Privacy Policy

Unitary is a rapidly growing start-up developing solutions that blend human expertise and AI agents to handle manual customer and marketplace operations tasks. We believe in an online world free from harm, where we can trust AI to make safe and fair decisions.

📮 Our contact details

Email: contact@unitary.ai

Address: Arquen House, 4-6 Spicer Street, St. Albans, England, AL3 4PQ

❓  What is this notice all about?

We want to be completely transparent about how we collect and use your personal data and this privacy notice exists to tell you exactly how we do this.

This notice applies wherever we decide why and how we process personal data (and therefore act as a Data Controller under data protection law). It also covers the personal data we process when we act on behalf of our clients (and therefore act as a Data Processor under data protection law).

Our privacy notice tells you the journey of your personal data from the moment it enters our systems up until it's time for us to say "goodbye 👋*"*, as well as the various stops it makes along the way.

👇  The different ways we process personal data

When we work with our customers

  • 🗂️  What personal data do we collect, why do we collect it, and what legal basis do we rely on?

💡 Personal data is anything that can identify an individual, either on its own or through combining it with other factors that could eventually identify an individual.

When we work with a customer, we will require the name, email address, phone number and job title of our primary contact on the customer side in order to manage our contractual relationship.

We have two products - the legacy AI-only solution and the current Virtual Agent product that is a blended AI and human solution. Customers on both products will provide data to Unitary for content classification, moderation or customer operations task completion, sending via the Unitary API or providing system log-in credentials for Unitary to retrieve the relevant content via an automated process. The data may be text, image or video that may contain personal data that could be personally identifiable. We complete the respective tasks and will return the results to the customer. We are a Data Processor for that data and thus rely on our customers (the data controllers) to have obtained the necessary notices, consents or any other legal basis requirements for the data transfer to us.

We rely on Article 6(1)(b) of the GDPR - Contractual obligation to collect this data, as it is required for us to provide this service.

We will collect details for invoicing; which will include a contact name and details at your company. We rely on Article 6(1)(b) of the GDPR - Contractual obligation to collect this data, as it is required for us to provide this service to you.

  • 🗺️  Where do we store it?

Our primary AWS server is in US where we store most customer data, but upon customer request we may also store data in the EU. We also have subprocessors like OpenAI that may store data in the US. We will use appropriate measures to secure the transfer, including Privacy Framework Certification, Standard Contractual Clauses (SCCs) and the UK Addendum where appropriate, or the UK International Data Transfer Agreement (IDTA). Any necessary Transfer Risk Assessments will be undertaken.

Our platform is hosted on AWS servers  in US where we store most customer data, but upon customer request we may also store data in the EU. To find out more about AWS, you can visit their privacy notice here.

We use a cloud based application to organise our customer invoices, and a CRM to keep all our customer information available and secure.

  • ⏲️  How long do we keep it for?

We keep customer account data mentioned for the duration of the account with us and for 6 years after it has ended, in line with the statutory retention periods for contractual claims.

We act as data processor for our customer that hence we only process customer data as per their instructions, Media files provided by our customers and analysed through our platform are usually deleted 48 hours after the safety score report has been created. For Virtual Agents product, we use customer data to improve the service provided to them for customer exclusive benefit for as long as the contract is live.

Details about automated decision making and profiling

💡 Automated individual decision-making involves making a decision solely by automated means without any human involvement.

The UK GDPR restricts organisations from making solely automated decisions, including those based on profiling, that have a legal or similarly significant effect on individuals. However, this restriction only covers solely automated individual decision-making that produces legal or similarly significant effects (a legal effect is something that affects someone’s legal rights).

Our product uses AI automations to create safety scores for media files provided to us by our clients. The tool provides a report on the safety score of the media file and this enables our clients to comply with their industry safety standard classification requirements. The report does not have a legal effect on individuals, but it may lead to the video being removed from the platforms (including social media platforms) it is submitted or posted on.

How we engineer our platform

  • 🗂️  What personal data do we collect, why do we collect it, and what legal basis do we rely on?

💡 Personal data is anything that can identify an individual, either on its own or through combining it with other factors that could eventually identify an individual.

As a data processor for our customers data, our Engineering Team require data for the purpose of machine learning and refinement of our systems. We primarily use data supplied for this purpose by our customers. We build AI agents specifically for each customer, so each customer’s AI models are trained on the data they provide to us for their sole benefits.

However, we also have used data collected on public forums where the website has a privacy stance that allows such collection. We take steps to effectively make use of pseudonymisation techniques to make the data as anonymous as possible. We use a trusted partner to help label any data collected for this purpose.

We rely on Article 6(1)(f) of the GDPR - Legitimate Interest to collect and process this data, as it is required for us to provide this service and for continuous refinement of its accuracy.

  • 🗺️  Where do we store it?

We use some data application providers and suppliers to manage our services. We use applications that store data in the UK or EEA GDPR zone, or countries deemed ‘adequate’ under GDPR.  If we use an application that stores data outside of the UK (or EEA), we will use appropriate measures to secure the transfer, including Standard Contractual Clauses (SCCs) and the UK Addendum where appropriate, or the UK International Data Transfer Agreement (IDTA). Any necessary Transfer Risk Assessments will be undertaken.

Our platform is hosted on AWS servers and any personally identifiable data is first collected in a self-hosted database before being immediately pseudonymised for use in our processing and engineering. To find out more about AWS, you can visit their privacy notice here.

We use cloud based applications for our platform engineering including application performance monitoring & error tracking, analysis and visualisation metrics. These applications do not store any personally identifiable data. We also use a firewall application for API security and protection that monitors all data, which includes customer data (and therefore may be personally identifiable), in order to secure the data we process.

  • ⏲️  How long do we keep it for?

Media files are pseudonymised and only kept while they are being used for training purposes.

When you apply for a job with us

  • 🗂️  What personal data do we collect, why do we collect it, and what legal basis do we rely on?

💡 Personal data is anything that can identify an individual, either on its own or through combining it with other factors that could eventually identify an individual.

When you apply for a job with us, we need some information about you in order to manage your recruitment process, such as your name, CV, email address, phone number and interview notes. The legal basis we rely on for this is Article 6(1)(f) of the GDPR - Legitimate Interests as it is in our legitimate interest to hire skilled staff in order to manage our services.

  • 🗺️  Where do we store it?

The information we will collect during the recruitment stage will be stored in Workable, which is our applicant tracking system (ATS). You can find out more about them here.

  • ⏲️  How long do we keep it for?

If you are offered a job with us, we will retain your data during your employment and remove it in line with our obligations under the law. Otherwise we will keep your data during your the interview process and remove it after 6 months.

When we raise awareness of our business

  • 🗂️  What personal data do we collect, why do we collect it, and what legal basis do we rely on?

💡 Personal data is anything that can identify an individual, either on its own or through combining it with other factors that could eventually identify an individual.

When we raise awareness of our business, we will collect contact details of potential customers to add to a marketing list in order to send a regular newsletter. We will send the newsletter out to everyone on our marketing list, as well as news, updates and blog posts and so on. We will rely on Article 6(1)(f) Legitimate Interest of the GDPR for this processing as it keeps interested parties up to date with our services and is therefore part of our strategy to grow awareness of our business.

Some of these contact details are collected at networking events, by referral or from networking sites and we also make use of a lead generation software application to identify new prospects that we think might benefit from our platform. We will rely on Article 6(1)(f) Legitimate Interest of the GDPR for this processing when using and collecting this data as we require its use in order to raise awareness of our services as part of our strategy to grow our business.

  • 🗺️  Where do we store it?

Our marketing list is held on our customer relationship management platform.

  • ⏲️  How long do we keep it for?

We will retain these records in line with our retention schedule, and we include an unsubscribe link on all emails so that members of the list can remove their details at any time.

When you visit our website

Our website uses cookies and other similar technologies of which you should be aware.

  • 🗂️ What cookies do we collect, why do we collect them, and what legal basis do we rely on?

💡 Cookies are text files placed on your hard drive by a web page server when you visit a website and are saved in your browser's history. They allow the website to recognise your device and store some information about your preferences or past actions. Cookies cannot be used to run programs or deliver viruses to your computer; they are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie.

When you use our website, the cookies can be stored on your device are either first party cookies, which are placed and read by us directly while you are using our website or third party cookies, which are set by other third parties we have partnered with.

Below is a list of the cookies we use and the purposes for which they are used:

  • Essential cookies

💡 These are essential to the operation of our website and are integral to the functioning of our Website, therefore they cannot be removed.

Cookie name Purpose Maximum storage duration
__cf_bm [x11] This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website. 1 day
_cfuvid [x4] This cookie is a part of the services provided by Cloudflare - Including load-balancing, deliverance of website content and serving DNS connection for website operators. Session
_GRECAPTCHA Used for risk analysis in spam protection. 180 days
1.gif Used to count the number of sessions to the website, necessary for optimizing CMP product delivery. Session
bcookie Used in order to detect spam and improve the website's security. 1 year
CookieConsent Stores the user's cookie consent state for the current domain 1 year
li_gc Stores the user's cookie consent state for the current domain 180 days
rc::a This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website. Persistent
rc::b This cookie is used to distinguish between humans and bots. Session
rc::c This cookie is used to distinguish between humans and bots. Session
rc::f This cookie is used to distinguish between humans and bots. Persistent
test_cookie Used to check if the user's browser supports cookies. 1 day

  • Non-essential cookies

💡 These cookies are additional to the the performance of our Website and help us improve the service we provide to you.

  • Statistics or Performance cookies

These cookies allow us to collect information about how our website is used, including the number of website visitors and how visitors move around the website. This helps us to improve the way our website works.

Cookie Purpose Duration
__hssc Identifies if the cookie data needs to be updated in the visitor's browser. 1 day
__hssrc Used to recognise the visitor's browser upon reentry on the website. Session
__hstc Sets a unique ID for the session. This allows the website to obtain data on visitor behaviour for statistical purposes. 180 days
_ga (2) Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels. 2 years
_hjSession_# Collects statistics on the visitor's visits to the website, such as the number of visits, average time spent on the website and what pages have been read. 1 day
_hjSessionUser_# Collects statistics on the visitor's visits to the website, such as the number of visits, average time spent on the website and what pages have been read. 1 year
_hjTLDTest Registers statistical data on users' behaviour on the website. Used for internal analytics by the website operator. Session
hjActiveViewportIds This cookie contains an ID string on the current session. This contains non-personal information on what subpages the visitor enters – this information is used to optimize the visitor's experience. Persistent
hjViewportId Saves the user's screen size in order to adjust the size of images on the website. Session
hubspotutk Sets a unique ID for the session. This allows the website to obtain data on visitor behaviour for statistical purposes. 180 days
vuid Collects data on the user's visits to the website, such as which pages have been read. 2 years

  • Functionality or preference cookies

These cookies allow us to recognise you when you return to our website and remember choices you have made in the past (for example, your username to assist with automated log in). These cookies also enable us to tailor our content and the website experience for you.

Preferences

Cookie Purpose Duration
lidc Registers which server-cluster is serving the visitor. This is used in context with load balancing, in order to optimize user experience. 1 day

Marketing

Cookie Purpose Duration
[empty name] Tracks the individual sessions on the website, allowing the website to compile statistical data from multiple visits. This data can also be used to create leads for marketing purposes. Session
__ptq.gif Sends data to the marketing platform Hubspot about the visitor's device and behaviour. Tracks the visitor across devices and marketing channels. Session
_gcl_au Used to measure the efficiency of the website’s advertisement efforts, by collecting data on the conversion rate of the website’s ads across multiple websites. 3 months
_gcl_ls Tracks the conversion rate between the user and the advertisement banners on the website - This serves to optimise the relevance of the advertisements on the website. Persistent
_lfa Used in context with Account-Based-Marketing (ABM). The cookie registers data such as IP-addresses, time spent on the website and page requests for the visit. This is used for retargeting of multiple users rooting from the same IP-addresses. ABM usually facilitates B2B marketing purposes. Persistent
_lfa Used in context with Account-Based-Marketing (ABM). The cookie registers data such as IP-addresses, time spent on the website and page requests for the visit. This is used for retargeting of multiple users rooting from the same IP-addresses. ABM usually facilitates B2B marketing purposes. 1 year
_lfa_expiry Contains the expiry-date for the cookie with corresponding name. Persistent
_lfa_test_cookie_stored Used in context with Account-Based-Marketing (ABM). The cookie registers data such as IP-addresses, time spent on the website and page requests for the visit. This is used for retargeting of multiple users rooting from the same IP-addresses. ABM usually facilitates B2B marketing purposes. Session
pagead/1p-user-list/# Tracks if the user has shown interest in specific products or events across multiple websites and detects how the user navigates between sites. This is used for measurement of advertisement efforts and facilitates payment of referral-fees between websites. Session

You can choose not to store Non-essential cookies on your computer when you visit our website, or you can adjust your browser settings to prevent cookies from being saved on your computer. You can find information about how to manage Cookies in the most commonly used browsers at the following addresses:

🇬🇧 & 🇪🇺  What are your rights?

Your personal data is yours and you have rights in relation to it granted by the UK GDPR, which include:

  • 📮  The right to be informed

You have the right to be informed about the collection and use of your personal data, the purposes for processing, retention periods for that personal data and who it will be shared with. We have set this information out in this privacy notice.

  • 🗝️  The right of access

You have the right to ask us for copies of the data we hold about you. If you ask us, we’ll confirm whether we’re processing your personal information and, if so, provide you with a copy of that personal information (along with certain other details).

  • ⛔  The right to object

You have the right to ask us to stop processing your personal information in some circumstances, such as when we are relying on our own (or someone else’s) legitimate interests to process your personal information, when we are processing your personal information for direct marketing or when we are processing your personal information for research.

  • 📝  The right to rectification

You have the right to ask us to rectify the personal information you think is inaccurate or to complete information you think is incomplete. When you ask us to rectify your information, if we’ve shared your personal information with others, we’ll let them know about the rectification where possible.

  • 🧽  The right to erasure

You have the right to ask us to erase your personal information, in some circumstances, such as where we no longer need it or you withdraw your consent (where applicable).

  • 🚫  The right to restrict processing

You have the right to ask us to restrict the processing of your personal information for a period of time in some circumstances, such as where you contest the accuracy of that personal information or object to us processing it. This right is separate from the right to object and will only stop us from using your personal information further, not from processing it. If we’ve shared your personal information with others, we’ll let them know about the restriction where possible.

  • ✈️  The right to data portability

You have the right to ask that we transfer the personal information you gave us to another organisation, or to someone else, in some circumstances.

You don't have to pay anything in order to exercise your rights. Please contact us by sending an email to contact@unitary.ai if you wish to make a request under your rights; we have a calendar month to get back to you with a response.

💔 How you can complain

If you have any concerns about our use of your personal information, please let us know by:

💡 Emailing us at contact@unitary.ai

If you are not satisfied with our response or you are unhappy with how we have used your data, you can complain to the Information Commissioner's Office (ICO). You can find the ICO contact details below:

💡 ICO Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, Helpline number: 0303 123 1113.

💡 ICO Website: https://www.ico.org.uk

Acceptable Use Policy

PLEASE READ THE TERMS OF THIS POLICY CAREFULLY BEFORE USING THE PLATFORM

1. What's in these terms?

This acceptable use policy (AUP) sets out the content standards that apply when you upload content to our Platform, or interact with our Platform in any other way.

2. Who we are and how to contact us

2.1 - The Platform is a software development kit and application programming interfaces that we provide for users to access and use our analytics service (Platform), operated by Unitary Ltd (we, us, our). We are registered in England and Wales under company number 12044127 and have our registered office at Arquen House, 4-6 Spicer Street, St. Albans, England, AL3 4PQ. Our main trading address is 18 Doughty Street, London WC1N 2PL.

2.2 - To contact us in relation to this policy, please email sales@unitary.ai.

3. By using our Platform you accept these terms

3.1 - By entering into the agreement for using our Platform (Platform Agreement) and using our Platform, you confirm that you accept the terms of this policy and that you agree to comply with them.

3.2 - If you do not agree to these terms, you must not use our Platform.

3.3 - We recommend that you print a copy of these terms for future reference.

4. There are other terms that may apply to you

Our Platform Agreement (including Exhibits, each as defined in the Platform Agreement) also apply to your use of our Platform.

5. We may make changes to the terms of this policy

We amend these terms from time to time. Every time you wish to use our Platform, please check these terms to ensure you understand the terms that apply at that time. These terms were most recently updated on 26 September 2023.

6. Prohibited uses

6.1 - You may not use our Platform:

6.1.1 - in any way that breaches any applicable local, national or international law or regulation;

6.1.2 - in any way that is unlawful or fraudulent or has any unlawful or fraudulent purpose or effect;

6.1.3 - for the purpose of harming or attempting to harm individuals or minors in any way;

6.1.4 -to bully, insult, abuse, intimidate or humiliate any person;

6.1.5 - to send, receive, upload, download, use or re-use any material which is offensive or discriminatory material in nature;

6.1.6 - to send, receive, upload, download, use or re-use any material which does not comply with our content standards, as set out in this AUP and the Platform Agreement;

6.1.7 - to transmit, or procure the sending of, any unsolicited or unauthorised advertising or promotional material or any other form of similar solicitation (spam);

6.1.8 - to transmit any data, send or upload any material that contains viruses, Trojan horses, worms, time-bombs, keystroke loggers, spyware, adware or any other harmful programs or similar computer code designed to adversely affect the operation of any computer software or hardware;

6.1.9 - in any way that involves child sexual exploitation or abuse; or

6.1.10 - to upload terrorist content.

6.2 - You also agree:

6.2.1 - not to reproduce, duplicate, copy or re-sell any part of our Platform in contravention of the provisions of our platform agreement; and

6.2.2 - not to access without authority, interfere with, damage or disrupt:

6.2.2.1 - any part of our Platform or its underlying code base;

6.2.2.2 - any equipment or network on which our Platform is stored;

6.2.2.3 - any software used in the provision of our Platform; or

6.2.2.4 - any equipment or network or software owned or used by any third party.

7. Breach of this policy

7.1 - When we consider that a breach of this AUP has occurred, we may take such action as we deem appropriate.  

7.2 - Failure to comply with this AUP constitutes a material breach of the terms of the platform agreement upon which you are permitted to use our Platform, and may result in our taking all or any of the following actions:

7.2.1 - immediate, temporary or permanent withdrawal of your right to use our Platform;

7.2.2 - immediate, temporary or permanent removal of any Contribution uploaded by you to our Platform;

7.2.3 - issue of a warning to you;

7.2.4 - legal proceedings against you for reimbursement of all costs on an indemnity basis (including, but not limited to, reasonable administrative and legal costs) resulting from the breach;

7.2.5 - further legal action against you; and

7.2.6 - disclosure of such information to law enforcement authorities as we, acting reasonably, feel is necessary or as required by law.

7.2.7 - We exclude our liability for all action we may take in response to breaches of this AUP. The actions we may take are not limited to those described above, and we may take any other action we reasonably deem appropriate.

8. What to do if you notice non-compliant material on our Platform?

8.1 - If you discover material on our Platform that is in breach of this AUP, you should email us at sales@unitary.ai. Please provide the following information in your email:

8.1.1 - your name and contact details;

8.1.2 - details of the non-compliant material, including the location of the material on the Platform;

8.1.3 - the reason you consider the material to be non-compliant (referencing either the prohibited uses or content standards listed above);

8.1.4 -an assertion that your request is accurate and made in good faith;

8.1.5 - if non-compliance concerns an infringement of intellectual property rights (e.g. copyright), confirmation that you are the rights holder or an authorised representative of the rights holder; and

8.1.6 - if non-compliance concerns libel, defamation, confidentiality, personal data, or human rights, confirmation that you are either the publisher or the subject of the material or an authorised representative of the publisher or the subject of the material.

8.2 - We will acknowledge receipt of your email; communication will be by email.

8.3 - Upon receipt of your email, we will make an initial assessment. We may reach an immediate decision or we may require time for more investigation. We may on occasion remove material from our Platform pending a full review of your objection.

8.4 - We may ask you to provide further information. We may also contact and consult with the user responsible for uploading the material to the Platform, if relevant, and inform her/him/them that notice of non-compliance has been raised.

8.5 - If we determine that material is non-compliant with this AUP or our platform agreement, we may take any of the actions listed in the section “Breach of this policy” above.

9. How this contract can be transferred

We can transfer our rights and obligations under these terms to any third party, provided this does not adversely affect your rights under these terms.

10. Which country's laws apply to any disputes?

10.1 - If you are a consumer, please note that the terms of this AUP, its subject matter and its formation are governed by English law. You and we both agree that the courts of England and Wales will have exclusive jurisdiction except that if you are a resident of Northern Ireland you may also bring proceedings in Northern Ireland, and if you are resident of Scotland, you may also bring proceedings in Scotland.

10.2 - If you are a business, the terms of this AUP, its subject matter and its formation (and any non-contractual disputes or claims) are governed by English law. We both agree to the exclusive jurisdiction of the courts of England and Wales.

Powered By Trust Keith