How do you ensure data privacy?

We prioritize privacy in our platform design, collecting only necessary data and anonymizing it whenever possible. Our robust technical and physical safeguards protect your information, and we strictly comply with privacy laws, ensuring minimal data retention.

What happens in the event of a security breach?

If we detect a security breach, we will promptly inform you and assist in mitigating any adverse effects. This commitment is part of our dedication to maintaining the highest standards of data security and privacy.

How do you manage information security?

We follow an information security management approach based on ISO 27001 and 27002 standards. Our approach includes industry best practices and continuous improvement. We provide regular training to employees on data protection and security best practices to keep them aware and prepared.

What measures do you have for system access and control?

We have several measures to prevent unauthorized access to data processing systems. These include secure user authentication, role-based access control, strong password policies, multi-factor authentication for sensitive systems, and regular access log reviews.

How do you handle privacy and security incidents?

We have a documented incident response plan to detect and manage data breaches or security incidents. If an incident occurs, we promptly notify you, provide relevant details, and work with you to mitigate any adverse effects. We also share information and documentation for investigations if needed.

What technical measures do you use for data protection?

We implement network security measures, such as firewalls and intrusion detection systems. Data is encrypted both at rest and in transit using strong protocols. We also ensure secure coding practices and conduct regular code reviews to identify vulnerabilities.

How do you ensure compliance and handle audits?

We comply with all applicable security and privacy laws and regulations. You may verify our compliance by requesting documentation or conducting audits. We ensure our subcontractors adhere to similar security standards and are contractually bound to do so.

What is the purpose of the DPA?

The DPA is designed to outline our agreement with you on processing personal data in line with data protection laws. It details how we, as the Processor, and you, as the Controller, manage personal data, ensuring we both comply with privacy regulations such as the GDPR.

What data is considered Personal Data?

Personal Data includes any information that can identify an individual, which you provide to us. It covers data related to your users, employees, and other individuals that we process in connection with the services we offer to you.

What are my rights regarding audits?

You have the right to audit our compliance with this Agreement once a year, or more frequently if required by law. We ask you to submit an audit plan in advance, and any third-party auditors must be mutually agreed upon by both of us.

Contact sales

Features

Data and privacy

Find out how we deal with privacy when you visit our website or when you and your users interact with our platform.

Privacy protection overview

As a quick introduction, here are some of the key concepts that we handle when dealing with privacy.

Cookieless by default.: By default, our system doesn't use cookies. However, for audience segmentation, personalization, and A/B testing, cookies may be required. In that case, you should connect your consent mechanism to our Consent API.
Separation of personal data and system data.: By default, Unless filters all Personally Identifiable Data from user input and AI training data. However, after consent or with legitimate interest, some customers may submit third-party data. We store this data in Europe only, in a protected "privacy vault".
Privacy vault.: Our data privacy vault technology isolates, protects, and governs sensitive customer data. Tokenization replaces sensitive data with tokens, providing an extra layer of security. Sensitive data is stored in the vault, while de-identified data is used in other cloud storage and downstream services like the AI models.

unless.com

Frequently asked questions

: We prioritize privacy in our platform design, collecting only necessary data and anonymizing it whenever possible. Our robust technical and physical safeguards protect your information, and we strictly comply with privacy laws, ensuring minimal data retention.

: If we detect a security breach, we will promptly inform you and assist in mitigating any adverse effects. This commitment is part of our dedication to maintaining the highest standards of data security and privacy.

: We follow an information security management approach based on ISO 27001 and 27002 standards. Our approach includes industry best practices and continuous improvement. We provide regular training to employees on data protection and security best practices to keep them aware and prepared.

: We have several measures to prevent unauthorized access to data processing systems. These include secure user authentication, role-based access control, strong password policies, multi-factor authentication for sensitive systems, and regular access log reviews.

: We have a documented incident response plan to detect and manage data breaches or security incidents. If an incident occurs, we promptly notify you, provide relevant details, and work with you to mitigate any adverse effects. We also share information and documentation for investigations if needed.

: We implement network security measures, such as firewalls and intrusion detection systems. Data is encrypted both at rest and in transit using strong protocols. We also ensure secure coding practices and conduct regular code reviews to identify vulnerabilities.

: We comply with all applicable security and privacy laws and regulations. You may verify our compliance by requesting documentation or conducting audits. We ensure our subcontractors adhere to similar security standards and are contractually bound to do so.

: The DPA is designed to outline our agreement with you on processing personal data in line with data protection laws. It details how we, as the Processor, and you, as the Controller, manage personal data, ensuring we both comply with privacy regulations such as the GDPR.

: Personal Data includes any information that can identify an individual, which you provide to us. It covers data related to your users, employees, and other individuals that we process in connection with the services we offer to you.

: You have the right to audit our compliance with this Agreement once a year, or more frequently if required by law. We ask you to submit an audit plan in advance, and any third-party auditors must be mutually agreed upon by both of us.

Ask your question

Data and privacy

For website visitors

For platform users

General compliance

Privacy protection overview

Frequently asked questions

Company

Product

Support

Legal