PCI DSS v3.2.1 accredited
The information you provided will be used for credit reporting, account registration, service subscription and/or continual enhancement of our products and services. It is mandatory for you to provide personal data required in the relevant service application/request form. If you do not provide such data, we may not be able to proceed your request and provide services to you. Unless required or permitted by the law, we would not use or transfer your personal data to external organizations other than the above purposes.
Following your submission of the service application/request form, your name, email address and contact number will be used for providing information about offers on our products and services via email and/or text message. If you wish to receive information on the above, please tick the respective box in the service application/request form.
You have the right to request access to and correction of information held by us about you. If you wish to access or correct your personal data, please contact our Consumer Services and Operations Department at hkcontact@transunion.com or by post to our office address at Suite 811, 8th Floor, Tower 5, The Gateway, 15 Canton Road, Tsim Sha Tsui, Kowloon, Hong Kong.
We know how important it is to protect your personal data and we take personal data privacy seriously. We want to ensure you are informed of our data practices and encourage you to review our privacy policy.
Updated as of 26th day of June, 2024
v.1.0
TransUnion Credit Information Services Limited (“TUCIS”, or “our” or “we” or “us”) is a selected Credit Reference Agency (“CRA”) under Credit Data Smart (also known as the Multiple Credit Reference Agencies (“MCRA”) Framework). In addition to existing applicable laws and regulations governing credit reference agencies, the operation and conduct of TUCIS as selected CRA is also contractually governed by the rules and guidance issued by the MCRA User Group, the administrative body of Credit Data Smart comprising representatives from the Industry Associations (The Hong Kong Association of Banks, The DTC Association (The Hong Kong Association of Restricted Licence Banks and Deposit-Taking Companies) and the Hong Kong S.A.R. Licensed Money Lenders Association Ltd., collectively).
We are committed to protecting your privacy, and support a general policy of openness about how we collect, use and disclose the personal data of Hong Kong consumers in accordance with appropriate standards under applicable privacy laws and regulations.
This privacy policy provides an overview of our business and explains how we collect, use and disclose personal data about consumers that appears in our database(s).
1.1 We may collect your personal data from various sources as summarized in the following table:
Type of personal data | Description | Source | ||
Consumer credit data (including without limitation credit card and consumer loan data, hire purchase data and mortgage data)
| 1. Identifying information: name, address history, contact number history, identity document numbers; and 2. Credit account information: Open and closed accounts, past due accounts and amounts. | Credit providers who are approved to participate in Credit Data Smart and provide your consumer credit data to the Credit Data Smart platform. | ||
Score | Scores in relation to credit, affordability, fraud, identity, collections and insolvency. | By running credit reference data through using our algorithm. | ||
Enquiry information | 1. Credit application enquiry information: enquiries from credit providers regarding your applications for credit; and 2. Other enquiry information: review checks by credit providers. | When credit providers access our services. | ||
Public record and related data | 1. Public information relating to action for recovery of debt, judgments for monies owed and bankruptcies; and 2. Any information permitted by law. | Public registrars and publicly available information. | ||
Account information | 1. First and last name; 2. Date of birth; 3. Identity document number; 4. Contact number; 5. Address; 6. Email address; 7. Account ID and password; and 8. Credit card information. | When you access, use or purchase any services, products (as defined under our Service Agreement) or functions in the Site or TransUnion Mobile. | ||
Basic contact information | Name, email address and job title. | When you contact us or when we subsequently request it to proceed your written inquiry, service appointment, newsletter subscription, data subject request and job application. | ||
Proof of identity or authority and other supporting documentation | To prove your identity by authenticating your biometric data. If you enquire on someone else’s behalf, we may ask for proof of authority, such as a power of attorney. Sometimes we may require additional supporting documentation. | |||
Employee information | Employment and educational history, background checks, performance appraisals, IP addresses and biometric data (optional). | |||
Information gathered in dealing with your enquiry or complaint | Dealing with an enquiry involves investigating the circumstances. This type of information depends on the enquiry or complaint. | Internal records and external organizations, such as clients and suppliers. | ||
Our response and other correspondence | Our response to and other correspondence relating to your enquiry or complaint. | We produce this ourselves. | ||
CCTV footage | Images and videos recorded by on-premises CCTV cameras. | CCTV cameras installed in our business premises. | ||
Audit information pertaining personal data | To authenticate activity logs and monitor performance of service contracts. | External service providers who process personal data on behalf of us. |
2.1 The use of consumers’ personal data is limited to purposes which have been disclosed to consumers by the Credit Data Smart Subscribed Members, or for purposes which are otherwise permitted by the laws. We disclose personal data in compliance with applicable laws and regulations primarily by means of credit reports to consumers, Credit Data Smart Subscribed Members, and other third parties as authorized and consented by you.
2.2. Specifically, we use and disclose personal data in the following circumstances:
2.3 We also share personal data with the Credit Data Smart Subscribed Members for the purposes described in Section 2.2 above. The Credit Data Smart Subscribed Members will each have their own privacy notices which will provide more information about how they (specifically) use the data we supply.
2.4 We may disclose your personal data to third parties who help us use it for the purposes described in Section 2.2, including but not limited to our service provider TransUnion Limited. These service providers are prohibited from using your personal data for their own purposes unless you have been notified of this purpose or given your consent.
2.5 We may also share anonymized information with other third parties, but only where the information cannot realistically be identified as relating to you.
3.1 We keep personal data only for as long as is necessary for the purposes for which it is held, subject to legal, statutory and regulatory requirements mandating the retention of data.
3.2 For more information about data retention, please review our General FAQs.
4.1 We take the protection of personal data seriously. We have adopted appropriate physical, electronic, and managerial procedures to secure your personal data and are committed to working with our customers and Credit Data Smart Subscribed Members to protect the security of personal data during any transfer to or from us. We have also instituted a number of safeguards to identify and help prevent the fraudulent use of your credit data and other personal data.
4.2 For more information about our security practices, please review our General FAQs and Security Policy.
5.1 For credit report, pursuant to the Credit Data Smart (MCRA) rules, you are entitled to ask for a copy of your credit report, free of charge, once every 12 months. You are also entitled to ask for a copy of your credit report, free of charge, within 30 business days of a refusal of credit by a Credit Data Smart Subscribed Member to whom we have provided your credit report. Other than the free credit reports, you may also request a copy of your credit report at any other time at a prescribed fee.
5.2 When gathering personal data, we work with the Credit Data Smart Subscribed Members to increase their awareness of the importance of providing only personal data that is accurate, complete, and up-to date. However, we cannot alter the data reported by the Credit Data Smart Subscribed Members, unless the data is determined to be wrong, incomplete or otherwise inaccurate. If you do not agree with the accuracy of the data we have on file, we have procedures to verify such data and, where appropriate, to amend or correct it. We also have established complaint procedures to address consumer concerns and to appropriately investigate and address inquiries and complaints.
5.3 Requests to access or correct your personal data provided to us can be made by email to hkcontact@transunion.com, by calling our Consumer Services and Operations Department at (852) 2577-1816, or by post to our office address, Suite 811, 8th Floor, Tower 5, The Gateway, 15 Canton Road, Tsim Sha Tsui, Kowloon, Hong Kong.
6.1 We reserve the right to modify this privacy policy at any time without notice. The privacy policy posted at any time via the Site or TransUnion Mobile shall be deemed to be the privacy policy then in effect.
6.2 For enquiries regarding this privacy policy, please contact our Data Protection Officer at hkcontact@transunion.com or by post to our office address at Section 5.3 above.
7.1 In the event of any ambiguity or inconsistencies between the English and Chinese versions of this privacy policy, the English version shall prevail.
Updated as of 1st of November 2023
v.1.0
TransUnion Limited (“TUHK”, or “our” or “we” or “us”) is committed to protecting your privacy, and supports a general policy of openness about how our collection, use and disclosure of the personal data comply with the requirements of the Personal Data (Privacy) Ordinance of Hong Kong.
This privacy policy provides an overview of our business and explains how we collect, use and disclose personal data we receive during daily operations, including TransUnion Hong Kong mobile application (“TransUnion Mobile”) or web site, (the “Site”).
1.1 We may collect your personal data from various sources as summarized in the following table:
Type of personal data | Description | Source |
Consumer data | 1. Identifying information: name, date of birth, email address, contact number, identity document numbers; and 2. Details of payments and transactions. | When you access, use or purchase any services, products (as defined under our Service Agreement). |
Consumer credit data (including without limitation credit card and consumer loan data, hire purchase data and mortgage data) | 1. Identifying information: name, date of birth, address history, contact number history, identity document numbers; and 2. Credit account information: Open and closed accounts, past due accounts and amounts. | When you consent to us for obtaining your individual credit report from TransUnion Credit Information Services Limited (“TUCIS”), the selected credit reference agency under Credit Data Smart (also known as the Multiple Credit Reference Agencies Framework). |
Business contact information | Name, job title, email address, contact number, account information. | When you contact us or when we subsequently request it to proceed your written inquiry, service appointment, newsletter subscription, data subject request and job application. |
Proof of identity or authority and other supporting documentation | To prove your identity by authenticating your biometric data. If you enquire on someone else’s behalf, we may ask for proof of authority, such as a power of attorney. Sometimes we may require additional supporting documentation. | |
Employee information | Employment and educational history, background checks, performance appraisals, IP addresses and biometric data (optional). | |
Information gathered in dealing with your enquiry or complaint | Dealing with an enquiry involves investigating the circumstances. This type of information depends on the enquiry or complaint. | Internal records and external organizations, such as clients and suppliers. |
Our response and other correspondence | Our response to and other correspondence relating to your enquiry or complaint. | We produce this ourselves. |
CCTV footage | Images and videos recorded by on-premises CCTV cameras. | CCTV cameras installed in our business premises. |
2.1 The use of your personal data is limited to purposes which have been disclosed before or at the time of data collection, or for purposes which are otherwise permitted by the laws.
2.2 Specifically, we use and disclose personal data in the following circumstances:
Type of personal data | Purposes of use of personal data |
Consumer data | 1. Providing services, facilities and goods. 2. Payments and billing. 3. Research and development of products. 4. Conducting surveys and analytics. |
Consumer credit data | 1. Compiling credit report with credit data from TUCIS. 2. Providing you access to your individual credit report via TransUnion Mobile and the Site. |
Business contact information | 1. Business communications and relationship management. 2. Engagement of contractors, subcontractors or other service providers. 3. Payments and billing. |
Employee information | Recruitment and human resources management, relating to such matters as employees’ appointment, employment benefits, payments, termination, performance appraisal and discipline, etc. |
Proof of identity or authority and other supporting documentation | To verify and authenticate identity before granting access or making corrections to your personal data. |
Information gathered in dealing with your enquiry or complaint | Processing your enquiry or complaint. |
Our response and other correspondence | |
CCTV footage | Ensuring safety of our staff and visitors and the security of our information and assets. |
2.3 We may provide you with additional privacy notices where we believe that it is appropriate to do so. Those additional notices supplement and should be read together with this Privacy Policy.
2.4 We will disclose personal data when authorized or required by law, regulations or rules, for example, in response to a court order or requests from law enforcement agencies or regulatory authorities.
2.5 We may also disclose your personal data to third parties who help us use it for the purposes described in Section 2.2. These service providers are prohibited from using your personal data for their own purposes unless you have been notified of this purpose or given your consent.
2.6 We may also share anonymized information with other third parties, but only where the information cannot realistically be identified as relating to you.
3.1 We keep personal data only for as long as is necessary for the purposes for which it is held, subject to legal, statutory and regulatory requirements mandating the retention of data.
4.1 We take the protection of personal data seriously. We have adopted appropriate physical, electronic, and managerial procedures to protect personal data against unauthorized or accidental access, processing, erasure or other use.
5.1 You have rights to ascertain whether we hold personal data relating to you, to obtain a copy of those data, and to correct any data that is inaccurate.
5.2 Requests to access or correct your personal data provided to us can be made to our Data Protection Officer at dpotuhk@transunion.com or by post to our office address, 8th Floor, Tower 5, The Gateway, 15 Canton Road, Tsim Sha Tsui, Kowloon, Hong Kong.
6.1 We reserve the right to modify this privacy policy at any time without notice. The privacy policy posted at any time shall be deemed to be the privacy policy then in effect.
6.2 For enquiries regarding this privacy policy, please contact our Data Protection Officer at dpotuhk@transunion.com or by post to our office address at Section 5.2 above.
7.1 In the event of any ambiguity or inconsistencies between the English and Chinese versions of this privacy policy, the English version shall prevail.
Updated as of 1st day of November, 2023
v.1.0
This document provides information about how we use cookies on our website at www.transunion.hk.
1. WHO ARE WE?
This website is operated by TransUnion Limited, which is a company registered in Hong Kong SAR, China. Its registered office is at 8th Floor, Tower 5, The Gateway, 15 Canton Road, Tsim Sha Tsui, Kowloon, Hong Kong.
2. WHAT ARE COOKIES?
A cookie is a small file of letters and numbers that we put on your device when you browse our website.
3. WHAT DO WE USE COOKIES FOR?
We use cookies and similar technologies to distinguish you from other users of the website. This helps us to provide you with a good experience when you browse the website and also allows us to personalize and improve the website.
Our cookies are not used to collect information which (by itself) allows us to identify who you are. But if you separately tell us who you are, we may link your identity to the cookies we put on your device so that we can see how you are using the website. We use that information in accordance with the privacy notice that we give you when you tell us who you are.
4. WHAT COOKIES DO WE USE?
We use the following kinds of cookie:
5. HOW TO CONTROL COOKIES?
Strictly necessary cookies are always on when you visit us. On your first visit to us, we’ll ask you to choose which cookies we can use.
You can block cookies using your browser settings that allow you to refuse all or some cookies. However, if you use your browser settings to block all cookies (including strictly necessary cookies) you may not be able to access parts of our website or use some of its features.
For more information about this, and about cookies in general, you may wish to visit https://cyberdefender.hk/en-us/whats-cookie/.
Updated as of 26th day of June, 2024
v.1.0