TransUnion Privacy Policy

General Privacy Policy
TransUnion's Approach to the Collection, Use and Disclosure of Personal Information

Scope of this Privacy Policy
We are committed to protecting your privacy, and support a general policy of openness about how we collect, use and disclose the personal information of Hong Kong consumers.

This TransUnion Privacy Policy provides an overview of our business and explains how we collect, use and disclose the information about Hong Kong consumers that appears in our database. For specific information about how we collect, use and disclose information from you when you visit or use this Web Site, please see our Online Privacy Statement below.

Definitions
In this Privacy Policy and the Online Privacy Statement, we will use the following terms:

"Code of Practice" means the Code of Practice on Consumer Credit Data issued by the Privacy Commissioner for Personal Data.

"Personal information" means any information about an identifiable individual.

"TransUnion" means TransUnion Limited.

Our Collection Practices
We collect your personal information in accordance with the Code of Practice and primarily from the following sources:

• Credit providers who are our members who provide credit information about you, including credit card and consumer loan data, hire purchase data and mortgage data;
• Directly from you when you provide us with comments regarding your Credit Report or when you order for a Credit Report.

Information We Collect

(a) What is Included in Your Credit Report
TransUnion's Credit Reports may contain the following personal information:

• Identifying information: name, address history, contact number history, identity document numbers;
• Credit account information : Open and closed accounts, past due accounts and amounts;
• Credit application enquiry information : enquiries from members regarding your applications for credit;
• Other enquiry information : review checks by members;
• Public record and related data: public information relating to action for recovery of debt, judgments for monies owed and bankruptcies;
• Credit score based on your credit information.

(b) Identification Requirements
We also collect other information you have provided to confirm your identity and mailing address, which we maintain for authentication purpose. This information may include copies of, or information from, your Hong Kong Identity Card, passport, bills or other correspondence. This information is not part of your Credit Report.

Our Use and Disclosure of Your Personal Information
We limit our use of consumers' personal information to those purposes which have been disclosed to consumers by our members, or for purposes which are otherwise permitted by the Code of Practice. We disclose personal information in compliance with the Code of Practice and the law primarily by means of Credit Reports to both consumer and members. Specifically, we use and disclose personal information in the following circumstances:

• To provide our consumer credit reporting services and other related services to our members;
• To provide consumer credit information directly to consumers who have requested a copy of their Credit Reports, or to provide related services to consumers;

In addition, we may provide anonymous information (i.e., information that does not identify individual consumers) in the form of aggregate, geographic or demographic data to our members, customers or service providers.

TransUnion may share information without personal identifiers with third parties engaged to assist us in providing services and information to our members. These service providers are prohibited from using your personal information for any purpose other than to provide this assistance and are required to protect personal information disclosed by TransUnion and to comply with the general privacy principles described in this Privacy Policy. Some of these service providers are located outside of Hong Kong. As a result, your personal information may also be subject to applicable local laws, which may be different from Hong Kong laws.

Obtaining Consent
We do not, except where otherwise permitted by law, collect, use or disclose personal information unless the consumer is aware of the purposes for which the information will be used or disclosed, and has given his or her consent to such use or disclosure.

Our Safeguarding Practices
We take the protection of personal information seriously. We have adopted procedures to secure storage of personal information and are committed to working with our members to protect the security of personal information during any transfer to or from us. We have also instituted a number of safeguards to identify and help prevent the fraudulent use of personal credit information.

Access and Accuracy of Credit Reports
Consumers can request and review a copy of their Credit Report to verify that the information therein is current and accurate.
When gathering personal information, we work with our members to increase their awareness of the importance of providing only personal information that is accurate, complete, and up-to-date. However, TransUnion cannot alter the information reported by our members, unless the information is determined to be wrong, incomplete or otherwise inaccurate. If consumers do not agree with the accuracy of the information TransUnion has on file, we have procedures to verify such information and, where appropriate, to amend or correct it. We also have established complaint procedures to address consumer concerns and to appropriately investigate and address inquiries and complaints.

Retention of Your Personal Information
TransUnion retains your personal information in our credit information database for as long as necessary to fulfill the purpose(s) for which it was collected and to comply with applicable laws. The Code of Practice also imposes certain restrictions on the retention of different types of personal credit information.

Direct Marketing
We will not use your personal data for direct marketing or provide your personal data to third parties for direct marketing without your consent.

Contacting Us
We welcome consumers to contact us to obtain more information or if they have questions. Our Consumer Relations Department is staffed by trained personnel who can assist consumers in obtaining and understanding their Credit Report.

Any consumers who have recently applied for credit or obtained a copy of their Credit Report may contact us at:
TransUnion Limited
Suite 1006, Tower 6, The Gateway, 9 Canton Road,
Tsim Sha Tsui, Kowloon, Hong Kong

Telephone Hotline : (852) 2577-1816

Fax: (852) 2578-4425)

Email: contact@transunion.hk

Hours of operation: 9:00 a.m. - 5:30 p.m. (Monday to Friday, closed on Public Holidays)

More Information
To review our Online Privacy Statement that addresses the manner in which we collect, use and disclose the personal information that we collect from you on our Web Sites please see below.

Changes to this Privacy Policy
TransUnion reserves the right to modify this Privacy Policy including the Online Privacy Statement at any time without notice. The Privacy Policy posted at any time via this Web Site shall be deemed to be the Privacy Policy then in effect.

Online Privacy Statement
Please carefully read our Online Privacy Statement to understand how we will treat the information you provide while visiting this web site ("Web Site").

Collection and Use of Information
Internet Information - When you visit this Web Site, we may collect general Internet data, including your Internet protocol ("IP") address and date and time you visit this Web Site. A "cookie" is also set on your computer to allow us to recognize you whenever you visit and collect information, like the pages you visit and the preferences you choose. We use the information we collect for statistical purposes and to study how this Web Site is used so that we may improve and enhance your experience on our Web Site. We may provide such information collected to outside vendors located within or outside Hong Kong SAR for such purposes. No personal information is stored in cookies. It is possible for you not to accept our cookies while using our Web Site by setting the preference in your web browser. If you do so, you may not be able to apply for credit reports online but you can still visit the pages in our Web Site.

Information You Provide - When you visit our Web Site, you may be asked to provide information through this Web Site for various purposes such as applying for your credit report on-line or making enquiries with us. You may provide to us certain personal information, such as first and last name; address; date of birth; identity document number; contact number; email address; account ID and password; and credit card information. In general, we will use the information collected from you for the purpose for which you provided such information.

Retention Period - All credit reports accessed through this Web Site will be retained in an encrypted format for up to 6 months to enable us to deal with queries. Information provided by non-e-Cert users who have not yet provided supporting documents for account activation purpose will be retained for 61 days. All records pertaining to payment and service order history will be retained by us for 2 years for administrative purposes.

Disclosure to Third Party - We will not release your personal information to third parties except: (1) as necessary for us to process your transaction or (2) as permitted by law. These third parties are not allowed to use your personal information except for the purpose of providing these services.

Direct Marketing – We will not use the information collected on this Web Site for a direct marketing purpose unless we have obtained your consent for it. If you have given us your consent, we may use the email address or any other contact information provided by you to communicate our news, marketing materials, special offers, discounts and free credit tips to you. In case you no longer want to receive these messages via email, you may unsubscribe our promotional emails by clicking the "Unsubscribe link" provided on each email without any cost and you will be unsubscribed from the mail list within 7 business days. If you decide not to receive any marketing information or messages via other communication channels, you may contact our Consumer Relations Department.

Accuracy of Information – We adopt procedures to ensure that information provided to us on this Web Site is accurate when providing our credit report service. For e-Cert users, Hong Kong Identity Card number and Surname provided to us are matched against the information on the e-Cert. For other users, in order to register their account, a copy of their Hong Kong Identity Card is required to verify information provided. For registered users, a user ID and password are provided to verify their identity.

Links to Third Party Sites - This Web Site may offer links to third party web sites including the Hong Kong Post Office (by use of the e-Cert service) and Jetco for credit card payment. You should be aware that operators of linked web sites may also collect your personal information (including information generated through the use of cookies) when you link to their web sites. TransUnion is not responsible for how such parties collect, use or disclose your information and it is important for you to familiarize yourself with their privacy policies before providing them with your personal information.

Recruitment - When you submit any information for an employment purpose, we will use your personal information for such purpose only.

Access to and Correction of Your Information
Requests to access or correct your information provided to us on this Web Site can be made by email to contact@transunion.hk or, by calling our Consumer Relations Department at (852) 2577- 1816, or contact us at our office address.

Security
The secure area of our Web Site supports the use of 128-bit Secure Socket Layer (SSL) encryption technology - an industry standard for encryption over the Internet to protect data. When you provide sensitive information such as credit card details, it will be automatically converted into codes before being securely dispatched over the Internet. Access to information you provide to us is restricted to authorized personnel only.