TransUnion (formerly Callcredit Information Group) offers organisations multiple ways to engage with their customers and prospects and helps clients grow their businesses through multi-channel campaigns.
We view the EU General Data Protection Regulation (GDPR) as the biggest regulatory change affecting data in the past 20 years. Common sense dictates that every organisation who owns, uses or stores personal data for any purpose needs to be rigorous in their preparations for the May 25 deadline.
Getting the right approach to GDPR will vary by organisation but will no doubt require both an education process and a shift in culture, especially as GDPR compliant data usage embeds itself within processes.
As Steve McNicholas, Managing Director – Credit and Marketing Data, TransUnion (formerly Callcredit Information Group), has stated; “We are in the age of the empowered consumer where we all recognise the importance and value of our own personal information.
“Credit reference agencies are an integral part of the consumer lending process and wider information ecosystem. Helping people understand how their data is used and shared and how they can challenge its accuracy is an important issue. We often take for granted how data sharing has evolved and how it now enables people to apply for tailored financial products and gain an instant decision. The mechanics of what sit behind this are of increasing interest to information hungry consumers – transparency is key.”
With this in mind you should be considering approaches such as a single customer view so you can ensure you identify all of any particular consumer’s data you hold.
Being transparent and providing accessible, easy-to-understand information to individuals about how you will use their personal data is a key element of the Data Protection Act 1998 and the GDPR.
The most common way to provide this information is in a privacy notice and in many situations where organisations obtain personal data as part of a simple transaction it should be straightforward to use the key recommendations in the code of practice to develop a clear and effective privacy notice.
As a business, we’ve built our reputation by horizon scanning and consistently reviewing our product suite and approaches. We’ve done this through a lens that puts the integrity of marketing data for organisations and consumers first.
These actions created new standards of good practice and consolidated our position as a leading provider of consumer data in the UK marketplace.
As a leader in the data and software space we have been preparing for GDPR since it was announced over two years ago and believe we should be actively leading the discussion and helping to demonstrate what best practice looks like to the industry.
In October 2017 we worked with other credit reference agencies (CRAs) and trade and industry bodies to launch the Credit Reference Agency Information Notice (CRAIN).
CRAIN was produced in readiness for the implementation of GDPR and the notice ensures that the financial industry delivers standardised, clear and consistent information to consumers to explain how CRAs use and share personal information, the type of information they hold, where it comes from and the legalities of handling personal data.
The document addresses the requirements of GDPR to ensure credit data sharing can continue to support responsible lending, to help combat fraud and money-laundering and support the fair and proportionate collection of debt.
CRAIN is hosted on each of the three main CRAs’ websites so that lenders and other financial providers can easily direct their customers and prospective customers to the information it provides. Alongside our GDPR report and research on a single customer view they provide further examples of how we are preparing our business for regulatory change and are also providing clients and organisations useful insight and commentary on what GDPR means and approaches we think are worth considering to tackle it.