the applicable consumer, authorizing the agent to submit the opt-out request. The name of the agent submitting the request must match the name on the authorization.

In order for us to locate the consumer’s record, please also include the consumer’s first and last name (middle name optional) and their address (including unit number, city, state, and zip code). You may also provide the consumer’s Social Security number and date of birth. While those fields are optional, this information makes it easier for TransUnion to locate the consumer’s information and complete the request.

Documentation may be sent to the addresses listed below.

Using an authorized agent without power of attorney to submit a verifiable privacy request for access, correction, or deletion of a consumer’s personal information: In order to submit a verifiable request for access, correction, or deletion on behalf of another consumer, an authorized agent without power of attorney must provide one item from each of the two sections below.

1. Signed permission from the applicable consumer authorizing the agent to submit the verifiable privacy request on their behalf, including a description of the type of privacy request(s). The name of the agent submitting the request must match the name of the authorization.
2. The applicable consumer must verify their own identity directly with the business by submitting information or documentation that provides sufficient proof of identification, such as:
   1. a Social Security number or a copy of a Social Security card issued by the Social Security Administration,
   2. a certified or official copy of a birth certificate issued by the entity authorized to issue the birth certificate, or
   3. a copy of a driver's license or an identification card issued by the motor vehicle administration or any other government issued identification.

This secondary identification must include or reference the same name as stated in the signed permission form. The submission must also include sufficient information for TransUnion to locate the consumer’s file. More information can be found on TransUnion’s Consumer Privacy Rights page by selecting the appropriate consumer request option. 

Documentation may be sent to the addresses listed below.

Using an authorized agent with power of attorney to submit a verifiable privacy request for access, correction, or deletion of a consumer’s personal information: In order to submit a verifiable request for access, correction, or deletion on behalf of another consumer, an authorized agent with power of attorney  must provide the valid power of attorney executed under applicable law.

The submission must also include sufficient information for TransUnion to locate the consumer’s file. More information can be found on TransUnion’s Consumer Privacy Rights page by selecting the appropriate consumer request option.

Documentation may be sent to: 

TransUnion Data Privacy
PO Box 130
Woodlyn, PA 19094

You can also email the information to privacy@transunion.com

To protect the confidentiality of your data, you and/or your authorized agent may choose to submit your data using confidentiality features offered by your email provider.

All personal information provided as part of this process will be deleted after verification has been completed.

5. Personal information of children

Our services are not intended for use by nor directed to individuals under the age of eighteen (18). If we learn that we have collected or received personal information from individuals under the age of eighteen (18), we will delete the personal information or otherwise comply with applicable law. We do not knowingly sell personal information of children under the age of eighteen (18).

Parent or Guardian Privacy Opt-Out Request (child under 18 years)

If you believe we have collected personal information from individuals under the age of eighteen (18), a parent or guardian may make a data privacy opt-out request or limit our use of sensitive personal information (subject to limitations and exceptions under applicable law) by visiting Your Privacy Choices.

6. Securing personal information

We maintain a comprehensive information security program with administrative (policies, standards, and processes), physical, and technical controls designed to protect the confidentiality, integrity, and accessibility of personal information.

When handling categories of sensitive personal information such as Social Security numbers, we: (i) protect the confidentiality of Social Security numbers, (ii) prohibit their unlawful disclosure, and (iii) limit access to them only to the individuals for whom access is required for the performance of their job duties and the purpose for which the Social Security numbers were collected.

7. Retaining personal information

We retain personal information for as long as necessary to fulfill the purposes for which it was collected or processed, as previously described in this Notice. For instance, we retain personal information, collected through our services and websites, for as long as a user’s account is active or as needed to provide services to our customers.

When determining retention periods, we consider our relationship with users and their information, the nature and sensitivity of the information, and what is reasonably necessary and proportionate to provide and improve our services. We also adjust retention periods to comply with our legal, reporting, or accounting obligations, to resolve disputes, and to enforce our agreements. We regularly review our retention periods and assess our data minimization practices, retaining the least amount of information for the shortest retention period, while still upholding all our obligations.

8. Links to other sites or services

This Notice does not apply to other third-party sites or services. If you click on a link or browse to a third-party site from our site/service, your activity and interaction is subject to that third-party's rules and policies. We recommend reviewing the privacy statements on those other sites to understand their privacy practices and make an informed decision regarding your use or interaction with their site/service.

9. Contact information

If you have any questions or concerns regarding this Notice, please contact us at tuglobalsfdc@transunion.com.

If you have questions or concerns regarding our privacy practices, the protection of your personal information, or the privacy rights and choices available to you, you may contact us in the following ways:

10. Notice changes and effective date

This Notice is subject to change at any time. If we make any changes to this Notice, we will post the revised Notice on this page with its effective date. If we change the Privacy Policy in a material way, we will provide appropriate notice. Such notice may be provided, for example, via a temporary banner on our Site, an email sent to users for whom we have an email address, or by temporarily noting “UPDATED” next to the Privacy Policy link on the footer of our Site.