Close

Privacy Notice

We are the Unily Group which is a group of companies with our UK head office at First Floor, The Granary Abbey Mill Business Park, Lower Eashing, Godalming, Surrey, GU7 2QW. The relevant members of the Unily Group are listed in the section named “Unily Group” below .

When we use the terms “Unily Group”, or “we”, “us” or “our” throughout this Privacy Notice they refer to the relevant Unily Group entity, as applicable.

The Unily Group

The Unily Group is made up of: (1) Unily Group Limited (company number 08804209) whose registered address is at First Floor, The Granary Abbey Mill Business Park, Lower Eashing, Godalming, Surrey, GU7 2QW; (2) Unily Limited whose registered address is at The Granary, Abbey Mill Business Park, Eashing, Surrey, GU7 2QW; (3) Unily Inc. whose registered office is at 31 Bond Street, New York, NY, 10012; and (4) Unily Australia Pty Ltd whose registered address is at Suite 2, Level 1, 9-11 Grosvenor Street, Neutral Bay NSW 2089, Australia. This list may be updated if there are changes to the Unily Group.

Scope of this Privacy Notice

This notice informs you about how Unily Group collects and processes your personal information when you visit our website, or when you engage with us as an existing or potential supplier or customer. It also applies when we use and share data related to our business contacts. It's important to read this notice carefully to understand how Unily Group may use your personal information and your rights regarding it.

This Privacy Notice does not apply when we process personal data as a service provider or processor on behalf of our customers. Our customers are the controllers of the personal data of their staff in this case, including when we offer the Unily platform to our customers as a service. You should contact the controller directly for privacy information in this instance.

If you are an employee, contractor or otherwise engaged in work for us or applying to work for us, a separate privacy notice applies to you instead. We do not knowingly collect personal data relating to children.

Categories of personal data we collect

The categories of personal data about you that we may collect, use, store, share and transfer are:

Individual data

This includes personal data which relates to your identity, such as your first name, middle name, last name, username or similar identifier, job title and your contact details such as your billing address, delivery address, email address and telephone numbers;

Advertising data

This includes personal data which relates to your advertising preferences, such as information about your preferences in receiving marketing materials from us and our third parties and your communication preferences as well as your personal interests;

Information technology data

This includes personal data related to your use of our website or our emails, collected through the use of cookies, web beacons, pixels, or similar technologies. Data types may include your internet protocol (IP) address, login data, email links clicked on, traffic data, weblogs, and other communication data, as well as information about your browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technologies on the devices you use to access our website or emails;

Economic and financial data

This includes personal data which relates to your finances, such as your bank account and payment card details and information which we collect from you for the purposes of the prevention of fraud;

Sales data

This includes personal data which relates to the transactions you have conducted with us, such as details about payments to and from you, details of subscriptions to our services or publications and other details of products and services you have purchased from us;

Visual data

This includes personal data which is gathered using our CCTV, by any photographers appointed by us or through other recording systems in the form of images, video footage and sound recordings that is taken at any of our locations (including at any of our events) or virtually (e.g. during phone calls and online meetings) and; otherwise by us for promotional purposes (such as for the purposes of promoting our future events via our website);

Health data

This includes personal data which is gathered for health and safety purposes including any accident report or claim.  We treat this data as sensitive information and will only collect it if you consent and the information is reasonably necessary for one or more of our functions or activities; and

Market research data

This includes personal data which is gathered for the purposes of market research.

We may also create personal data about you, for example, if you contact us by telephone to make a complaint, for example about our services, then we may make a written record of key details of the conversation so that we can take steps to address the complaint.

We also obtain and use certain aggregated data such as statistical or demographic data for any purpose (“Aggregated Data”). Aggregated Data may be derived from your personal data but does not directly or indirectly reveal your identity. For example, we may aggregate your Information Technology Data to calculate the percentage of users accessing a specific feature on our website. However, if we re-combine or re-connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Privacy Notice.

In addition, in rare circumstances we may obtain certain special categories of your data (“Special Categories of Data”), and this Privacy Notice specifically sets out how we may process these types of personal data. The Special Categories of Data are: (i) personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership; and (ii) the processing of genetic data, biometric data for the purposes of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. We treat this data as sensitive information and will only collect it if you consent and the information is reasonably necessary for one or more of our functions or activities.

The sources from which we obtain your data

We obtain your personal data from the following sources:

Directly from you, either in person (at our locations, at our events or otherwise), via our website, apps or by telephone or via hand held PDAs. This could include personal data which you provide when you:

  • Download a piece of content
  • Register for or attend an event
  • Subscribe to our communications
  • Request information on our products or services
  • Create an account on our website
  • Place an order for our products or services
  • Enter into a competition or promotion
  • Complete a survey from us or give us feedback

Automated technologies, such as CCTV or other recording systems, cookies, server logs and other similar technologies. We may automatically collect Information Technology Data about your equipment, browsing actions and patterns by using cookies, server logs and other similar technologies. We may also receive Information Technology Data about you if you visit other websites or apps employing our cookies.

Third parties

  • Analytics providers (such as Google Analytics)
  • Advertising networks (such as Facebook, Linkedin, Google Adwords)
  • Data brokers or aggregators (such as Electric Marketing and DiscoverOrg)
  • Providers of social media platforms (such as Facebook, Twitter, LinkedIn, Google+ and Instagram) for example where you share our content through social media, for example by liking us on Facebook, following or tweeting about us on Twitter.

Publicly available sources

  • Companies House
  • HM Land Registry

How we use your personal data and our lawful basis for using it

Where we are relying on a basis other than consent we may rely on one or more of the following legal bases when processing your personal data. We have set out below the purposes for which we may process your personal data:

Purposes for which we process your personal data

Categories of personal data

The basis on which we can do this (this is what the law allows)

To register you as a new customer and process your order.

  • Individual Data
  • Economic and Financial Data
  • Account and Profile Data

The processing is necessary

  • To Perform a contract with you
  • For our legitimate interest in the provision of services to our customers

In order to perform our contractual obligations to you. This would include:

  • Processing and performing any bookings and order placed by you
  • Orders placed by us where you are a supplier
  • Making or receiving payments, fees and charges
  • Collecting and recovering money owed
  • Individual Data
  • Economic and Financial Data
  • Account and Profile Data
  • Sales Data

The processing is necessary

  • To perform any contract entered into with you
  • Our legitimate interest in recovering debts owed to us

In order to comply with our own legal obligations, e.g. health and safety legislation, or to assist in an investigation (e.g. from the police).

  • Individual Data
  • Visual Data
  • Health Data

The processing is necessary

  • For us to comply with the law
  • In order to protect the vital interests of an individual

In order to use your personal data in life or death situations and there is no time to gain your consent (e.g. in the event of an accident or illness or injury or some other related emergency or to record any accident or injury or other incident you may suffer when visiting any of our locations or we have to give your personal details to medical personnel).

  • Individual Data
  • Health Data

The processing is necessary

  • For us to comply with the law
  • In order to protect the vital interests of an individual
  • Defence and legal proceedings

In order to manage our relationship with you including:

  • To send you important notices such as communications about changes to our terms and conditions and policies (including this Privacy Notice)
  • To provide you with important real-time information about products or services you have ordered from us (e.g. a change of time or location due to unforeseen circumstances)
  • To send you information you have requested
  • To deal with your enquiries
  • To ask you to leave a review or feedback on us
  • To use our third party processors to help us to administer and carry out the contract and our relationship with you
  • Individual Data
  • Account and Profile Data
  • Sales Data
  • Advertising and Marketing Data

The processing is necessary:

  • To perform any contract entered into with you
  • For our legitimate interests in the management and operation of our business, to keep our records updated and to study how customers use our products/services

In order to administer, protect, and maintain Unily's business and website, deal with any misuse of our services, and comply with our security policies, including but not limited to troubleshooting, security testing and investigating, detecting, and preventing suspicious activity, fraud, and cybercrime that may affect Unily or its services.

  • Individual Data
  • Account and Profile Data
  • Visual Data
  • Information and Technology Data
  • Economic Data

The processing is necessary:

  • For our legitimate interest in provision of administration of our business and IT services, network security, to prevent fraud
  • Necessary to comply with the law

In order to make suggestions and recommendations to you about our services or upcoming events that may be of interest to you, deliver relevant website and app content and advertisements to you and to measure or understand the effectiveness of our advertising.

  • Individual Data
  • Sales Data
  • Information and Technology Data
  • Advertising and Marketing Data
  • Visual Data
  • The processing is necessary for our legitimate interests to study how guests use our products/services, to develop our products and services and ensure our marketing is relevant to you, to grow our business and to inform our marketing strategy
  • We have obtained your consent where relevant

For internal purposes to use data analytics, to identify usage trends, determine and measure the effectiveness of promotional campaigns and advertising and to improve our website, products/services, marketing, customer relationships and experiences.

  • Individual Data
  • Information and Technology Data
  • Advertising and Marketing Data
  • Market Research Data
  • Visual Data

The processing is necessary for our legitimate interests in defining types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy.

To communicate with you and other existing or potential customers about, and administer participation in, special events, programs, promotions, any prize draws or competitions.

  • Individual Data
  • Account and Profile Data
  • Sales Data
  • Information and Technology Data
  • Advertising and Marketing Data
  • Visual Data

The processing is necessary for our legitimate interests to promote our business.

To set strictly necessary and optional cookies, web beacons, pixels, and other tracking technologies on our website and in our marketing emails, as set out in our Cookie Notice.

Information and Technology Data;

 

  • We have obtained your consent (where such cookies are not strictly necessary); or
  • The processing is necessary for our legitimate interests in ensuring that our website is able to function correctly (where such cookies are strictly necessary)

To sell, make ready for sale or dispose of our business, in whole or in part including to any potential buyer or their advisers, or in relation to any refinancing.

  • Individual Data
  • Account and Profile Data
  • Sales Data
  • Information and Technology Data
  • Advertising and Marketing Data
  • Economic and Financial Data

The processing is necessary for our legitimate interests in the sale or disposal of our business or assets and in the context of a business reorganisation or group restructuring exercise

In order to enforce or apply our terms of use, terms and conditions of supply and other agreements with third parties.

  • Individual Data
  • Account and Profile Data
  • Sales Data
  • Economic and Financial Data

 

 

 

The processing is necessary for our legitimate interests in protecting our business and property and recovering debts owed to us.

Where we may rely on consent

We would like to use your personal data for a variety of different purposes. For some of these purposes it is appropriate for us to obtain your prior consent. This may include where your personal data is sensitive information or where, with your permission, we record phone calls and online meetings that take place with our customers and business contacts for purposes including analytics, quality control, internal coaching, and record-keeping. The legal basis of consent is only used by us in relation to processing that is entirely voluntary – it is not used for processing that is necessary or obligatory in any way. Where we rely on consent, you may at any time withdraw the specific consent you give to our processing your personal data by contacting us at any time using the contact details set out here or following the instructions provided in the applicable consent request form.

In Australia, for sensitive information, consent is not required where the information is required or authorised by or under an Australian law or a court/tribunal order; or collection is permissible as a where a permitted general or health situation exists (as those terms are defined in the Australian Privacy Act).

Please note even if you withdraw consent for us to use your personal data for a particular purpose we may continue to rely on other bases to process your personal data for other purposes.

Who receives your personal data

We may disclose your personal data to:

  • Member of the Unily Group and affiliates
  • Third party data processors who may process data on our behalf to enable us to carry out our usual business practices. Any such disclosure will only be so that we can process your personal data for the purposes set out in this Privacy Notice
  • Our IT, system administration and hosting providers such as Microsoft
  • Our PR agencies, and customer feedback providers
  • Our market research agencies and data enrichment providers
  • HMRC, legal and other regulators or authorities, including those who lawfully request your personal data or to report any potential or actual breach of applicable law or regulation
  • External professional advisers such as accountants, bankers, insurers, auditors and lawyers
  • Law enforcement agencies, courts or other relevant party, to the extent necessary for the establishment, exercise or defence of legal rights
  • Third parties where necessary for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties
  • Third parties which are considering or have decided to acquire some or all of our assets or shares, merge with us or to whom we may transfer our business (including in the event of a reorganisation, dissolution or liquidation)
  • Third parties operating plugins or content (such as Facebook, Twitter and Instagram) on our website or app which you choose to interact with
  • Suppliers and subcontractors for the performance of any contract we enter into with them or you

Personal data about other people which you provide to us

If you provide personal data to us about someone else (such as one of your directors or employees, or someone with whom you have business dealings) you must ensure that you are entitled to disclose that personal data to us and that, without our taking any further steps, we may collect, use and disclose that personal data as described in this Privacy Notice.

You must ensure the individual concerned is aware of the various matters detailed in this Privacy Notice, as those matters relate to that individual, including our identity, how to contact us, the way in which we collect and use personal data and our personal data disclosure practices, that individual's right to obtain access to the personal data and make complaints about the handling of the personal data, and the consequences if the personal data is not provided.

Accuracy of your personal data

It is important that the personal data we hold about you is accurate and current and we take all reasonable precautions to ensure that this is the case but we do not undertake to check or verify the accuracy of personal data provided by you. Please keep us informed if your personal data changes during your relationship with us by contacting your relevant internal point of contact or by using the details available here. We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.

International transfers of your personal data

As our business operates globally, your personal data will routinely be shared within the Unily Group outside of the UK and EEA, including in the USA and Australia. We have an intra-group data transfer agreement in place which regulates cross-border transfers of your personal data within the Unily Group.

We may also use international suppliers and service providers (the categories of which are available under 'Who receives your personal data'), whose personnel or systems may be located outside of the UK and EEA, resulting in the transfer of your personal data to third countries. In these cases, we will take steps to ensure that your personal data receives an adequate level of protection, such as entering into appropriate data transfer agreements incorporating standard contractual clauses or an alternative mechanism for the transfer of data as approved by the information Commissioner’s Office (“ICO”) and/or European Commission or other applicable regulators or legislators. For transfers of personal data between the UK and EEA, we rely on mutual adequacy decisions.

have a right to request a copy of any data transfer agreement under which your personal data is transferred, or to otherwise have access to the safeguards used by contacting us. Any data transfer agreement made available to you may be redacted for reasons of commercial sensitivity. 

How long we will store your personal data for

We may retain your personal data for a period of time consistent with the original purpose of collection (see "how we use your personal data") or as long as required to fulfil our legal obligations. We determine the appropriate retention period for personal data on the basis of the amount, nature, and sensitivity of the personal data being processed, the potential risk of harm from unauthorised use or disclosure of the Personal Data, whether we can achieve the purposes of the processing through other means, and on the basis of applicable legal requirements (such as applicable statutes of limitation).

After expiry of the applicable retention periods, your personal data will be deleted.

For more information on data retention periods, please contact us by using the "how to contact us" information below.

Contractual or statutory requirements on you to provide personal data

In certain circumstances the provision of personal data by you is a requirement to comply with the law or a contract, or necessary to enter into a contract.

It is your choice as to whether you provide us with your personal data necessary to enter into a contract or as part of a contractual requirement. If you do not provide your personal data then the consequences of failing to provide your personal data is that we may not be able to perform to the level you expect under any contract with you. An example of this would be where we are unable to provide you with essential information around the service we offer you or confirmation of event registration as we do not have your full details, or where we cannot perform our contract with you at all because we rely on the personal data you provide in order to do so. Please see our terms and conditions for further details.

Your rights in relation to your personal data

Subject to applicable data protection laws, in addition to your ability to withdraw any consent you have given to our processing your personal data (as set out in "Where we may rely on consent"), you may have a number of rights in connection with the processing of your personal data, including:

  • The right to request access to your personal data that we process or control
  • The right to request rectification of any inaccuracies in your personal data or, taking into account the purposes of our processing, to request that incomplete data is completed
  • The right to request, on legitimate grounds as specified in law
  • Erasure of your personal data that we process or control; or
  • Restriction of processing of your personal data that we process or control
  • The right to object, on legitimate grounds as specified in law, to the processing of your personal data
  • The right to receive your personal data in a structured, commonly used and machine-readable format and to have your personal data transferred to another controller, to the extent applicable in law

If you would like to exercise any of the rights set out above, please contact us using the details set out below in "How to contact us"

Unily Group as joint controllers of your personal data

Each of the Unily Group controls personal data about our business contacts. This means that they are each responsible for ensuring that the personal data is used fairly and lawfully. The group companies often act jointly with one or more of the other group companies when making decisions about your personal data. In particular, they make joint decisions when sharing personal data with each other.

Our members of staff work across the Unily Group so, where our group companies make decisions jointly, those members of staff will ensure that each company involved complies with data protection rules. We have an intra-group data sharing agreement in place to cover this arrangement. We also have designated one point of contact should you have any questions or wish to exercise any of your rights in respect of your personal data, as set out below.

How to contact us

We have appointed a Data Protection Officer to oversee Unily’s data protection compliance. To exercise any of your rights regarding your personal data, or if you have questions regarding this Privacy Notice or our privacy practices, please contact our Data Protection Officer at [email protected].  

Marketing preferences

If you wish to opt out at any time from receiving marketing correspondence from us or to alter your marketing preferences you can do so by clicking on the “unsubscribe” link located on the bottom of Unily marketing emails, or by contacting [email protected].

EU representative contact details

We have appointed EU Rep as our Representative under Article 27 of the EU General Data Protection Regulation (“EU GDPR”). All EU GDPR queries from EU Data Subjects or Data Protection authorities should be submitted to eurep.ie via their dedicated form. BizLegal Limited trading as EU Rep have their registered office at 27 Cork Road, Midleton Co. Cork, Ireland. Company number 635921

Right to submit a complaint

We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, and you are located in the European Economic Area or the United Kingdom, you have the right to lodge a complaint with the competent supervisory authority.

If you reside in the United Kingdom, the independent UK Supervisory Authority is the Information Commissioner’s Office. You may raise a complaint by visiting their website here.

If you reside in a country that is a member of the European Union or that is in the EEA, you may find the contact details for your appropriate data protection authority on the following website.

California and Virginia Privacy Rights

Unily Group has adopted this section to comply with the additional state-specific privacy disclosures required by the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively “CCPA”) and the Virginia Consumer Data Protection Act (“VCDPA”).

The CCPA applies solely to residents of the State of California and the VCDPA applies solely to the residents of the State of Virginia (collectively “Consumers”).

Certain exceptions and limitations may apply to a Consumer’s rights and Unily Group’s obligations under the CCPA and VCDPA.

Personal information collected

Unily Group has collected the following categories of personal information from Consumers within the last twelve (12) months:

  • Identifiers, such as real name, alias, online identifier, IP address, email address, or other similar identifiers
  • Personal information as described in subdivision (e) of Section 1798.80 of the California Civil Code, such as bank details or other payment information
  • Internet or similar network activity, such as browsing history, search history, interactions with a website, application, or advertisement
  • Geolocation data, such as physical location or movements which may in some cases constitute precise geolocation information, such as the location of your device or computer
  • Characteristics of protected classifications under California or US federal law, such as age, race, or gender, for example if we conduct user surveys
  • Commercial information, such as purchase activity
  • Professional or employment-related information, for example data you may provide about your business

Sources for the consumer personal information we collect

We collect the personal information described above from the following sources:

  • Directly from you when you leave a comment or use other interactive features on our website or communicate with us, fill out a form, or submit an inquiry, use our services, interact with us through the website
  • Indirectly from you as information we collect automatically from your use of the website; and
  • Third parties, as described in more detail below

Use of consumer personal information

Depending on your interactions with Unily Group, we may use or disclose the CA Personal Information we collect about you for one or more of the following business purposes:

  • To provide you with our services, which includes, but is not limited to, communicating with you, maintaining accurate records, and personalizing your experience with the service
  • To improve our services by analyzing how website visitors access and use our services, both on an aggregated and individualized basis
  • For our direct marketing efforts, such as sending you news, newsletters, email marketing material, targeted advertising, and, if you have provided us with prior express written consent to receive marketing messages via telephone, text messages or calls; and
  • For other purposes as permitted by law, such as complying with a law, regulation, legal process or court order, or fulfilling any other purpose with your consent

We will not collect additional categories of personal information or use the personal information we collect for materially different, unrelated, or incompatible purposes without notifying you.

Disclosing personal information

Unily Group may have disclosed personal information for a business purpose to the following categories of third parties:

  • Law enforcement, regulatory and other governmental agencies
  • Business partners
  • Parent entities, affiliates and subsidiaries; and
  • Cookie information recipients, subject to their respective privacy notices
  • In the preceding twelve (12) months, Unily Group has disclosed the following categories of Personal Information for a business purpose:
    • Identifiers
    • Personal information as described in subdivision (e) of Section 1798.80 of the California Civil Code
    • Internet or other similar network activity; and
    • Geolocation data
    • Characteristics of protected classifications under California or US federal law
    • Commercial information
    • Professional or employment-related information

No sale of personal information

Unily Group do not sell or share any personal information of consumers, as those terms are defined under the CPRA.

CPRA Sensitive Personal Information Disclosure

The categories of data that we collect and disclose for a business purpose may include “sensitive personal information” as defined under the CPRA.  We do not use or disclose sensitive personal information for any purpose not expressly permitted by the CPRA.

CPRA Retention Disclosure

We keep your personal information to enable your continued use of Unily’s services, for as long as it is required in order to fulfil the relevant purposes described in this Unily Privacy Notice, as permitted or as may be required by law, or as otherwise communicated to you.

CPRA Non-Discrimination Statement

We will not discriminate against any consumer for exercising their rights under the CPRA.

VCDPA De-identified Data Disclosure

Unily Group may use de-identified data in some instances. Unily Group either maintains such data without attempting to re-identify it or treats such data as personal data subject to applicable law.

Your rights and choices

The CCPA and VCDPA provides consumers with certain rights regarding their personal information. The following paragraphs describe your CCPA and VCDPA rights and explain how to exercise those rights.

  • Right to Disclosure: You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months
  • Right to Access: You have the right to request that we provide you with access to specific pieces of personal information we have collected about you over the past 12 months
  • Right to Deletion: You have the right to request that we delete any of your personal information that we collected from you and retained, with certain exceptions

Submit a consumer privacy request

To exercise any of the above rights, you or your authorized agent may submit a privacy request to Unily Group by email at [email protected]. Prior to responding to your request, we will need to verify your identity and the identity of your authorized agent, if applicable. If we are unable to verify your identity through reasonable means and with the information you provide, we may ask follow-up questions.

Other California privacy rights

California Civil Code sections 1798.83-1798.84 (the Shine the Light Act) entitles California residents to request disclosure regarding personal information sharing with affiliates and/or third parties for marketing purposes. If you are a California resident and you would like to request a copy of this notice, please contact us at [email protected] with the subject line “Request for California Privacy Information.”

Updates to this Privacy Notice

This Privacy Notice may be updated from time to time so please check it regularly. This version of our Privacy Notice was published in October 2023 and is the most recent version.

EX Insights to your inbox

The list that everyone wants to get on. Subscribe to receive the latest insights, upcoming events, and inside scoops.