Privacy at Equifax
Data powers today’s modern economy. Equifax is committed to responsibly and appropriately using personal data, striking a balance between respecting individuals’ privacy and powering the world with knowledge. Equifax understands people want more control over how their personal data is collected, used, shared and protected. We’ve taken steps to provide individuals with more control over their data and follow the below principles to guide our decisions regarding data.
Our Privacy Principles
Quality
At Equifax, data is at the core of our business, and we believe data-driven knowledge drives progress. Equifax is committed to maintaining and using data that is accurate, relevant, and timely.
Stewardship
Equifax recognizes that collecting data carries with it certain responsibilities. We will be transparent about how we use and safeguard data in our possession.
Partnerships
Privacy is a core concern when we share or receive data. We will evaluate both sources and recipients of data for alignment with our values.
Designing for Privacy
Equifax recognizes privacy is an important societal value. Equifax will take privacy into consideration as we grow our products, services, and standards.
Transparency and Control
We are committed to providing transparency over our collection, use, and sharing of data, and providing you with greater control over your data. For our United States business, we’ve consolidated most of our privacy policies into our new, comprehensive Equifax Privacy Statement. Our revised privacy statement discusses how we collect, use, and share data across all of our businesses, and provides greater detail over the types of data we collect. We’re committed to continually updating our privacy statement to reflect changes to our business and provide you with ongoing transparency over the use of your data.
The privacy statement also describes the methods through which you can control your data, as does our FCRA Summary of Rights page. Additionally, we are committed to meeting the obligations of evolving and complex laws granting individuals greater control over their data, both in the United States and internationally. For example, we maintain websites through which individuals can exercise their rights under the California Consumer Privacy Act and its successor, the California Privacy Rights Act , the Virginia Consumer Data Protection Act , the Colorado Privacy Act , the Connecticut Data Privacy Act , and the Utah Consumer Privacy Act . We also maintain websites through which individuals can exercise their rights under international privacy laws, including the Data Protection Act , the United Kingdom’s implementation of the EU’s General Data Protection Regulation (GDPR), and our Australian Privacy Policy describes how individuals can exercise their rights of access and correction under the Australian Privacy Act.
The privacy statement also describes the methods through which you can control your data, as does our FCRA Summary of Rights page. Additionally, we are committed to meeting the obligations of evolving and complex laws granting individuals greater control over their data, both in the United States and internationally. For example, we maintain websites through which individuals can exercise their rights under the California Consumer Privacy Act and its successor, the California Privacy Rights Act , the Virginia Consumer Data Protection Act , the Colorado Privacy Act , the Connecticut Data Privacy Act , and the Utah Consumer Privacy Act . We also maintain websites through which individuals can exercise their rights under international privacy laws, including the Data Protection Act , the United Kingdom’s implementation of the EU’s General Data Protection Regulation (GDPR), and our Australian Privacy Policy describes how individuals can exercise their rights of access and correction under the Australian Privacy Act.
Effective Governance
We are committed to embedding privacy into all aspects of our business, and we believe that commitment should be transparent and accountable. To support a comprehensive approach to privacy, we selected the National Institute of Standards and Technology (NIST) Privacy Framework as the foundation for our privacy controls. The flexible, risk-based structure of the NIST Privacy Framework allows us to establish our strategic priorities, assess risk across our enterprise, navigate regulatory requirements and drive progress to build innovative products and services.