What kind of information do we collect?
We may collect information in three ways.
- when you provide it directly to us;
- when we obtain information about you from third parties;
- passively through technology such as “cookies”.
The information that we collect and our use of that depend on what kind of user you are.
If you do nothing during your visit but browse through the website, read pages, or download information, we will gather and store certain information about your visit automatically. This information is anonymized and does not identify you personally. You may think of the following.
- The anonymized IP address from which you access our website;
- The type of browser, operating system, and device used to access our site;
- The date and time you access our site;
- The pages you visit, length of visits to certain pages, and page interactions;
- If you linked to the UNLESS website from another website, the address of that website.
When you register for an account on our site, the following information may be collected when you voluntarily provide it to us.
- Your full name;
- Email addresses;
- Your location and address;
- Bank account information, credit and debit card names and numbers;
- Company names and job titles;
- Social media handles;
We collect your direct input to the Application Services after login, like the domain name(s) of the website(s) where you implement the Application Services and configuration of the content, design, and behavior of your web pages towards website visitors (“End Users”).
System Generated Data
The Application Services automatically create and store metadata on basis of the other types of data, e.g.:
- Subscription data, like start date and latest invoice date;
- Usage data;
- Aggregated statistical data on End Users such as goal completion rate.
What do we use your information for?
Any of the information we collect from you may be used for one or more of the following purposes.
- To personalize your experience (the information will help UNLESS better respond to your individual needs);
- To enable you to control the user experience towards End Users;
- To improve our website;
- To identify you as a contracting party;
- To enable secure login for you;
- To establish a primary channel of communication with you;
- To enable our payment provider to issue valid VAT invoices and to process transactions;
- To enable automated handling of the subscriptions;
- To send emails.
The emails we send may contain:
- responses to inquiries, and/or other requests or questions
- information and updates pertaining to your order
- company news, product and feature updates
- service information, etc.
We agree to the following:
- Not use false or misleading subjects or email addresses;
- Identify the message as an advertisement in some reasonable way;
- Include the physical address of our business or site headquarters;
- Monitor third-party email marketing services for compliance, if one is used;
- Honor opt-out/unsubscribe requests quickly;
- Allow users to unsubscribe from future emails by using the link at the bottom of each email.
How do we protect your information?
UNLESS implements the following technical, physical, and organizational measures to maintain the safety of your personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized use, unauthorized modification, disclosure or access, and against all other unlawful forms of processing.
The Application Services utilize the extensive features of the cloud environment to ensure high availability, like full redundancy, load balancing, automatic capacity scaling, continuous data backup and geo-replication along with a traffic manager for automatic geographical failover on datacenter level disasters. All failover mechanisms are fully automated.
To ensure integrity, all data transits are encrypted to align with best practices for protecting confidentiality and data integrity. E.g. all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology and then encrypted into our payment gateway provider’s database only to be accessible by those who are authorized to access such systems and who are required to keep the information confidential.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential.
UNLESS will at all times keep you informed about changes to the processes to protect data privacy and security, including practices and policies.
We do not use vulnerability scanning and/or scanning to PCI standards. An external PCI compliant payment gateway handles all payment transactions. We use regular Malware Scanning.
Compromise of Personal Information
In the event that personal information is compromised as a breach of security, UNLESS will promptly notify our customers in compliance with applicable law.
Cookies and other tracking technologies
The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies, we need your consent. You can set your browser to notify you before you receive a cookie, giving you the chance to decide whether to accept it. You can also set your browser to turn off cookies; however, if you do this, some of our Website may not work properly. Your cookie consent applies to the following domains:
- All other subdomains of unless.com
You can at any time change or withdraw your consent by sending an email to our Data Privacy Officer.
Types of cookies
These cookies are necessary to provide you with services available through UNLESS websites and to use some of its features, like access to secure areas of the website. Without this data, services that you requested may not be available.
- Google Tag Manager
These cookies help us understand how visitors interact with UNLESS websites. Most of the information that these cookies collect is aggregated and therefore anonymous, although for registered users this can be related to their accounts.
- Google Analytics
You may disable any of these cookies via your browser settings. If you do so, various functions of the Website may be unavailable to you or may not work the way you want them to.
These cookies enable us to provide enhanced functionality, such as live chat. They may be set by us or by third party providers whose services we have added to our pages. If you opt-out of these cookies, then some or all of these functionalities may not function properly.
- Intercom You may disable any of these cookies via your browser settings. If you do so, various functions of the Website may be unavailable to you or may not work the way you want them to.
These cookies may be set through our site by our advertising and other partners to track the performance of our advertisement campaigns. They may be used by those companies for remarketing purposes to show you relevant adverts on other sites.
- Google Dynamic Remarketing
You may disable any of these cookies via your browser settings. If you do so, advertising messages may be less relevant to you.
Disclosure of information to outside parties
UNLESS does not sell, trade or otherwise transfer to outside parties any personally identifiable information. This does not include trusted third parties, affiliates, or subcontractors who assist us in operating our website, conducting our business, or servicing you. Such trusted parties may have access to personally identifiable information on a need-to-know basis and will be contractually obliged to keep your information confidential.
We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect our or others’ rights, property, or safety. Furthermore, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
In addition, in the event of a merger, acquisition, reorganization, bankruptcy, or other similar events, any information in our possession may be transferred to our successor or assignee.
Legally required disclosure
UNLESS will not disclose the customer’s data to law enforcement except when instructed by you or where it is required by law. When governments make a lawful demand for customer data from UNLESS, UNLESS strives to limit the disclosure. UNLESS will only release specific data mandated by the relevant legal demand. If compelled to disclose your data, UNLESS will promptly notify you and provide a copy of the demand, provided we are not legally prohibited from doing so.
Where do we store the information?
No personal data will be stored or backed up outside of the European Union.
Access, data portability, migration, and transfer back assistance
You may at any time obtain confirmation from UNLESS as to whether or not personal data concerning you are being processed. You may at any time order a complete data copy, which you may transmit to another controller of the data. Your data will be delivered within 20 working days by UNLESS in machine-readable form. Logical relations between datasets will be preserved in form of unique identifiers. You are required to pay € 900 plus any applicable taxes on delivery for each data copy order.
Request for rectification, restriction or deletion of the personal data
For any inquiries regarding your personal data, please reach out to our Data Privacy Officer.
You may at any time obtain without undue delay rectification of inaccurate personal data concerning you.
Restriction of processing personal data
You may at any time request UNLESS to restrict the processing of personal data if any of the following applies.
- if you contest the accuracy of the personal data, for a period enabling UNLESS to verify the accuracy of the personal data;
- if the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead; or
- if UNLESS no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims.
You may without undue delay request the erasure of personal data concerning you, and UNLESS shall erase the personal data without delay if one of the following situations applies.
- if the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- if you withdraw your consent on which the processing is based, and where there is no other legal ground for the processing;
- if you object to the processing in case the processing is for direct marketing purposes;
- if the personal data have been unlawfully processed; or
- if the personal data have to be erased for compliance with a legal obligation in EU or national law.
Due to tax regulations, Account Data will be retained for up to five full fiscal years from your cancellation of your Application Services account. Configuration Data will be erased immediately when you cancel the Application Services account.
Data retention for compliance with legal requirements
You cannot require UNLESS to change any of the default retention periods, except for the reasons for erasure pursuant to clause 9.3, but may suggest changes for compliance with specific sector laws and regulations.
Data restitution and/or deletion
No data except Account Data will be retained after the termination of the contract. You may request a data copy before termination. You must not cancel the Application Services account until the data copy has been delivered, as UNLESS otherwise will not be able to deliver the data copy.
UNLESS uses the extensive range of built-in logging features and audits trails provided by Amazon Web Service. UNLESS also logs all system updates, configuration changes, and access to provide an audit-trail if unauthorized or accidental changes are made.
UNLESS will cooperate with you in order to ensure compliance with applicable data protection provisions, e.g. to enable you to effectively guarantee the exercise of data subjects’ rights (right of access, rectification, erasure, blocking, opposition), to manage incidents including forensic analysis in case of security breach.
Use of this Website by minors
UNLESS is in compliance with the requirements of the Children’s Online Privacy Protection Act. We will not intentionally collect any information from anyone under 13 years of age. Our website, products and services are all directed at people who are at least 18 years old or older.
Terms of Service
You may at any time lodge a complaint with a supervisory authority regarding UNLESS’s collection and processing of your personal data. In the Netherlands, you can lodge a complaint with the Dutch Data Protection Agency.