Experian treats data with respect, because data is the lifeblood of our business. Ensuring we collect, store and manage data safely and appropriately is fundamental to how we do business.
We continually enhance our security infrastructure and practices by investing in state-of-the-art technology. At Experian, information security is everyone’s responsibility as part of the Experian culture. We invest significantly in training and awareness on information security.
We are aligned with industry best practice
Being part of a global organisation, we seek to align to best practices laid down by various regulators around the world. We are licensed by the NCR, a member of the CBA, SACRRA and the DMASA.
Our suppliers & clients safeguard your information
We have processes of due diligence when choosing suppliers and clients to work with, and we continually monitor these relationships. We only work with service providers and resellers who meet our high standards of compliance with data protection requirements.
This is to make sure that we don't use personal data in a way that could cause harm to you. We require both suppliers and clients to use appropriate security measures to safeguard your information.
Our main database is hosted in Stellenbosch and Johannesburg, South Africa and, as such, your personal information will, on the whole, remain within South Africa.
However, our clients and Experian also operate elsewhere in the world and may access your personal information from these locations as well. We will also sometimes engage service providers to support our business, and they may be based or use data centres overseas. Where our service providers or we do so, then we will ensure your personal information is adequately protected.
There are different ways that this can be achieved, for example, where it is transferred to a country that has adequate protection in place, subject to a corporate bindings rule programme or by putting contracts in place to ensure it is protected or with consent.
To find out more about how we use your data, visit our Data Use page.
We keep your personal information for as long as needed to service our clients, and no longer.
Sometimes we may need to keep your data to comply with our legal obligations, resolve any disputes, or enforce our rights. These reasons can differ based on the type of information and the service we're offering, so the amount of time we keep your personal data may vary.
In all cases, our need to store and use your personal information will be reassessed on a regular basis. Any information we no longer require is safely disposed of.
At Experian, we have a number of processes running through our entire business to ensure we protect your data and rights.
Our Compliance team and Data Privacy Office consider the impact of any use of personal data in our products and services before it takes place. This is so any potential negative impacts to you can be identified and eliminated.
And we regularly run compliance assessments on our clients' use of data.
Finally, everyone at Experian must participate in regular data protection training. Information security compliance training is completed annually for all Experian employees and is mandatory.
We make use of various validation and quality checks to assess the quality and accuracy of that data to ensure it is accurate and up to date.
We constantly assess the analytical techniques we use to build our models and segmentations to ensure that the results are as accurate as possible.
This Trust Centre contains lots of information to provide transparency on topics such as what we do with personal data, where this comes from, and how you can exercise your data rights.
We will continue to evolve the Trust Centre in line with consumer, industry and regulator feedback to ensure ongoing and enhanced future transparency.
Individuals can find out about how we handle personal data across our entire business by visiting our Trust Centre.