Trustev Limited Privacy Policy

Introduction

Your personal data is data which by itself or with other data available to us could be used to identify you. We are Trustev Limited ("Trustev", "we", "us" or "our"), the data controller. This Privacy Policy describes how we collect and use your personal data and your rights which may apply under European data protection laws.

Trustev assists businesses ("Customers") to digitally identify fraud and other suspicious behaviours and protect consumers ("Consumers") from becoming the victims of fraudulent behaviours. While Trustev is a 100% subsidiary of TransUnion LLC, this privacy policy is applicable only to Trustev, an Irish registered company.

The privacy of Customer and Consumer personal data is important to Trustev.

Please carefully read this policy to get a better understanding of:

This policy applies to our applications, services, processes and websites (collectively “Services”) that link to this policy or do not have a separate privacy policy. Any changes made to this policy will be posted on this site. Customers will also be notified directly of any material changes.

The types of personal data we collect

Consumer personal data

Our Customers provide us Consumer personal data to be used for fraud prevention via multiple technologies which are installed on their relevant sites.

This personal data may include email addresses, telephone numbers, billing or shipping addresses, payment details such as transaction value, volume, BIN number and order status.

Our Customers may also provide us information collected from their website interactions with Consumers such as device identifiers, device attributes, URL's and IP addresses.

Customer personal data

We may also collect Customer personal data including:

How we use this data: the legal basis and purpose

We process Consumer personal data in order to provide the Trustev Services to our Customers. This is to fulfil our contract with Customers and to exercise our and our Customer's legitimate interests. These legitimate interests include our Customer's and our interests to prevent fraud and to ensure that Consumers can be authenticated by our Customers.

The Trustev Services include but are not limited to:

We may also use this personal data for:

We rely on our legitimate interests to process for the above purposes except where we are required to process by EU or Member State law or where we are required to obtain consent.

Our legitimate interests include our and our Customers' fundamental rights and freedoms, including our freedom to conduct a business and our and our Customers' right to property.

We may also need to process your personal data to comply with our obligations under applicable laws.

How your data is shared

With third parties

As part of facilitating normal business operations, Trustev retains and contracts with trusted third-parties to process Customer and/or Consumer personal data including services like: email lookup, IP lookup, mobile lookup, customer service and billing. Pursuant to appropriate agreements, confidentiality and security measures, Customer and/or Consumer personal data may be shared with third-parties in compliance with this policy.

We may also share Customer and/or Consumer personal data in the following circumstances:

International transfers

Trustev carries out business activities supporting our Customers in multiple jurisdictions, some of which are not located in the European Union ("EU"). Countries outside the EU do not always have strong personal data protection laws. Where we transfer personal data from the EU to other countries in which applicable laws do not offer the same level of personal data privacy protection as the EU, we take measures to provide appropriate safeguards are in place to protect your personal data.

For example, we use approved standard contractual clauses, intragroup agreements and other measures designed to ensure that the recipients of the Customer personal data protect it appropriately. We take steps to ensure that the Customer personal data we collect is processed according to this policy and the requirements of the applicable law wherever the Customer personal data is located. Please contact us at PDLTrustEvPrivacy@transunion.com if you require further information on this matter or would like to know the means by which to obtain a copy of the appropriate safeguards or where they have been made available.

How your data is retained and secured

Criteria used to determine retention periods

The following criteria are used to determine data retention periods for your personal data:

We retain personal data for as long as we reasonably require it for legal or business purposes. We will also retain your personal data as long as necessary to deal with your queries and for as long as you might legally bring claims against us. We will take all necessary steps to ensure that data privacy is maintained for the period of retention. For further details on retention, please contact PDLTrustEvPrivacy@transunion.com.

Security

We recognize that online security and data protection is an area of vital importance. Trustev is committed to protecting the security of the personal data you share with us or we otherwise process about you. In support of this commitment, we have implemented appropriate technical, physical and organisational measures to ensure a level of security appropriate to the risk.

As the security of some communications via the internet is not completely secure, we cannot guarantee the security of any information that you disclose using your internet connection. You accept the inherent security implications of using the internet and that Trustev is not responsible for the security of communications sent over the internet.

Your data protection rights under GDPR

From the 25th May 2018, under the EU General Data Protection Regulation, if you are a data subject resident in the EU you have a number of rights which are outlined below. Some of these only apply in specific circumstances and are qualified in several respects by exemptions in data protection legislation. We will advise you in our response to any request you may make if we are relying on any such exemptions.

Who to contact

Trustev is committed to ensuring full transparency in its data processing activities and for the purposes of this policy Trustev are the data controllers. For any requests related to your data or your rights referenced above, please contact us in one of the following ways:

Trustev employs BH Consulting as our Data Protection Officer who can be contacted at PDLTrustEvPrivacy@transunion.com

Filing a complaint

If you are not satisfied with how we manage your data, you have a right to make a complaint to your local Data Protection Authority.

Trustev's Supervisory Authority is the Irish Data Protection Commissioner. Should you have cause to do so, you can make a complaint to the supervisory authority in your jurisdiction.

Effective date: 25, May 2018