Experian Ireland Privacy Policy

Effective date: 25 May 2018

This policy

We take your privacy seriously. This Privacy Policy explains what personal information we collect from you and how we use it.

We encourage you to read this policy thoroughly. To make it easier, we've broken it up into bite-size chunks and some longer sections. If you want to know more about these sections, just click on the 'FIND OUT MORE' link at the end of each summary.

  1. Who is Experian and how can you contact us?

    When we refer to 'Experian' in this Privacy Policy, we mean Experian Ireland Limited.

    Experian is part of a group of companies whose parent company is listed on the London Stock Exchange (EXPN) as Experian plc. The Experian group of companies has its corporate HQ in Dublin, Ireland, and its operational HQs in Nottingham, UK and Costa Mesa, California. You can find out more about the Experian group on our website at www.experianplc.com.

    Experian is responsible for processing the personal information you provide to us on this website www.experian.ie (or was provided to us as part of enabling you to access the website) and where it is a requirement under Irish Law, Experian will maintain its registration with the Data Protection Commissioner's Office in Ireland.

    Experian is responsible for processing the personal information you provide to us on this website and this privacy notice covers all the business information websites that Experian operates including:

    https://www.experian.ie
    https://www.carhistorycheck.ie

    If there's anything you're unsure about in this Privacy Policy, feel free to contact our Consumer Customer Services on 0044 (0) 844 481 8888 or email uk.dpo@experian.com.

    Client queries are to be sent to:

    uk.dpobusinessenquiries@experian.com

  2. What information we collect

    We will need to ask you for certain personal information to give you the best possible experience when you engage with us (via our websites or otherwise) and when you use our products and services. Note that not all of our websites ask for all of this information.

    We or our third parties will also collect other information about you and the devices you use to access our website. We do this by using technologies like cookies. See also our Cookies Policy.

    Click below to see what types of personal information the websites listed above will ask for or collect.

    Contact information

    When you apply for Experian services from our websites we will ask you to provide some contact information. Contact information may include some or all of the following: Full name, business name, residential address, business address, land line telephone number, mobile phone number and email address. We will only retain your Contact information for as long as there is a continuing need to use it. This could include dealing with disputes/complaints/legal issues.

    Payment information

    Where the services you select on our website carry a cost, we may ask you to provide some payment information. Payment information may include some or all of the following: Credit/debit card details (card number, expiry date, card security code (CVV) and card billing address. This Payment information is only retained for as long as it is needed, for example, for monthly payments.

    Security details

    For most of the services you select on our websites, we will ask you to provide security information that only you will know. Security information may include some or all of the following: a memorable word, a security question and answer which may contain personal data. We will only retain your Security information for as long as there is a continuing need to keep it such as protecting against fraud using previous or duplicate accounts.

    Device information

    We also collect certain data automatically from your visit to our websites or use of our services which may include some or all of the following: How you connect to the internet (IP Protocol Address) and how you engage with our site, screen resolution, Browser data stored on your device (such as cookies - see also Cookie policy), Information about the software you are using such as internet browser, Location data (city, region of the IP address you used when accessing our Products and Services). We will only retain your Device information for as long as there is a continuing need to retain it.

    Other

    Finally, in some products and services we may offer services such as free text chat. We will retain this information for up to 30 months in case it is required to resolve any disputes or complaints. After which it will be deleted or anonymised and retained to help with product development and customer service.

  3. How we use your information

    We use your personal information in lots of ways to make our products and services as effective as possible. Note that not all of our websites collect data for all of these purposes. For example, we only collect payment details on online products where you can pay as you go.

    Click below to see what the websites listed above use your personal information for:

    To enable you to access our website and use our services

    We will use your information to accept you as a new/returning customer and continue to provide you with our products and services.

    To confirm your identity and authenticate the information you provide

    As part of providing our services to you we will confirm your identity and authenticate the information you provide for security purposes.

    Required product registration information such as name, address(es), and date of birth, are utilised to establish your membership or one-time transaction record and to verify your identity. We require this verification in order to provide you with access to your company information. For security reasons and to protect the confidentiality of your information, we will verify your identity by checking details you supply against details about you held on other databases to which we have access for these purposes. A record of this check will be kept and, with your consent, may be used by other organisations for verification and fraud prevention purposes.

    To process payments and collect arrears

    We will use your information to process the payment/s you commit to when signing up to our services and for the collection of any future payments or overdue amounts for those services.

    Your payment card provider may let us know if the card details relating to your Experian payment change. If this happens, we reserve the right to update certain card details to make sure your access to our services isn't interrupted.

    So, for example, if you get a new payment card with a later expiry date to the one you currently pay with (but all the other details stay the same), we may update your payment card expiry date accordingly.

    To provide and improve customer support

    We will use your information to be able to provide and improve the customer support we provide to you (e.g. when you have questions or when you forget your log-in information).

    For internal training purposes

    We will use your information to ensure that our team has the knowledge and expertise to ensure we provide the best possible experience to you when you interact with us.

    For fraud investigation, detection and prevention

    We will use your information for fraud investigation, detection and prevention measures and in order to provide suitable security for your account and your information that we hold (such as to enable us to prevent others logging in to your account without your permission from unknown devices).

    For reporting and analytical purposes

    We will use your information for reporting and analytical purposes (e.g. geographic distribution of customers) to enable us to improve our products and services and provide appropriate levels of support to our customers.

    For marketing and market research

    Where you have signed up to use a product or service we will use your contact information to keep you up to date with the latest product news as well as informing you about other Experian products and partner products we can offer you that might help your business. You can always change your communication preferences by following the onscreen prompts after you have accepted our terms and conditions and read our privacy policy.

    All our marketing communications will include the option to unsubscribe from us contacting you again.

    Experian may select particular customers and invite them to be involved in market research. If you accept this invitation, we will use the feedback you give us to help decide on how to improve our products and services.

    To track activity on our websites

    We will use your information to track your activity on our websites to help us better understand your interests and how you interact with us. We will use this information to help us detect if someone else is trying to access your account(s) or use the services you take from us. We will also use this information to better engage with you and to ensure that you get the best service we can provide and improve the products in the future.

    To maintain our records and other administrative purposes

    We will use your information to ensure that we maintain comprehensive and up to date records of the ways we process your personal information and other operational activities and therefore we will use the information you provide for record-keeping, updates and general administrative purposes.

    For debt collection

    Your personal information may be used to collect debt from you in the case of non-payment for our products and services.

    For complaint and dispute resolution

    Whilst we will try to make sure that you are happy with the service we provide and do not feel the need to complain, if you do complain to us, we will use the information we have about you to help us manage your complaint and to bring it to a close.

    To comply with the law

    Like any other business, we are required to comply with many laws and regulations. We will, where necessary, use your information to the extent required to enable us to comply with these requirements.

    To administer prize draws, competitions, membership offers, surveys and other promotional activities

    From time to time we may run prize draws, competitions, promotions and surveys and, only if you agree, we will use the personal data you provide to us, to run such activities and to do what we agree to do as part of them.

    For [other]

    Experian may use performance tracking technology within our emails to improve our future interactions with you. This means we are able to capture information including (but not limited to) the time and date you open our e-mails and the type of device used to open the email. We use this information primarily to understand whether our e-mails are opened and what links are clicked on by our customers. We then use this information to improve the emails that we send to you and the services that we provide.

  4. Further uses of your personal information not described in this Privacy Policy

    If we use your personal information for any purposes that are not set out in this Privacy Policy, we promise to let you know exactly what we will use it for before we go ahead and use it.

  5. What are the legal grounds for handling personal information?

    Contract

    In most cases, the information described above will be provided to us by you because you want to take services from us or engage with us and our use of your information will be governed by contract terms. Giving this information to us is therefore your choice. If you choose not to give all or some of it to us, this may affect our ability to provide the services you want, to you.

    In particular, we may rely on this condition for processing in the following scenarios:-

    • To enable you to access our website and use our services.
    • To let you know about significant changes to product, terms or privacy policy and to send you service communications.
    • To confirm your identity and authenticate the information you provide.
    • To process payments and collect arrears.
    • To provide and improve customer support.

    Consent

    We rely on the consent ground for handling your personal information in the following scenarios:

    • Marketing for additional products and services from Experian or Experian marketing third party products and services we think you might be interested in
    • Market research
    • Administration of prize draws, competitions, membership offers, surveys and other promotional activities

    Legitimate Interests

    In Ireland, we can also use personal information where the benefits of doing it are not outweighed by the interests or fundamental rights or freedoms of data subjects. The law calls this the "Legitimate Interests" condition for processing. For example, we may use data collected from our websites for:

    • Helping to prevent and detect crime such as fraud and money laundering. Fraud and money laundering cost the Irish economy hundreds of millions of euros every year. That cost is ultimately passed on to the public in the form of higher prices. By helping to avoid fraud such as identity theft, we help to stop this from happening.
    • Complying with/supporting compliance with legal and regulatory requirements. Additionally, the services we provide help other organisations to comply with their own legal and regulatory obligations.
    • Internal training purposes - to enable us to train our staff to better provide services to our customers.
    • Reporting and analytical purposes - to provide management information and information to improve our services.
    • Website usage tracking activity - to help us to improve our services.
    • To maintain our records and other administrative purpose - to enable Experian to provide the most accurate data for our customers and clients.
    • Complaint and dispute resolution - we will need to use customer data when investigating queries and complaints.
    • To improve data accuracy and completeness.
    • Email tracking to improve our communications to our customers.
    • Debt Collection.
  6. Who we share your personal information with

    We share your personal information only with those persons who need to handle it so we can provide the Experian products and services you've signed up to. We also share it with companies within the Experian group who manage some parts of the services for us, with suppliers who provide services to us which require access to your personal information only and with resellers, distributors and agents involved in delivering the services we provide where necessary for them to do so.

    Lastly, we may also provide your personal information to fraud prevention agencies. This is to protect the Experian group of companies and our customers, to keep our systems secure, or where it's necessary to protect either yours or our best interests.

    Click below to find out more about who and why we share your information with others.

      1. Group companies

        As a member of the Experian group of companies, we can benefit from the large IT infrastructure and expertise that exists within our business. This means that the personal data you provide to us may be accessed by members of our group of companies for support and administrative purposes.

      2. Suppliers

        We use a number of service providers to support our business and these service providers may have access to our systems in order to provide services to us and/or to you on our behalf.

      3. Resellers, distributors and agents

        We sometimes use organisations to help provide our products services to clients and customers. Personal information may be provided to them in connection with this purpose.

      4. Fraud prevention agencies

        We will check your details with the records we hold and share with fraud prevention agencies. If false or inaccurate information is provided and fraud is identified, we will record this and details will be passed to the other fraud prevention agencies. Law enforcement agencies may access and use this information.

        We and other organisations may also access and use this information to prevent fraud and money laundering, for example, when:

        • Checking details on applications for credit and credit related or other facilities.
        • Managing credit and credit related accounts or facilities.
        • Checking details on proposals and claims for all types of insurance
        • Checking details of job applicants and employees

        Please contact us at Experian Ltd, PO Box 8000, Nottingham, NG80 7WF if you want to receive details of the fraud prevention agencies.

        We and other organisations may access and use the information recorded by fraud prevention agencies from other countries.

      5. Public bodies, law enforcement and regulators

        The Garda Siochana and other law enforcement agencies, as well as public bodies such as local and central authorities can sometimes request personal information. This may be for the purposes of preventing or detecting crime, apprehending or prosecuting offenders, assessing or collecting tax, investigating complaints or assessing how well a particular industry sector is working.

      6. Individuals

        You can obtain a copy of the information we hold about you. See section Your rights to how we use your personal information for further information on how you can do this.

        • We will use your payment information to show how well you are paying your bills. This information will be shared with other organisations through our Payment Performance programme.

      For further information on how this works please see the Information Notice.

  7. Where in the world do we send information?

    Experian operates in Ireland with our main databases hosted in the UK. We also operate elsewhere in and outside the European Economic Area, so we may access your personal information from and transfer it to these locations as well. Don't worry though, any personal information we access from or transfer to these locations is protected by European data protection standards.

    Click below to find out more about where we send your information and how it is protected.

    While countries in the European Economic Area all ensure rigorous data protection laws, there are parts of the world that may not be quite so rigorous and don't provide the same quality of legal protection when it comes to your personal information.

    To make sure we keep your personal information safe, we apply strict safeguards when transferring it overseas. For example:

    1. Sending your personal information to countries approved by the European Commission as having high quality data protection laws, such as Switzerland, Canada and the Isle of Man
    2. Putting in place a contract that has been approved by the European Commission with the recipient of your personal information that provides a suitable level of high quality protection, or
    3. Sending your personal information to a member organisation approved by the European Commission as providing a suitable level of high quality protection. For example, the Privacy Shield Scheme that exists in the US.
  8. Your rights to how we use your personal information

    If our right to process or share your personal information is based on the fact that you've given us consent, you have the right to withdraw that consent at any time by contacting us on 0044 (0) 115 941 0888.

    You can also ask for access to the personal information we hold about you and request that we correct any mistakes, restrict or stop processing or delete it. We will assess your request and subject to legal or overriding requirements to keep it we will act on your request, but please note that this does not mean that we will delete negative information about you if it is confirmed to be correct. Credit checking relies on having both positive and negative information in order for lenders to correctly assess your ability to repay any credit you receive. If that is the case, we will explain why. To request a copy of the personal information we hold about you, please follow this link to the DSAR Information Notice.

    In certain circumstances (e.g. where you provide your information to us (a) with consent to process it or (b) where the processing is necessary for the performance of our contract with you) you can require that we provide the information we hold about you either to you or a third party in a commonly used format. This only applies if we are processing it using automated means. If you would like more information about this, feel free to contact our Customer Services on 0844 481 8888.

  9. Problems with how we handle your information or rights

    We will try to ensure that we deliver the best levels of customer service but if you think we are falling short of that commitment, please let us know by contacting our Customer Services on 0844 481 8888. You may also see our full complaints handling procedure and how to make a complaint.

    If we cannot resolve things under that procedure, then if you are a qualifying business or an individual you may have the right to refer your complaint, free of charge, to the Financial Services and Pensions Ombudsman. The contact details for the Financial Services and Pensions Ombudsman are:

    1. Telephone: 01 567 7000, or from outside Ireland +353 1 567 7000
    2. info@fspo.ie
    3. www.fspo.ie
    4. Lincoln House, Lincoln Place, Dublin 2, D02 VH29

    You also have the right to contact the Data Protection Commissioner’s Office, the supervisory authority that regulates the handling of personal information in Ireland. You can contact them by:

    1. Going to their website at https://dataprotection.ie
    2. Phone on 00353 (0) 76 104 800
    3. Post to Data Protection Commissioner’s Office, Canal House, Station Road, Portarlington, Co. Laois, R32 AP23.

    You also have the right to contact the Information Commissioner’s Office (ICO), the supervisory authority that regulates the handling of personal information in the UK. You can contact them by:

    1. Going to their website at https://ico.org.uk/
    2. Phone on 0044 (0) 303 123 1113
    3. Post to Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF

    You may also have the option to register your complaint using the European Commission Online Dispute Resolution (ODR) platform http://ec.europa.eu/consumers/odr/. This is a web-based platform that is designed to help consumers who have bought goods or services online to deal with issues arising from their purchase.

  10. How we keep your personal information secure

    Online privacy and security is the most important aspect of any customer service and we take it extremely seriously. We use a variety of the latest technologies and procedures to protect your personal information from unauthorised access, destruction, use or disclosure.

    Click below to see more about our safeguards and security measures for handling your information.

    We have put in place various safeguards to ensure that individuals' whose personal information we handle are not unduly harmed by the activities we use their personal data for. These include making information available to individuals so that they understand how their personal data will be used by Experian, explaining their rights to obtain the information we hold and to have their information corrected or restricted and providing information about how individuals can complaint if they are dissatisfied.

    We restrict access to your personal data to those employees, and third parties, who need to know that information to provide products or services to you. We maintain physical, electronic, and procedural safeguards to protect your personal data.

    Experian have a comprehensive Global Security Policy based on internationally recognised standards of security (known as ISO27001 standard) and holds ISO27001 certification in the key areas of Global Security

    Admin team who are responsible for administering logical access to systems and in the Data Centre.

    Experian has a dedicated Cyber Security Investigations team who safeguard Experian's key assets such as its systems and storage facilities. This team, identify and effectively manage any security developments that may threaten Experian's people, process, or technology through intervention and the thorough investigation of security incidents. Experian holds Cyber Essentials Certification and performs risk assessments against our critical and external facing applications annually.

    Experian is annually audited by an External QSA (Qualified Security Assessor) from Trustwave and have successfully maintained compliance since 2010.

  11. How long we keep your personal information for

    We'll keep your personal information for the periods set out in the section 'What information we collect' above, and where we were not able to give a specific period, we will keep it only as long as we need it to provide the Experian products and services you've signed up to. We may also keep it to comply with our legal obligations, resolve any disputes and enforce our rights. These reasons can vary from one piece of information to the next and depend on the products or services you're signed up to, so the amount of time we keep your personal information for may vary.

    Click below to see more details about the logic behind how long we keep your information.

    Contact Information

    Contact information such as names and addresses are kept while there is a continuing need for us to have it.

    Payment information

    Payment information such as card and bank details are kept while there is a continuing need for us to have it.

    Security details

    Security check information such as date of birth and answers to questions such as "what is your mother's maiden name?" are kept while there is a continuing need to retain it.

    Device Information

    Device information such as how you connect to the internet and screen resolution are kept while there is a continuing need to retain it.

    Other

    Finally, in some products and services we offer services such as free text chat. We will retain this information for up to 30 months in case it is required to resolve any disputes or complaints. After which it will be deleted or anonymised and retained to help with product development and customer service.

    In all of these cases, our need to use your personal information will be reassessed on a regular basis, and information which is no longer required for any purposes will be deleted/disposed of securely.

  12. Changes to this Privacy Policy

    We can update this Privacy Policy at any time and ideally you should check it regularly for updates. We won't alert you to every little change, but if there are any really important changes to the Policy or how we use your information we'll let you know and where appropriate ask for your consent.