Chat with us on Discord
Unified.to
Case study: How Humi saved $1m in engineering costs with Unified.to

GeneralDataProtectionRegulation(GDPR)

Date of last revision: July 10, 2023

Unified is serious about security (https://unified.to/security). To support our customers that collect and process the personal data of European citizens, Unified has implemented the required controls and procedures to comply with the obligations of a data sub-processor under the GDPR.

GDPR Classification

Data Sub-Processor

Individual in charge of GDPR compliance

Alexey Adamsky, CTO

Data Protection Officer

Alexey Adamsky, CTO

Purpose of Processing

To enable our API integration service in our customers' applications, who themselves are classified as data processor in the GDPR. For additional details, see our Privacy Policy (https://unified.to/privacy).

Lawful Basis of Processing and Consent for End Customer data

End-Customer: Consent is given by the End Customer's acceptance when they grant access to their data through the authorization process, whether via Unified's API Token authorization page, or via an integration vendor's OAuth2 authorization page. The End Customer can withdraw their authorization by contacting our customer (the data processor) or by contacting Unified's support team (https://unified.to/contact)

Customer: Consent is given by the Customer, which gives Unified permission to process personal data for the purpose of providing the Service to their End-Customers.

Withdrawal of consent (opt out)

Customer: For Customers, withdrawal of consent after initial consent/opt-in is available via termination of their agreement with Unified.

End-Customer: For End-Customers who have authorized an account with Unified through a Customer's application, withdrawal of consent may be accomplished by removing their consent on the Customer's application where they originally granted access.

Deletion policy

Customer: For Customers, deletion of their account's data is available via termination of their agreement with Unified.

End-Customer: For End-Customers, as there is NO data stored on Unified's resources, no action is required. They may contact the Customer where their data maybe stored in the Customer's application.

Data Access / Modification / Portability

Customers can access, modify and download their data directly from the Unified application.

End-Customers will need to contact the Customer as none of their data is stored on Unified's resources.

Security Controls

Unified maintains a strong set of security posture and features. For more details, please visit https://unified.to/security.

Notification of Data Breach

Please contact us via our Support page at https://unified.to/contact.

Data Processing Agreement (DPA)

Our DPA is available here.

Sub-Processors

Our list of sub-processors is available here.