At Unitary we build technology that enables safe and positive online experiences. Our goal is to understand the visual internet and create a transparent digital space.
If you have any questions about this privacy notice or our data protection practices, please contact our Data Protection Officer (DPO):
Data Protection Officer
Name: Trust Keith Limited
Address: 20-22 Wenlock Road, London, England, N1 7GU
Contact: dpo@unitary.ai
We want to be completely transparent about how we collect and use your personal data and this privacy notice exists to tell you exactly how we do this.
This notice applies wherever we decide why and how we process personal data (and therefore act as a Data Controller under data protection law). It also covers the personal data we process when we act on behalf of our clients (and therefore act as a Data Processor under data protection law).
Our privacy notice tells you the journey of your personal data from the moment it enters our systems up until it's time for us to say "goodbye 👋*"*, as well as the various stops it makes along the way.
💡 Personal data is anything that can identify an individual, either on its own or through combining it with other factors that could eventually identify an individual.
When we work with a customer, we will require the name, email address, phone number and job title of our primary contact on the customer side in order to manage our contractual relationship.
Customers (or prospective customers) will send a request via the Unitary API for content classification and results, where the request will contain the data to be classified (e.g. media files such as image or video). These media files may contain personal data that could be personally identifiable. We will provide a result for the data (e.g. a GARM category) which is returned to the customer. We are a Data Processor for that data and thus rely on our customers (the data controllers) to have obtained the necessary notices, consents or any other legal basis requirements for the data transfer to us.
We rely on Article 6(1)(b) of the GDPR - Contractual obligation to collect this data, as it is required for us to provide this service.
We will collect details for invoicing; which will include a contact name and details at your company. We rely on Article 6(1)(b) of the GDPR - Contractual obligation to collect this data, as it is required for us to provide this service to you.
We use some data application providers and suppliers to manage our services. We use applications that store data in the UK or EEA GDPR zone, or countries deemed ‘adequate’ under GDPR. If we use an application that stores data outside of the UK (or EEA), we will use appropriate measures to secure the transfer, including Standard Contractual Clauses (SCCs) and the UK Addendum where appropriate, or the UK International Data Transfer Agreement (IDTA). Any necessary Transfer Risk Assessments will be undertaken.
Our platform is hosted on AWS servers. To find out more about AWS, you can visit their privacy notice here.
We use a cloud based application to organise our customer invoices, and a CRM to keep all our customer information available and secure.
We keep customer account data mentioned for the duration of the account with us and for 6 years after it has ended, in line with the statutory retention periods for contractual claims.
Media files provided by our customers and analysed through our platform are usually deleted 48 hours after the safety score report has been created.
💡 Automated individual decision-making involves making a decision solely by automated means without any human involvement.
The UK GDPR restricts organisations from making solely automated decisions, including those based on profiling, that have a legal or similarly significant effect on individuals. However, this restriction only covers solely automated individual decision-making that produces legal or similarly significant effects (a legal effect is something that affects someone’s legal rights).
Our product uses AI automations to create safety scores for media files provided to us by our clients. The tool provides a report on the safety score of the media file and this enables our clients to comply with their industry safety standard classification requirements. The report does not have a legal effect on individuals, but it may lead to the video being removed from the platforms (including social media platforms) it is submitted or posted on.
💡 Personal data is anything that can identify an individual, either on its own or through combining it with other factors that could eventually identify an individual.
In order to engineer our platform, we will require data for the purpose of machine learning and refinement of our systems. We primarily use data supplied for this purpose by our customers. However, we also have used data collected on public forums where the website has a privacy stance that allows such collection. We take steps to effectively make use of pseudonymisation techniques to make the data as anonymous as possible. We use a trusted partner to help label any data collected for this purpose.
We rely on Article 6(1)(f) of the GDPR - Legitimate Interest to collect and process this data, as it is required for us to provide this service and for continuous refinement of its accuracy.
We use some data application providers and suppliers to manage our services. We use applications that store data in the UK or EEA GDPR zone, or countries deemed ‘adequate’ under GDPR. If we use an application that stores data outside of the UK (or EEA), we will use appropriate measures to secure the transfer, including Standard Contractual Clauses (SCCs) and the UK Addendum where appropriate, or the UK International Data Transfer Agreement (IDTA). Any necessary Transfer Risk Assessments will be undertaken.
Our platform is hosted on AWS servers and any personally identifiable data is first collected in a self-hosted database before being immediately pseudonymised for use in our processing and engineering. To find out more about AWS, you can visit their privacy notice here.
We use cloud based applications for our platform engineering including application performance monitoring & error tracking, analysis and visualisation metrics. These applications do not store any personally identifiable data. We also use a firewall application for API security and protection that monitors all data, which includes customer data (and therefore may be personally identifiable), in order to secure the data we process.
Media files are pseudonymised and only kept while they are being used for training purposes.
💡 Personal data is anything that can identify an individual, either on its own or through combining it with other factors that could eventually identify an individual.
When you apply for a job with us, we need some information about you in order to manage your recruitment process, such as your name, CV, email address, phone number and interview notes. The legal basis we rely on for this is Article 6(1)(f) of the GDPR - Legitimate Interests as it is in our legitimate interest to hire skilled staff in order to manage our services.
The information we will collect during the recruitment stage will be stored in Workable, which is our applicant tracking system (ATS). You can find out more about them here.
If you are offered a job with us, we will retain your data during your employment and remove it in line with our obligations under the law. Otherwise we will keep your data during your the interview process and remove it after 6 months.
💡 Personal data is anything that can identify an individual, either on its own or through combining it with other factors that could eventually identify an individual.
When we raise awareness of our business, we will collect contact details of potential customers to add to a marketing list in order to send a regular newsletter. We will send the newsletter out to everyone on our marketing list, as well as news, updates and blog posts and so on. We will rely on Article 6(1)(f) Legitimate Interest of the GDPR for this processing as it keeps interested parties up to date with our services and is therefore part of our strategy to grow awareness of our business.
Some of these contact details are collected at networking events, by referral or from networking sites and we also make use of a lead generation software application to identify new prospects that we think might benefit from our platform. We will rely on Article 6(1)(f) Legitimate Interest of the GDPR for this processing when using and collecting this data as we require its use in order to raise awareness of our services as part of our strategy to grow our business.
Our marketing list is held on our customer relationship management platform.
We will retain these records in line with our retention schedule, and we include an unsubscribe link on all emails so that members of the list can remove their details at any time.
Our website uses cookies and other similar technologies of which you should be aware.
💡 Cookies are text files placed on your hard drive by a web page server when you visit a website and are saved in your browser's history. They allow the website to recognise your device and store some information about your preferences or past actions. Cookies cannot be used to run programs or deliver viruses to your computer; they are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie.
When you use our website, the cookies can be stored on your device are either first party cookies, which are placed and read by us directly while you are using our website or third party cookies, which are set by other third parties we have partnered with.
Below is a list of the cookies we use and the purposes for which they are used:
💡 These are essential to the operation of our website and are integral to the functioning of our Website, therefore they cannot be removed.
CookiePurposeDurationsessionUsed to store information about the current session in the browser.Until browser closed
💡 These cookies are additional to the the performance of our Website and help us improve the service we provide to you.
These cookies allow us to collect information about how our website is used, including the number of website visitors and how visitors move around the website. This helps us to improve the way our website works.
CookiePurposeDurationMore Infohp2_id.APP_IDHeap analytics: user cookie. Used to track user behaviour on websites.2 yearshttps://heap.io/privacy_hp2_ses_props.APP_IDHeap analytics: session properties cookie. Used to track user behaviour on websites.30 minuteshttps://heap.io/privacy_hp2_props.APP_IDHeap analytics: event properties cookies. Used to track user behaviour on websites.2 yearshttps://heap.io/privacy
These cookies allow us to recognise you when you return to our website and remember choices you have made in the past (for example, your username to assist with automated log in). These cookies also enable us to tailor our content and the website experience for you.
CookiePurposeDurationremember_tokenUser cookie. Allows us to recognise users and remember preferences.1 year
You can choose not to store Non-essential cookies on your computer when you visit our website, or you can adjust your browser settings to prevent cookies from being saved on your computer. You can find information about how to manage Cookies in the most commonly used browsers at the following addresses:
Your personal data is yours and you have rights in relation to it granted by the UK GDPR, which include:
You have the right to be informed about the collection and use of your personal data, the purposes for processing, retention periods for that personal data and who it will be shared with. We have set this information out in this privacy notice.
You have the right to ask us for copies of the data we hold about you. If you ask us, we’ll confirm whether we’re processing your personal information and, if so, provide you with a copy of that personal information (along with certain other details).
You have the right to ask us to stop processing your personal information in some circumstances, such as when we are relying on our own (or someone else’s) legitimate interests to process your personal information, when we are processing your personal information for direct marketing or when we are processing your personal information for research.
You have the right to ask us to erase your personal information, in some circumstances, such as where we no longer need it or you withdraw your consent (where applicable).
You have the right to ask us to restrict the processing of your personal information for a period of time in some circumstances, such as where you contest the accuracy of that personal information or object to us processing it. This right is separate from the right to object and will only stop us from using your personal information further, not from processing it. If we’ve shared your personal information with others, we’ll let them know about the restriction where possible.
You have the right to ask that we transfer the personal information you gave us to another organisation, or to someone else, in some circumstances.
You don't have to pay anything in order to exercise your rights. Please contact us by sending an email to ******contact@unitary.ai if you wish to make a request under your rights; we have a calendar month to get back to you with a response.
If you have any concerns about our use of your personal information, please let us know by:
💡 Emailing us at contact@unitary.ai
If you are not satisfied with our response or you are unhappy with how we have used your data, you can complain to the Information Commissioner's Office (ICO). You can find the ICO contact details below:
💡 ICO Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, Helpline number: 0303 123 1113.
💡 ICO Website: https://www.ico.org.uk