Effective Date: May 20, 2020
Where Experian is responsible for the processing of personal data it receives under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf, Experian complies with the Privacy Shield Principles for all onward transfers of personal data from the EU.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Experian is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Experian may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
Collection and Use of Personal Data
We may collect the following types of personal data from you directly as follows:
We may collect the following types of personal data from you indirectly as follows:
When we obtain your personal data from public sources, we will only use that information for the specific reason for which it was provided to us.
Disclosures of Personal Data
We may share personal data we obtain about you from public sources with our customers and third party business partners for the provision of our services.
We may share your personal data with third parties who provide services on our behalf to help with our business activities. These companies are authorized to use your personal data only as necessary to provide these services to us. These services may include data storage services and customer service and business operations.
In certain situations, Experian may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
We may also disclose your personal data as required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
If Experian is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or notice on our website, of any change in ownership, uses of your personal data, and choices you may have regarding your personal data.
We may also disclose your personal data to any other third party as permitted by law.
Security, Retention and Data Integrity
Experian follows generally accepted standards and maintains physical, electronic and procedural safeguards to protect the personal data submitted to us. Experian continually monitors access to its systems to detect unauthorized attempts to gain access to information. We may retain your information for as long as your account is active or as needed to provide services, comply with our legal obligations, resolve disputes and enforce our agreements.
With regard to personal data Experian controls, upon request, we will provide you with information about whether we hold any of your personal data. You may access, correct, or request deletion of your personal data by contacting us at firstname.lastname@example.org. This right of access applies only to personal data about the individual making the request and is subject to other limitations as defined by law, or where the burden or expense of providing access would be disproportionate to the risks related to the privacy of the individual or where the rights of other individuals would be violated.
As a processor, Experian acknowledges that you have the right to access your personal data. Experian has no direct relationship with the individuals whose personal data it processes. An individual who seeks access, or seeks to correct, amend or delete inaccurate data should direct their query to Experian’s customer, the data controller. If you contact us with the name of an Experian customer to whom you provided your personal data, we will refer your request to the customer and support them in responding to your access request. If requested to remove data by the data controller, we will respond within a reasonable timeframe.
We provide choices and means for individuals to limit the use of their personal data. In addition to providing individuals with choices regarding our use of their information, we will remove an individual’s name and related information from our direct marketing information products if they request it. You may access, correct, or request deletion of your personal data by contacting us at email@example.com.
In certain circumstances, we may be required by law to retain your personal data or may need to retain your personal data to continue providing a service.
Changes to this Policy
If you have questions or concerns, you may contact Experian by mail at:
Chief Privacy Officer
475 Anton Blvd.
Costa Mesa, CA 92626