Track 1 platform and get the weekly governance digest. No credit card required.
This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology
This is TransUnion's privacy policy explaining how the company collects and uses your personal information, including your credit history, financial data, Social Security number, geolocation, internet activity, and inferences about your characteristics. The most important thing to know is that TransUnion shares your personal information with a wide range of third parties including business clients and marketing partners, and while you have rights to access, correct, and in some cases delete your data, certain core credit-reporting data cannot be deleted because it is regulated separately under federal credit reporting law. If you are a California resident or live in certain other states, you have additional rights including the ability to opt out of the sale or sharing of your personal data, which you can exercise through the 'Do Not Sell or Share My Personal Information' link on TransUnion's website.
This document is TransUnion LLC's Privacy Notice, governing the collection, use, and sharing of personal information by TransUnion and its affiliates across consumer-facing websites, mobile applications, and credit-related services, with its legal basis rooted in applicable US consumer protection and credit reporting law. The notice states that TransUnion collects a broad range of data categories including identifiers, financial information, credit history, employment data, government-issued ID numbers, geolocation data, internet activity, audio and visual information, and inferences drawn from these categories, and the terms authorize sharing this information with affiliates, business clients, service providers, and third parties for marketing and analytics purposes. Notably, the notice discloses that TransUnion operates as both a consumer reporting agency subject to the Fair Credit Reporting Act and a data broker outside that regulatory context, creating a bifurcated data governance structure where FCRA protections apply only to certain uses, while broader personal data sharing may proceed under more permissive standards for non-FCRA purposes. The notice engages the Fair Credit Reporting Act, the California Consumer Privacy Act as amended by CPRA, the Gramm-Leach-Bliley Act, and state-level privacy laws including those in Virginia, Colorado, Connecticut, Texas, Oregon, and Montana, with California residents receiving the most granular rights disclosures; compliance obligations vary materially by jurisdiction and by whether the processing falls within or outside FCRA-regulated activities.
Institutional analysis available with Professional
Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Professional.
Start Professional free trialMonitoring
TransUnion has updated this document before.
Watcher includes same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
Professional Governance Intelligence
Need provision-level monitoring and regulatory mapping?
Professional includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.
Start Professional free trialCross-platform context
See how other platforms handle Behavioral Tracking and Third-Party Analytics Technologies and similar clauses.
Compare across platforms →Governance Monitoring
Structured alerts for policy changes, governance events, and provision updates across 318+ platforms.