We’re committed to the security of our customers’ data and provide multiple layers of protection for the personal data and business information you entrust to iUNU. These include:
You control access
As our customer, you have the flexibility to invite users into your account to collaborate on your data, and the person that holds the administrative privileges has control over who has access and what they are able to do. If you choose to administer these privileges, our customer support staff cannot access your information unless you invite them to help.
User authentication
We provide standard access to our software-as-a-service through a login and password. In addition, you have the option of using two-step authentication (using a unique code sent by text or generated by a separate authenticator app on your smartphone) for your account. This provides a second level of security and reduces the risk of your account being accessed if your password is compromised.
Data encryption
We encrypt all data that goes between you and our servers using industry-standard TLS (Transport Layer Security), protecting your personal and business data. Your data is also encrypted at rest when it is stored on our servers, and encrypted when we transfer it between data centers for backup and replication.
Data Segregation
We keep user data and customer-specific information separate from “crop data” that we gather from our customer’s business operations, thus minimizing access to users who do not have a “need to know.”
Network protection
We take a “defense in depth” approach to protecting our systems and your data. Multiple layers of security controls protect access to and within our environment, including firewalls, protection from intrusion, and network segregation. Our security services are configured, monitored, and maintained according to industry best practice. We utilize industry-leading data storage vendors and their security systems to leverage their expertise and global threat intelligence to protect our systems and your data. Secure data centers Our cloud services are hosted on enterprise-grade hosting facilities that employ robust physical security
controls to prevent physical access to the servers they house. These controls include 24/7/365 monitoring and surveillance, on-site security staff, and regular ongoing security audits. We maintain multiple geographically separated data replicas and hosting environments to minimize the risk of data loss or outages.
Security monitoring
Our support team continuously monitors security systems, event logs, notifications, and alerts from all systems to identify and manage threats.
By accessing our websites and using our services, you explicitly accept, without limitation or qualification, our practices surrounding the collection, use, and sharing of personal data provided by you or others in the manner described in this Privacy Notice. If you disagree with this, please do not access our websites or use our services.
I. Scope of This Privacy Notice
This Privacy Notice describes the types of personal data that we (and by this we mean iUNU, Inc. and all its wholly owned subsidiaries) collect from you or from others when you access, view, and interact with our websites, when you use our software-as-a-service (no matter how you access it), or when you attend our online or in-person events and trainings (we refer to all of this as our “services”).
When we refer to “personal data,” we mean identifiable information about you, like your name, employer, job title, email, address, telephone number, bank account details, payment information, support queries, community comments, and so on. If you can’t be identified (including when personal data has been aggregated and anonymized), then this notice doesn’t apply. Our Terms of Use (along with any applicable services agreement that we enter into with a customer) describes our obligation with respect to data that is not personal data.
We may need to update this notice from time to time. If we make a significant change, we will notify you ahead of time, typically by email.
II. We Collect Personal Data
We collect personal data from or about you in the following general ways:
Information you provide to us directly: When you visit our websites or use our services, we might ask you to provide personal data to us. For example, we collect information when you sign up for an account, respond to a job application or an email offer, participate in community forums, join us on social media, take part in training and events, contact us with questions, or request support. If you don’t want to provide us with personal data, you don’t have to, but it might mean you can’t use some parts of our websites or services.
Information we collect automatically:
We collect some information about you automatically when you visit our websites or use our services, like your IP address and device type. We also collect information when you navigate through our websites and services, including what pages you looked at and what links you clicked on.2This information is useful for us as it helps us get a better understanding of how you’re using our websites and services so that we can continue to provide the best experience possible (e.g., by personalizing the content you see).
Some of this information is collected using cookies and similar tracking technologies. If you want to find out more about cookies and how you can control them, take a look at, for example, http://www.allaboutcookies.org.
Information we get from our customers and other third parties: The majority of information we collect, we collect directly from you or from a customer who has authorized you to use our services on its behalf. Sometimes we might collect personal data about you from other sources, such as from publicly available materials or trusted third parties like our marketing and research partners. We use this information to supplement the personal data we already hold about you, in order to better inform, personalize, and improve our services, and to validate the personal data you provide.
If we don’t collect your personal data, we may be unable to provide you with all our services, and many functions and features on our websites may not be available to you.
III. We Use Personal Data
We use your personal data primarily to operate our websites and to provide the services you or a customer requests, and to manage our relationship with you. We also use your personal data for other purposes, which may include the following:
To communicate with you, such as:
• providing you with information you’ve requested from us (like training or education materials) or information we are required to send to you;
• operational communications, like changes to our websites and services, security updates, or assistance with using our websites and services;
• marketing communications (about our services or another product or service we think you might be interested in) in accordance with your marketing preferences; and
• asking you for feedback or to take part in any research we are conducting (which we may engage a third party to assist with).
To support you:
This may include assisting with the resolution of technical support issues or other issues relating to the websites or services, whether by email, in-app support, or otherwise. To enhance our websites and services: We may track and monitor your use of websites and services so we can keep improving; or we may conduct a technical analysis so that we can optimize user experience and provide more efficient tools.
To protect:
We may use personal data so that we can detect and prevent any fraudulent or malicious activity, and to make sure that everyone is using our websites and services fairly and in accordance with our terms of use.
To analyze, aggregate, and report: We may use the personal data we collect about you and other users of our websites and services (whether obtained directly or from third parties) to produce aggregated and anonymized analytics and reports, which we may share publicly or with third parties.
IV. We Share Personal Data
There will be times when we need to share your personal data with third parties. We will only disclose your personal data to:
• other companies in the iUNU group of companies;
• customers with whom you are affiliated and who have granted you the right to access and use our services on their behalf;
• third party service providers and partners who assist and enable us to use the personal data to, for example, support delivery of or provide functionality on the website or services, or to market or promote our goods and services to you;
• regulators, law enforcement bodies, government agencies, courts or other third parties where we think it’s necessary to comply with applicable laws or regulations, or to exercise, establish or defend our legal rights (where possible and appropriate, we will notify you of this type of disclosure);4• an actual or potential buyer (and its agents and advisers) in connection with an actual or proposed purchase, merger, or acquisition of any part of our business; and
• other people where we have your consent.
V. We Aim to Safeguard Personal Data
We take every reasonable measure and precaution, consistent with standard industry practices, to protect and secure your personal data from unauthorized access, alteration, disclosure, or destruction. For more information, please view our page on Security Assurance. If you believe for any reason that your personal data is no longer secure, please notify us immediately by
sending an email to privacy@iunu.com.
VI. We Retain Personal Data as Long as Necessary
The length of time we keep your personal data depends on what it is and whether we have an ongoing business need to retain it (for example, to provide you with a service you’ve requested or to comply with applicable legal, tax, or accounting requirements).
We’ll retain your personal data for as long as we have a relationship with you and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policies and practices. Following that period, we’ll make sure it’s deleted or anonymized.
VII. You May Have Certain Rights Concerning the Personal Data We Collect
It’s your personal data and you may have certain rights relating to it. When it comes to marketing communications, you can always ask us not to send these to you by following the unsubscribe instructions contained in the marketing communication, or by sending a request to privacy@iunu.com.
You also may have the right under applicable law to:
• know what personal data we hold about you, and to make sure it’s correct and up to date;
• request a copy of your personal data, or ask us to restrict processing your personal data or delete it; and
• object to our continued processing of your personal data.
You may exercise these rights by sending an email to us at privacy@iunu.com. If you’re someone who doesn’t have a relationship with us, but believe nonetheless that a customer or other user has given us your personal data, you’ll need to contact that customer or user directly for any questions you may have.
VIII. You May Contact Us.
We’re always keen to hear from you. If you’re curious about what personal data we hold about you or you have a question or feedback for us on this notice, our websites or services, please get in touch. As a technology company, we prefer to communicate with you by email – this ensures that you’re put in contact with the right person, in the right location, and in accordance with any regulatory time frames. Our email is privacy@iunu.com