Privacy Policy

Unify is operated by Unify. For the purposes of applicable data protection law we are the data controller of your personal information.

For the purposes of applicable data protection law — including the EU General Data Protection Regulation (GDPR) 2016/679 and, where applicable, the UK GDPR — we are the data controller of your personal information.

Contact: sam@unify.onl

We collect the following categories of personal data:

• Contact information — your name, email address, company name, job title, and any details you voluntarily share when you book a call, submit a form, or email us.
• Usage data — pages visited, time on site, browser type, device type, and IP address, collected automatically via analytics cookies only if you have given explicit prior consent.
• Communications — emails, call notes, and follow-up correspondence related to a potential or active engagement.
• Demo and project data — business data (such as support tickets, CRM records, lead logs, or account data) shared under a Non-Disclosure Agreement (NDA) for the sole purpose of building a demo AI agent. This data is handled under strict confidentiality, with access restricted to the Unify team members working directly on your project, and is deleted within 30 days of the end of the demo unless a full engagement is agreed in writing.

We use your personal data to:

• Respond to enquiries and schedule discovery calls
• Deliver our services and manage client engagements
• Send project-related communications
• Send marketing communications only where you have given explicit consent
• Understand and improve website performance (analytics, only with your consent)
• Comply with our legal obligations under applicable law

We process your personal data under the following legal bases (Article 6, EU GDPR / UK GDPR):

We use cookies to make the site function and, only with your explicit prior consent, to understand how visitors use it. No analytics cookies are set before you have consented via our cookie banner.

You can manage your cookie preferences at any time via the cookie banner or our Cookie Policy. Withdrawing consent does not affect the lawfulness of processing that took place before withdrawal.

We may share data with the following trusted third parties, strictly where necessary:

We do not sell your personal data to any third party. We do not use your data for advertising or profiling.

Our primary operations are based in Romania (EU). Where personal data is transferred to third countries — in particular the United States — we ensure that adequate safeguards are in place in accordance with Chapter V of the EU GDPR, specifically through the use of Standard Contractual Clauses (SCCs) approved by the European Commission.

For users in the United Kingdom, transfers outside the UK are governed by the UK GDPR and the UK's International Data Transfer Agreement (IDTA) or equivalent safeguards.

We retain your personal data only for as long as necessary:

• Contact and enquiry data — up to 3 years from last contact, or until you request deletion
• Client engagement data — duration of engagement plus up to 5 years, in line with statutory obligations
• Demo data provided under NDA — deleted within 30 days of the end of the demo, unless a full engagement begins
• Analytics data — in accordance with Google Analytics default retention settings (maximum 26 months), only if you consented

Depending on your location, you have the following rights under applicable data protection law:

• Access — request a copy of the personal data we hold about you
• Correction — ask us to correct inaccurate or incomplete data
• Deletion — ask us to erase your personal data (“right to be forgotten”)
• Restriction — ask us to restrict processing in certain circumstances
• Objection — object to processing based on legitimate interests
• Portability — receive your data in a structured, machine-readable format
• Withdraw consent — withdraw consent at any time where processing is based on consent

To exercise any of these rights, email sam@unify.onl. We will respond within one month of receiving your request (Article 12 GDPR). This period may be extended by a further two months where necessary, in which case we will notify you.

If you are unhappy with how we handle your personal data, you have the right to lodge a complaint with the relevant supervisory authority:

• Romania / EU: Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP) — www.anspdcp.ro
• United Kingdom: Information Commissioner's Office (ICO) — ico.org.uk

We would appreciate the opportunity to address your concerns before you approach a supervisory authority. Please contact us first at sam@unify.onl.

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, alteration, or disclosure. All data transfers are encrypted in transit. Demo project data is handled under NDA with access restricted to directly involved team members.

Where we build AI agents as part of our services, these agents may process personal data provided by the client (our business customer) as part of the agreed scope of work. In this context:

• Unify acts as a data processor on behalf of the client (who is the data controller) in relation to end-user data
• Any automated processing of personal data is governed by the Data Processing Agreement (DPA) entered into with the client
• We do not make solely automated decisions about individuals that produce legal or significant effects without appropriate human oversight

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date and, where changes are material, notify you by email if we hold your contact details.

For any questions about this Privacy Policy, to exercise your rights, or to request a copy of our Data Processing Agreement (DPA):

sam@unify.onl

Unify
sam@unify.onl