Privacy Statement

Effective: January 1, 2022

Our privacy stance

At Unipr, ensuring our customers' data security and privacy is the second most important thing we do here, right behind product innovation.

Our work management and data warehousing product is a cloud-based, managed, standardized, tested, and externally audited platform with robust permissions and access controls that scale to meet customer demand.

Everybody at Unipr takes our customers' trust and data security seriously. Our team has deep and broad experience in staying compliant with the demanding security and privacy needs of Fortune 500 companies.

We provide customers with enterprise-grade security and centralized administration so that our customers authorized users can confidently store and efficiently analyze all their data in our cloud service.

Since our customers authorized users may access and use our service from all over the world, subject to Unipr's agreement with customers and applicable laws, this privacy statement applies to all our customers and their authorized users.

We continually update our platform with industry standards and best practices for the security and privacy of data to earn our customers' trust. And we proactively deploy cutting-edge technologies to safeguard against established and emerging threats.

As you use and interact with Unipr's websites, products, and services, we process information from and about you to provide you access to our tools, enhance your experience, and expedite our support when you need it.

That means we collect, use, transmit, store, share, and erase your information. This Privacy Statement describes how Unipr processes your data and explains the choices available to you concerning your information.

Our relationship with you

Through our Enterprise Master Services Agreement with your company, organization, or institution, we provide you access to Unipr's services. Unipr is the processor/service provider, and your company is the controller of the information provided to Unipr via your use of Unipr.

Your company's Unipr administrator is responsible for all authorized users associated with your company, organization, or institution and can: restrict, suspend, or terminate your access to use our services, access information about you, retain your information stored with us (including your workspace content and data about your use of Unipr), and restrict your ability to edit, restrict, modify, or delete information associated with your use of our products and services.

How we process your information

Unipr processes information we receive directly from you, automatically collected when you use Unipr or visit one of our websites, and collected by Unipr from third parties.

However, this Privacy Statement does not apply to the processing of your information by third parties through your use of any third-party integrations available through our services.

Please visit those third-party websites for more information on their privacy and data protection practices.

For creating an account
This includes information needed for Unipr to create an account for you and manage your ability to log in and out of Unipr. Identifiers, such as first and last name and email address. Your password for Unipr - hashed, unique, long, and strong. Information related to third-party single sign-on and authentication identity providers, such as PingIdentity or Okta.

While working with Unipr
Information you provide in portfolios, programs, projects, milestones, and tasks. Information uploaded to Unipr, such as attachments. Profile photo and other information you choose to include to describe yourself. Video and audio recordings, and transcripts of those recordings. Professional or employment information, such as your title or role at your company. Any other information you choose to provide while using Unipr that identifies or can be reasonably associated with you.

While interacting with Unipr
You may voluntarily share information when you interact with us in other ways, such as when you directly interact with Unipr staff, such as our user research, user support, and our product or operations groups.

Unipr may process your requests, questions, and responses to us via forms or email. Information you may provide to Unipr in research studies if you choose to participate in them.

Information you share to verify your identity, your audio and video if you participate in a sales call or user research study and do not opt-out of call recording, which may also involve collecting biometric information associated with the call recordings.

While visiting our websites
We may also collect the following information when you are accessing our websites - metadata and inference information related to your use of Unipr, our websites, and third-party integrations to better understand how you work in Unipr. 

We may log actions you take while you are using Unipr. Including but not limited to your workspace, work you assign or are assigned, as you create and delete tasks or comments, features and content you interact with, types of files you share, and any third-party integrations you use.

Internet network activity, cookies, and similar tracking technologies, including data our servers automatically record, such as your web request, IP addresses, browser types, and settings, referring/exit pages and URLs, number of clicks, date and time stamp information, language preferences, and other such information.

Information about how you interact with our marketing websites, like Unipr.com, such as where you click, how long you visit a page, your scrolling, mouse hovers, and other data to help us better understand your experience and provide you with the best user experience.

Device information and activity when you use Unipr via a mobile device, such as the type of device you are using, device IDs, OS version, and mobile network information, which may include your mobile phone number. And any derived device geolocation information, such as approximate geographic location inferred from an IP address.

While using other sources
Sometimes Unipr receives your information from third parties (other individuals, marketing services, third-party integrations), which may include - information from third-party integrations you set up with Unipr. For example, a third-party integration may give us access to information stored in that third party that Unipr will process to facilitate the integration: name, email, and business contact information. Information about you provided to us by other users of Unipr.

How we use your information

Unipr may use your information to operate our products and services, communicate with you, and prevent security and fraud. We may process your information to:
1. Maintain, provide, and improve our products and services.
2. Analyze and research how you interact with our websites and applications.
3. Help us better understand user interests and needs and customize Unipr for you.
4. Protect Unipr and you, for example:
a. Securing our systems and products against fraud or unauthorized activity
b. Identifying, troubleshooting, and fixing bugs and errors
c. Complying with global laws and regulations
5. Investigate (in good faith) alleged violations of our User Terms of Service
6. Comply with a valid legal subpoena, request, or other lawful processes that meet the requirements of our Law Enforcement Guidelines or that we otherwise determine is necessary to respond to
7. Unipr will process your personal information as required by our contract with your company, organization, or institution. Those contractual terms may differ from, and take precedence over, the uses described in this Privacy Statement.

In addition, we may use information about your use of Unipr, account information (e.g., your email, name), and information related to third-party integrations to:
1. Communicate with you:
a. About Unipr by phone, text, email, or chat
b. Share important notices and updates, product changes, and other necessary notices such as security and fraud alerts.
c. Advertise or market Unipr services to you. You can unsubscribe from promotional communications at any time.
2. Facilitate reporting and analyze the performance of the Unipr platform or features available in Unipr.
3. Provide webinars or public presentations.
4. Demonstrate Unipr or provide you access to a trial Unipr instance.
5. Process your information as per your direction.
6. Provide cross-device management of your account. For example, we may locate or try to locate the same unique users across multiple browsers or devices (such as smartphones or tablets) or work with service providers that do this to save your preferences across devices and analyze the usage of our products and services. If you wish to opt-out of Google's ability to locate you across devices in this way, you may install the Google Analytics Opt-out Browser Add-on by clicking here.

And to provide you with support and get your feedback:
1. Respond to your requests for information.
2. Help identify and troubleshoot any issues with your account and answer your questions.
3. Resolve support requests.
4. Provide you with reports about the usage.
5. Survey your opinions through surveys, research studies, and questionnaires.

Combined Information: Unless otherwise prohibited by law, we may combine the information that we collect through your use of our products and services with information that we receive from other online and offline sources and use that combined information as stated above.

Aggregated and De-identified data: We may aggregate and de-identify information related to your use of Unipr so that such information can no longer be linked to you or your device.

We may use such aggregated and de-identified data for any purpose, including but not limited to research purposes and to improve our artificial intelligence, machine learning, and prediction algorithms.

How we share your information

We need to share the information we collect about you to make our products and services run smoothly and to operate our business under the following conditions:

1. We may provide access to or share your information with select third parties that use the information on our behalf to assist in providing Unipr's services, website, and features. These third parties provide a variety of services to us, including data storage, security, fraud prevention, and other services, without limitation.

2. Because you ask us to share, we may disclose your information to third parties when you ask us to do so. This includes when you connect Unipr with other tools via our available integrations.

3. Consistent with your settings within our products and services. Please note that the information you submit through and share in Unipr may be viewable by other users in your workspace, team, division, or organization, depending on your selected settings.

4. If the ownership of all or substantially all of our business changes, or all or some of our assets are sold as part of a bankruptcy or other proceeding, we may transfer your information to the new owner so that the services can continue to operate. In such case, your information would remain subject to the promises and commitments contained in this Privacy Statement until the acquiring party updates it. If such transfer is subject to additional mandatory restrictions under applicable laws or agreements, Unipr will comply with those restrictions.

5. To comply with a valid legal subpoena, request, or other lawful processes that meet the requirements of our Law Enforcement Guidelines. We will notify individuals or customers of that request unless we are prohibited from doing so by law or court order; or there are exceptional circumstances, such as an emergency involving the risk of bodily injury or death to a person or group of people or potential harm to minors.

6. Your company's Unipr administrator can export data associated with the domain they manage.

7. Our public forums, such as the Unipr community forum, allow you to upload and share comments or feedback with other users publicly. Any information you submit through such public forums is not confidential, and Unipr may use it for any purpose (including testimonials or other Unipr marketing materials).

We do not share your information with third parties for their marketing purposes. We do not sell your information as defined under applicable law.

Protection, storage, transfer, and retention of your information

Protection
Unipr takes technical and organizational measures to protect your information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.

However, no method of transmission over the Internet, and no means of electronic or physical storage, is 100% secure, so we use the prevailing industry best practices to ensure or warrant the security of that information as best possible. Accordingly, we are constantly updating and improving our safeguards.

Storage
When you use our products and services, some information about you gets transferred to the United States, where most of Unipr's data processing occurs.

Transfer
Unipr uses appropriate technical and operational safeguards for cross-border transfers of personal data collected in the European Economic Area (EEA), United Kingdom, and Switzerland, as required by applicable local law, including the Standard Contractual Clauses.

Privacy Shield
Unipr complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal data from the European Union and Switzerland to the United States, respectively.

In compliance with the EU-US Privacy Shield and Swiss-US Privacy Shield Principles, Unipr commits to resolving complaints about your privacy and our collection or use of your personal data.

Unipr is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) for its compliance with the provisions of the EU-US and Swiss-US Privacy Shield.

As a general practice, Unipr takes reasonable and appropriate steps necessary to ensure that any third party acting as a "data processor" under EU and Swiss terminology is processing the personal data we entrust to them in a manner that is consistent with the EU-US and Swiss-US Privacy Shield Principles.

Unipr is potentially liable in cases of onward transfer to third parties of data of EU and Swiss individuals received pursuant to the EU-US and the Swiss-US Privacy Shield, respectively.

Retention
We will retain your information for the period necessary to fulfill the purposes outlined in this Privacy Statement, to make our products and services available to you, or as instructed by you, unless a more extended retention period is required or permitted by law.

Other important privacy information

Use by children under 16
We do not knowingly process any information from or direct any of our products or services to children under 16.

Marketing Practices and Choices
If you receive an email from us, we may use certain analytics tools, such as clear GIFs, to capture data, such as when you open our message or click on any links or banners our email contains.

This data allows us to gauge the effectiveness of our communications and marketing campaigns. You may instruct us not to use your contact information to contact you by email, postal mail, or phone regarding products, services, promotions, and special events that might appeal to your interests by contacting us at the "Unipr Contact Info" section below.

In commercial email messages, you can also opt-out by following the instructions located at the bottom of such emails.

Please note that, regardless of your request, we may still use and share certain information as permitted by this Privacy Statement or as required by applicable law. For example, you may not opt-out of certain transactional, operational, or service-related emails, such as those reflecting our relationship or transactions with you.

Legal Bases for Processing Your Information
Our legal basis under the General Data Protection Regulation (GDPR) for collecting and using your information described above will depend on the particular type of information and the specific context in which we collect it.

However, some examples of legal bases for processing that we rely on:
1. Where use of your information is necessary to perform our obligations under a contract with your company
2. Where use of your information is necessary for our legitimate interests or the legitimate interests of others (for example, to provide security, operate our products and services, prevent fraud, analyze the use of and improve our products and services, and for similar purposes)
3. Where use of your information is necessary to comply with a legal obligation
4. Where we have your consent to process data in a certain way

Your privacy rights

Unipr users worldwide use our products to work together as one. Regardless of your location, we respect your ability to know, access, correct, export, restrict processing, and delete your information, and we have extended those rights globally. We will not discriminate against you for exercising your privacy rights.

Information About Your Rights
Upon your request, and subject to applicable legal exceptions, we will:
1. Provide access to and/or a copy of certain information we hold about you.
2. Prevent processing your information for promotional purposes (including any direct marketing processing based on profiling).
3. Update the information that is out of date or incorrect.
4. Delete certain information which we have about you.
5. Restrict how we process and disclose some of your information.
6. Transfer your information to a third-party provider of services.
7. Revoke your consent for the processing of your information.

California Rights
In addition to the rights and information listed above, California consumers and their authorized agents can request information about:
1. The categories of information we collect or disclose about you; the categories of sources of such information; the business or commercial purpose for collecting your information; and the categories of third parties we share or disclose your information. For your convenience and so you don't have to request it, we've included that information in this Privacy Statement.
2. The financial incentives that we offer to you, if any.

Unipr does not sell your data, as defined under applicable law, such as the California Consumer Privacy Act (CCPA).

Nevada Rights
Under Nevada law, certain Nevada consumers may opt out of the sale of personal information. We do not sell your data. However, if you are a Nevada resident, you may submit a request to opt-out of any potential future sales under Nevada law. Please note if needed, we may take reasonable steps to verify your identity and the authenticity of the request.

Exercising Your Rights
We will need to verify your identity and may need to verify your relationship with Unipr (for example, if you're an administrator of an organization or workspace within Unipr and you're making a request on behalf of another individual) for security and to prevent fraud.

If you are an end user of Unipr's services and not a direct customer of Unipr, i.e., your company uses Unipr, and you're an employee or authorized user or representative of that company, you should direct your requests relating to your information to the administrator of your company's Unipr account. Upon receipt of your query or request, we will redirect you to your administrator or notify the administrator directly.

Updates and questions

Updates
We will update this Privacy Statement to ensure it accurately reflects our data collection and use practices, advances in technology, or as applicable laws require.

We will comply with applicable legal requirements regarding providing you with notice and/or consent when we make such changes, depending on the type of change made.

Questions
Unipr is located at 333 W San Carlos St, Suite 600San Jose, California 95110. If you have questions about this privacy statement, please contact us at privacy@unipr.com.