Effective April 09, 2024
Your personal data is data which by itself or with other data available to us could be used to identify you. We are Trustev Limited ("Trustev", "we", "us" or "our"), the data controller. This Privacy Policy describes how we collect and use your personal data and your rights which may apply under European data protection laws.
Trustev assists businesses ("Customers") to digitally identify fraud and other suspicious behaviours and protect consumers ("Consumers") from becoming the victims of fraudulent behaviours. While Trustev is a 100% subsidiary of TransUnion LLC, this privacy policy is applicable only to Trustev, an Irish registered company.
The privacy of Customer and Consumer personal data is important to Trustev.
Please carefully read this policy to get a better understanding of:
This policy applies to our applications, services, processes and websites (collectively "the Services") that link to this policy or do not have a separate privacy policy. Any changes made to this policy will be posted on this site. Customers will also be notified directly of any material changes.
Our Customers provide us Consumer personal data to be used for fraud prevention via multiple technologies which are installed on their relevant sites. This means a Trustev cookie may be placed on your device which will run our JavaScript code and/or use our SDKs to enable the collection of certain device identifiers and IP addresses. The information is sent back to the Customer and subsequently passed onto Trustev for processing.
This personal data may include email addresses, telephone numbers, billing or shipping addresses, payment details such as transaction value, volume, BIN number and order status.
We may also collect Customer personal data including:
We process Consumer personal data in order to provide the Trustev Services to our Customers. This is to fulfil our contract with Customers and to exercise our and our Customer's legitimate interests. These legitimate interests include our Customer's and our interests to prevent fraud and to ensure that Consumers can be authenticated by our Customers as well as our, and our Customers' fundamental rights and freedoms, including our freedom to conduct a business and our, and our Customers', right to property. We may also process data where required by EU or Member State law or where we are required to obtain consent.
The Trustev Services may process data in the following ways:
Data collected |
Purposes/activities |
Legal basis for processing |
Consumer Personal Data |
|
|
Name, email addresses, telephone numbers, billing or shipping addresses, payment details such as transaction value, volume, BIN number and order status; IP address; device ID, device attributes |
To combine the information we collect about you from our Customers to generate a profile of you and your internet use (your “Trustev Profile”)
To generate a Trustev Score which is a risk indicator derived from your online transactions with our Customers and share this with our customers for their use
To optimize and improve the Trustev Services, including the use of Artificial Intelligence (A.I. to understand trends over time to contribute to Machine Learning and data analytics for the purposes of improving our fraud prevention services
To analyse the use of the Services for internal business purposes
|
Legitimate interests to prevent fraud and to ensure that Consumers can be authenticated by our Customers aswell as our, and our Customers' fundamental rights and freedoms, including our freedom to conduct a business and our, and our Customers', right to property |
Customer Personal Data |
|
|
Name, contact details, query details |
Communicating with you if you contact us with a query
To send you direct marketing
|
Consent |
Name, contact details, company name, company billing information, company tax number |
To administer our customer accounts
To send our customers communications about your account, billing, provide service updates, transactional dealings |
Contract with our customers |
Logs |
To investigate any lawful or wrongful activity or unauthorized access to our Services and those of our Customers
|
Contract with our customers |
As needed |
To comply with applicable laws and provide services in the substantial public interest
|
Legal obligations
Public interest |
We may share personal information collected through our Website and Services in the following ways:
Information we share with our group companies: We may share your personal information with other members of the TransUnion group of companies for purposes consistent with this Privacy Policy. These may include such companies as TransUnion LLC, iovation, Inc, and iovation Limited.
Information we share with our customers: In making the internet a safer place, we may share personal data with our customers. Our Customers provide the online services that Trustev protects from online fraud and abuse.
Information we share with our service providers: We may also engage certain trusted third-party service providers, consultants or vendors to assist us in the provision of the Website and deliver services, including cloud hosting, security measures, email lookup, IP lookup, device lookup, customer service, analytics and billing. Pursuant to appropriate agreements, confidentiality and security measures, Customer and/or Consumer personal data may be shared with third-parties in compliance with this policy. We will only share your personal information with third parties to the extent necessary to perform such functions and in accordance with the purposes set out in this Privacy Policy and applicable laws.
Information disclosed in connection with business transfers: In the event of a corporate sale, merger, reorganization, acquisition, dissolution, financing or other similar event, your personal information may be shared or transferred in connection with, or during negotiations of, such event or transaction.
To protect our rights, users, systems, and services: Trustev may disclose personal data to protect our rights, users, systems, and services.
Information disclosed for legal purposes and the protection of others: We may disclose personal information to a third party where we are legally required to do so in order to comply with applicable laws, regulations, legal process or governmental requests. We will also disclose personal information to the extent we believe necessary or appropriate: (i) to respond to claims, judicial orders, subpoenas, warrants or other process issued by a court of competent jurisdiction; (ii) to protect the vital interests of any person; (iii) to exercise, establish or defend our legal rights; and (iii) to stop any activity we consider illegal, unethical or legally actionable.
Trustev carries out business activities supporting our Customers in multiple jurisdictions, some of which are not located in the European Union ("EU"). Countries outside the EU do not always have strong personal data protection laws. Where we transfer personal data from the EU to other countries in which applicable laws do not offer the same level of personal data privacy protection as the EU, we take measures to provide appropriate safeguards are in place to protect your personal data.
For example, we use approved standard contractual clauses, intragroup agreements and other measures designed to ensure that the recipients of the Customer or Consumer personal data protect it appropriately. We take steps to ensure that the Customer or Consumer personal data we collect is processed according to this policy and the requirements of the applicable law wherever the Customer or Consumer personal data is located.
Please note that where EU personal data is transferred outside of the EU (and EEA) by Standard Contractual Clauses, to be processed by our vendors and other third parties, individuals whose data is processed by those non-EU vendors and other third parties shall have the right to request a copy of those Standard Contractual Clauses. In the event that you seek to request a copy of those clauses, please contact those businesses to receive a copy.
Please contact us at PDLTrustEvPrivacy@transunion.com if you require further information on this matter or would like to know the means by which to obtain a copy of the appropriate safeguards or where they have been made available.
The following criteria are used to determine data retention periods for your personal data:
We retain personal data for as long as we reasonably require it for legal or business purposes:-
Typically, our retention of data within our EU based services is two years from the date that Trustev collects that data.
We will also retain your personal data as long as necessary to deal with your queries and for as long as you might legally bring claims against us. We will take all necessary steps to ensure that data privacy is maintained for the period of retention. For further details on retention, please contact PDLTrustEvPrivacy@transunion.com.
We recognize that online security and data protection is an area of vital importance. Trustev is committed to protecting the security of the personal data you share with us or we otherwise process about you. In support of this commitment, we have implemented appropriate technical, physical and organisational measures to ensure a level of security appropriate to the risk.
As the security of some communications via the internet is not completely secure, we cannot guarantee the security of any information that you disclose using your internet connection. You accept the inherent security implications of using the internet and that Trustev is not responsible for the security of communications sent over the internet.
If you are a data subject resident in the EU and United Kingdom you have a number of rights under the EU Data Protection Regulation and/or the UK Data Protection Act 2018 which are outlined below. Some of these only apply in specific circumstances and are qualified in several respects by exemptions in data protection legislation. We will advise you in our response to any request you may make if we are relying on any such exemptions.
Access to personal data: You have a right to request a copy of the data we hold about you. Should you wish to make such a request, please contact PDLTrustEvPrivacy@transunion.com. You should include adequate information to identify yourself and such other relevant information that will reasonably assist us in fulfilling your request. Your request will be dealt with without undue delay.
Correction of personal data: You can request us to rectify and correct any personal data that we are processing about you which is incorrect.
Right of erasure: You can request us to erase your personal data where there is no compelling reason to continue processing it. This right only applies in certain circumstances, it is not a guaranteed or absolute right.
Right to data portability: This right allows you to obtain your data that you have provided to us with your consent in a format which enables you to transfer that personal data to another organization. You may have the right to have your personal transferred by us directly to the other organization, if this is technically feasible.
Right to restrict processing of personal data: This right allows you to obtain your data that you have provided to us with your consent in a format which enables you to transfer that personal data to another organization. You may have the right to have your personal transferred by us directly to the other organization, if this is technically feasible.
Right to object to processing of personal data: You have the right to object to our use of your data which is processed on the basis of our legitimate interests. However, we may continue to process your data, despite your objection, where there are compelling legitimate grounds to do so or we need to process your data regarding any legal claims.
Right to withdraw consent: Where we have relied upon your consent to process your data, you have the right to withdraw that consent. For further assistance should your require it please : PDLTrustEvPrivacy@transunion.com
Right to lodge a complaint with a supervisory authority: You have the right to lodge a complaint with a supervisory authority against the processing of your personal data if you believe that the processing of your personal data violates data protection regulations.
Trustev's Supervisory Authority is the Irish Data Protection Commissioner. You can contact them at Homepage | Data Protection Commission. Should you have cause to do so, you can make a complaint to the supervisory authority in your jurisdiction.
Trustev is committed to ensuring full transparency in its data processing activities and for the purposes of this policy Trustev are the data controllers. For any requests related to your data or your rights referenced above, please contact us in one of the following ways:
If we change our privacy policy, we will post those changes here and amend the "Last Updated" date at the top of this page. If we make any material changes to the privacy practices relating to our Services, we will amend this privacy policy and notify our Customers more directly –for example by posting a notification or sending a message through their account or by email. We encourage you to review this page frequently to stay informed of the latest modifications.
Effective date: April 09, 2024