LAST UPDATED: JUNE 6 2021
If you are a resident of California or of the EEA, UK, or Switzerland, please see the additional notices applicable to your individual relationship with Unanet.
GENERAL PRIVACY TERMS
CCPA PRIVACY NOTICE FOR CALIFORNIA RESIDENTS
GENERAL PRIVACY TERMS
- What personally identifiable information is collected from you through the website, how it is used, and with whom it may be shared. What data is collected and stored in our products when received from our customers, how that information is used, and with whom it may be shared.
- The security procedures in place to protect the misuse of your information.
- What choices are available to you regarding the use of your data.
- How to contact us regarding any questions or concerns.
Unanet has two different types of users: Site Visitors and End-Users.
Users of the site are “Site Visitors.” Site Visitors may either be individuals who only browse the site or use Services available on the site (such as Unanet University) or they may be End Users who also visit the Site. Unanet is the data controller of the information collected through the site about Site Visitors.
“End-Users” use Unanet products and applications through Unanet’s customers (e.g., your employer or another entity or person, called the “Customer”) pursuant to specific terms agreed to between Unanet and Customer that entered into a separate agreement that governs delivery, access, and use of the Services (“Customer Agreement”). The Customer controls its instance of the Services and is the data controller of the information collected through the Services about End-Users (“Customer Data”).
Customer Data includes all attachments, files, tasks, projects and project names, associated messages, team names, schedules, expenses, and other content submitted through the Services. If you have any questions about the Customer’s settings in the Services and privacy practices, please contact the entity directly.
The Customer, and not Unanet, determines its own, internal policies regarding storage, access, modification, deletion, sharing, and retention of Customer Data. A Customer may provide or remove access to the Services, manage permissions and settings, determine retention periods, export data, control teams and projects, and enable or disable third party integrations.
Information We Collect
We collect information from and about you in the following ways:
Site Visitors: Information Provided by Site Visitors and from Third Party Sources
We collect the personal information you provide when you register to use our Services (including training, webinars or events), upload or post to the Services, and when you communicate with us such as by emailing, calling, chatting with us to ask for more information or report a problem. This information includes:
- Contact information, such as your name, email address, business phone number, and postal address
- Business information, such as company name, location, and number of employees
- Account information, such as email address and password
- Commercial information, such as transaction or request data about events or webinars for which you register or products in which you are interested
- Financial data, such as credit card information collected by our payment processors on our behalf)
- Communications and Other Information You Provide, such as when you submit requests or questions to us via forms or email and requests for customer support and technical assistance.
There are times when we may ask to collect personal information from you. You will have the option not to provide the information. If you choose not to provide the information we request, you can still visit most of the site, but you may be unable to access certain options, offers, and services.
We also collect information about Site Visitors from other sources, including third parties from whom we have purchased personal data, to enrich the information provided by you. This helps us to update and expand our records to identify potential new customers and create targeted marketing materials that may interest you. Third party providers may send business contact information; mailing address, job title, email address, phone number, industry, behavior data, IP address, social media profiles, and custom profiles.
INFORMATION COLLECTED FROM AND ABOUT END-USERS
We collect information from End-Users and about End-Users from the Customer and, depending on the Customer’s settings and how the Services are used, other End-Users of the Customer. We collect such information for purposes of providing the Unanet Services as set forth in the agreement between Unanet and its Customer. We do not require End-Users to provide us with information, but a Customer may and certain information, such as account log-in data, may be required to enable access to the Services.
The information we collect includes:
- Account Information. To set up your account, you or the Customer will provide us with basic information which may include your name, address, telephone number, email address, and password.
- Customer Data, such as project information, schedule information, attachments, files, tasks, associated messages, and other content submitted through the Customer’s instance of the Services
- Communications and Other Information such as when you submit requests or questions to us via forms or email and requests for customer support and technical assistance.
- We also collect End-User information from third-Party integrations. If you choose to use or connect to third-party integrations through the Service, or if you are required or permitted to do so by a Customer, such third parties may allow us to have access to and store additional information about your interaction with those services as it relates to your use of the Services. We will also share information about you that is required to enable your use of the third-party integration through the Service. You authorize us to connect and access the information provided through these connections when you use or connect to a third-party integration, and you understand that the privacy policies of these third parties govern such connections.
Information Automatically Collected.
For Site Visitors and End-Users, we collect certain information automatically when you visit the Site or use the Services. This information includes:
- Device information, such as type of device you are using, operating system, and device identifiers
- Log files, such as web request, IP address, browser type and settings, referring/exit pages and URLs, number of clicks, date and time stamp information, language preferences, data from cookies and similar technologies, and other such information.
- Location information, which is general information about the location of the device from which you are accessing the Service (e.g., zip code level information inferred from an IP address).
- High Level Usage Information –high-level information about the way you use the Services such as logging the features you interact with; the types of files you share (i.e., pdf); and what, if any, third party services and integrations you use.
For Site Visitors, we use analytics services, including Google Analytics, which collect IP addresses and usage activity for internal usage and trends analysis purposes, subject to terms that only allow the third party to process such personal information in accordance with applicable data privacy laws.
For End Users, we use analytics services, included Amplitude, which collect IP addresses and usage activity for internal usage and trends analysis purposes, subject to terms that only allow the third party to process such personal information in accordance with applicable data privacy laws.
We use "cookies" on site and Services. A cookie is a piece of data stored on a site visitor's hard drive to help us improve your access to our site and identify repeat visitors to our site. Cookies can also enable us to track and target the interests of our users to enhance the experience on our site. Certain cookies used on the site and in the Services may be linked to your username, IP address, and/or log files in the Services.
First-party cookies: First-party cookies are those cookies set by a website that is being visited by the user at the time (e.g. cookies placed by this website).
Third-party cookies: Third-party cookies are those cookies that are set by a domain other than that of the website being visited by the user. If a user visits a website and another entity sets a cookie through that website, that cookie would be a third-party cookie.
Session cookies: These cookies allow website operators to link the actions of a user during a browser session. A browser session starts when a user opens the browser window and finishes when the user closes the browser window. Session cookies are created temporarily. Once a user closes a browser, all session cookies are deleted.
Our Site and Services use the following types of cookies for the purposes set forth below:
|Type of cookie||Purpose|
|Essential Cookies||These cookies are essential to provide you with services available through Site and Services and to enable you to use some of its features. For example, they allow you to log in to secure areas of our Site/Application(s)/Services and help the content of the pages you request load quickly. Without these cookies, the services that you have asked for cannot be provided, and we only use these cookies to provide you with those services.|
|Functionality Cookies||These cookies allow our Site and Services to remember choices you make when you use Unanet sites and services, such as remembering your language preferences, remembering your login details and remembering the changes you make to other parts of Unanet sites and services which you can customize. The purpose of these cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you visit.|
|Analytics and Performance Cookies||These cookies are used to collect information about traffic to Unanet sites and services and how users use Unanet sites and services. The information gathered does not identify any individual visitor. The information is aggregated and anonymous. It includes the number of visitors to Unanet sites and services, the websites that referred them to Unanet sites and services, the pages they visited on Unanet sites and services, what time of day they visited Unanet sites and services, whether they have visited Unanet sites and services before, and other similar information. We use this information to help operate Unanet sites and services more efficiently, to gather broad demographic information and to monitor the level of activity on Unanet sites and services.
We use Google Analytics for this purpose. Google Analytics uses its own cookies. It is only used to improve how Unanet sites and services works. You can find out more information about Google Analytics cookies here: https://developers.google.com/analytics/resources/concepts/gaConceptsCookies
You can find out more about how Google protects your data here: www.google.com/analytics/learn/privacy.html.
You can prevent the use of Google Analytics relating to your use of Unanet sites and services by downloading and installing the browser plugin available via this link: http://tools.google.com/dlpage/gaoptout?hl=en-GB
|Social Media Cookies||These cookies are used when Site Visitors share information using a social media sharing button or “like” button on Unanet sites and services or you link your account or engage with our content on or through a social networking website such as Facebook, Twitter or Google+. The social network will record that you have done this.|
You can typically remove or reject cookies via your browser settings. In order to do this, follow the instructions provided by your browser (usually located within the “settings,” “help” “tools” or “edit” facility). Many browsers are set to accept cookies until you change your settings.
Further information about cookies, including how to see what cookies have been set on your computer or mobile device and how to manage and delete them, visit www.allaboutcookies.org and www.youronlinechoices.com.uk.
If you do not accept our cookies, you may experience some inconvenience in your use of Unanet Sites. For example, we may not be able to recognize your computer or mobile device and you may need to log in every time you visit the Unanet Sites. If you do not accept our cookies in the Services as an End User, then you will not be able to use the features and functionality of the Services.
INFORMATION USE AND SHARING
Unanet may access and use Site Visitors’ information for the following purposes:
- to operate, maintain, and provide the Site and/or Services;
- to prevent or address service or technical problems;
- to respond to your requests and otherwise manage your account;
- to fulfill your transactions;
- to analyze and improve the Services
- for marketing purposes about upcoming webinars, events, or other products and services offered by Unanet or its affiliates, which you may opt out of receiving by following the instructions in the marketing email
- as described in the “Sharing of your Personal Information” section below.
Legal Bases to use Site Visitors’ information
If you are located in the EU, please note that the legal bases under the GDPR for using the information we collect through your use of the Websites as a Site Visitor are as follows:
- Where use of your information is necessary to perform our obligations under a contract with you (for example, to comply with the User Terms of Service which you accept by browsing the sites)
- Where use of your information is necessary for our legitimate interests or the legitimate interests of others (for example, to provide security for our sites; operate our sites; prevent fraud, analyze use of and improve our sites, and for similar purposes)
- Where use of your information is necessary to comply with a legal obligation
- Where we have your consent to process data in a certain way
Unanet may access and use information about End-Users and Customer Data pursuant to the applicable Customer Agreement and our Customer instructions for the following purposes:
- to operate, maintain, and provide the Site and/or Services;
- to prevent or address service or technical problems;
- to respond to support issues and Customer’s instructions and otherwise manager your account, to analyze and improve the Services
- for Unanet’s internal marketing purposes about upcoming webinars, events, or other products and services offered by Unanet or its affiliates, which you may opt out of receiving by following the instructions in the marketing email.
- as described in the “Sharing of your Personal Information” section below.
Do Not Sell. Site Visitors and End Users may complete a request to Unanet using the “Do Not Sell My Personal Information” form available here to opt out of “sales” of your personal information as defined under the CCPA.
Unanet retains Customer Data according to the timeframes set forth in the Customer Agreement.
Sharing Your Personal Information
- Third Parties Designated by You: when you give Unanet consent or otherwise direct Unanet to share your personal information, including if Unanet notifies you that the information you provide will be shared in a particular manner and you share such information. Our Third-Party Service Providers: with our third-party service providers who provide services on our behalf such as payment processing, information technology and related infrastructure provision, email delivery, analytics providers, auditing and other similar services. These third parties are only permitted to use your personal information to the extent necessary to enable them to provide their services to Unanet. Some of these third parties, such as Stripe (payment processing), may require you to agree to their end user agreement before accessing such services.
- Third-party Integrations and Licensees: with our third-party technology partners if you or Customer choose to use or connect to third-party integrations made available through the Service , which may include payroll and other cloud technology solutions to public and private entities, we will share information about you to enable your use of the third-party integration through the Service and that you provide through such integration.
- Consistent with your or the Customer’s settings. If you are an End-User, Customer Data you submit may be viewable by other users in Services and within your organization, depending on the specific settings you and your organization have selected. Co-Sponsored Events. We may share personal data with partners where you have registered to an event the partner is hosting or co-hosting.
- Legal Compliance: If required to do so by law or in the good faith belief that such action is necessary to confirm to the law or comply with legal process or otherwise protect or defend the rights or property of Unanet.
- Corporate Restructuring: In connection with any actual or contemplated merger, sale of company assets, financing or acquisition, or diligence related to any such restructuring, or in any other situation where personal information may be disclosed or transferred as one of the business assets of Unanet.
Unanet may also share information about you in aggregated or anonymized form that does not directly identify you. We may create anonymized data from the personal information we receive about you and other individuals whose personal information we collect. Anonymous information might include analytics information and information collected by us using cookies. We make personal information into anonymous information by excluding information (such as your name) that makes the data personally identifiable to you. We may use this anonymous information for any lawful business purpose.
Third Party Sites and Integrations
You may share personal information with Unanet through the Services. If you provide feedback to us, we may use and disclose such feedback in our Services without any further obligation to you.
YOUR RIGHTS AND CHOICES REGARDING INFORMATION
If you are an End-User, please contact your administrator(s) to exercise any data subject rights you have under applicable local laws, including your ability to access, delete, rectify, transfer, or object under the GDPR or your rights under California law.
RETENTION OF DATA
We will retain your personal information for as long as it is required for the purposes for which you provided it to Unanet unless a longer retention period is required or permitted by law or for End-User data where the Customer Agreement requires or permits specific retention or deletion periods.
We take precautions to protect your information. When you submit sensitive information via the website, your information is protected both online and offline through industry standard encryption and secure environments.
Unfortunately, no system can be guaranteed to be 100% secure. Consequently, while we use commercially reasonable efforts to protect your personal information, we cannot completely guarantee the security of our servers, the means by which information is transmitted between your computer and our servers, or any information provided to us or to any third party. Any information that you provide to us is done so with an understanding of such risks.
INTERNATIONAL DATA TRANSFER
Your personal information may be transferred to, stored at and processed by us outside the country in which you reside, including without limitation to the United States where data protection and privacy regulations may not offer the same level of protection as in other countries. By using our Services as a Site Visitor, you agree to this transfer, storing, or processing of personal information outside the United States if required to provide access to the Services. You acknowledge and agree that such transfer is necessary to perform the terms of the contract between you and Unanet.
For Customers and End-Users, we implement adequate transfer mechanisms for the transfer of data to the United States.
Unanet reserves the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will post the updated notice on the site and update the notice’s effective date. Your continued use of the Services following the posting of changes or, if applicable, following any legally required notice, constitutes your acceptance of such changes.
Local legal requirements (such as those in the EU) may permit you to request that we:
- Opt-out. You may request that we opt you out of certain processing of your information as required by applicable law, including without limitation: (i) direct marketing communications; (ii) sensitive personal data; (iii) any new processing of your personal information that we may carry out beyond the original purpose; or (iv) the transfer of your personal data outside the EEA, to the extent applicable to you. Please note that your use of the Services may be ineffective upon opt-out.
- You may request access to the information we hold about you via your profile/account or by contacting us directly.
- You may request to update or correct any inaccuracies in your personal information.
- Your may request to move your personal information to another service provider.
- Erase and forget. In certain situations, for example when the information we hold about you is no longer relevant or is incorrect, you can request that we erase or delete your personal information.
If you wish to exercise any of these rights, please contact us using the details below. In your request, please make clear: (i) what personal data is concerned; and (ii) which of the above rights you would like to enforce. For your protection, we may only implement requests with respect to the personal data associated with the particular email address that you use to send us your request, and we will need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable and in compliance with applicable privacy laws. Please note certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests (such as to complete your transaction) or to comply with a legal obligation or for certain recordkeeping purposes.
You may instruct us not to use your contact information to contact you by email, postal mail, or phone regarding products, services, promotions and events that might appeal to your interests by contacting us at the details below. In commercial email messages, you can also opt out by following the instructions located at the bottom of such emails. We may still use and share certain information as permitted by this Policy or as required by applicable law. You may not opt out of certain transactional, operational or service-related emails.
Our Services are not directed to children under the age of 16. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us using the details below. We will delete such information from our files as soon as reasonably practicable.
HOW TO CONTACT US
Unanet welcomes your comments regarding this privacy statement. If you believe that Unanet has not adhered to this privacy statement, or to gain access to and control over information, please contact us by e-mail at firstname.lastname@example.org, and we will use commercially reasonable efforts to promptly determine and remedy the problem. Under certain conditions, you may be eligible to invoke binding arbitration.
Unanet’s corporate headquarters are located at:
22970 Indian Creek Drive
Dulles, VA 20166
CCPA PRIVACY NOTICE FOR CALIFORNIA RESIDENTS
PRIVACY NOTICE FOR CALIFORNIA RESIDENTS
INFORMATION WE COLLECT.
From Customers. Our Services may also collect such personal information from consumers who are End-Users. In such case, Unanet is a service provider acting on behalf of such Customer for the purpose of providing access to the Unanet Services as ordered and subscribed to by the Customer. Such processing activities are governed by the Customer Agreement.
The Unanet Services have collected the following categories of personal information from its consumers within the last twelve (12) months:
|A. Identifiers.||A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers.|
|B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).||A name, signature, address, telephone number, employment, employment history.
Some personal information included in this category may overlap with other categories.
|C. Internet or other similar network activity.||Browsing history, search history, information on a consumer’s interaction with a website, or application.|
|D. Geolocation data.||General location.|
|E. Professional or employment-related information.||Current employment information.|
Personal information does not include:
- Publicly available information from government records.
- De-identified or aggregated consumer information.
- Other information excluded from the scope of the CCPA.
USE OF PERSONAL INFORMATION; BUSINESS PURPOSE
SHARING PERSONAL INFORMATION; CATEGORIES OF THIRD PARTIES.
DISCLOSURES OF PERSONAL INFORMATION FOR A BUSINESS PURPOSE
In the preceding twelve (12) months, Company may have disclosed the following categories of personal information for a business purpose:
- A. Identifiers.
- B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).
- C. Internet or other similar network activity.
- D. Geolocation data.
- E. Professional or employment-related information.
Unanet may disclose your personal information for a business purpose to the following categories of third parties:
YOUR RIGHTS AND CHOICES
The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
Access to Specific Information and Data Portability Rights.
You have the right to request that Unanet disclose certain information to you about our collection and use of your personal information over the past 12 months.
Deletion Request Rights.
You have the right to request that Unanet delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is permitted under one or more of the statutory exceptions under the CCPA.
Exercising Your Rights.
If you are an End-User, please contact your administrator(s) to exercise any rights and choices you might have.
If you are a Site Visitor, to exercise the access and deletion rights described above, please submit a verifiable consumer request to us by either:
- Calling us at 888-305-1510
- Emailing email@example.com.
Only you, your authorized agent or an entity registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.
The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response electronically.
Personal Information Sales Opt-Out and Opt-In Rights
You may opt-out of the sale of your personal information, as defined under the CCPA, by completing the “Do Not Sell My Personal Information” form, available here.
We will not discriminate against you for exercising any of your CCPA rights.
Other California Privacy Rights
California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Services that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. Unanet does not disclose personal information to third parties for their direct marketing purposes. For more information, please send an email to firstname.lastname@example.org.
CHANGES TO OUR PRIVACY NOTICE.
Unanet reserves the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will post the updated notice on the Website and update the notice’s effective date. Your continued use of the Services following the posting of changes, or if applicable, following legally required notice, constitutes your acceptance of such changes.
INTERNATIONAL TERMS FOR RESIDENTS IN THE EUROPEAN ECONOMIC AREA (“EEA”), UNITED KINGDOM (“UK”) OR SWITZERLAND
By accessing the Site and/or using the Services, you acknowledge that personal information will be processed in countries outside of the EEA.
Unanet recognizes that the Court of Justice of the European Union ruled in July 2020 that a certification under the EU-U.S. Privacy Shield Framework can no longer serve as the basis by which entities subject to the GDPR export Personal Information to the United States. We will continue to honor our obligations to comply with the Privacy Shield Principles with respect to Personal Information that was transferred pursuant to the Privacy Shield Framework.
Unanet commits to cooperate with EU data protection authorities (DPAs) and comply with the advice given by such authorities with regard to human resources data transferred from the EU in the context of the employment relationship. Unanet is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).