General Data Protection Regulation (GDPR)
The GDPR is a comprehensive European data protection law that provides significant data rights for protecting the privacy of natural persons residing in the EU.
UNIQUEDOC is committed to ensuring that our platform is GDPR-compliant when the regulation becomes enforceable on May 25, 2018.
How is GDPR applicable to UNIQUEDOC?
UNIQUEDOC is a global online application and has customers across the world. We respect everyone’s personal information regardless of where they live, This privacy notice is to let you know how UNIQUEDOC promises to look after your personal information. This includes what you tell us about yourself, what we learn by having you as a customer, and the choices you give us about what information you want us to send you. This notice explains how we do this and tells you about your privacy rights and how the law protects you.
You can find out more about us at https://uniquedoc.com
If you have any questions, or want more details about how we use your personal information, you can ask us using our secure online contact form
What are Data Controllers and Data Processors?
GDPR is designed to ensure protection of the privacy rights of data subjects. Data subjects are people from whom or about whom you collect information in connection with your business and its operations. Your obligations with regard to data subjects and their personal data depend on whether you’re considered a controller or a processor under GDPR.
GDPR defines a data controller as “the natural or legal person, public authority, agency or another body which, alone or jointly with others, determines the purposes and means of the processing of personal data.” In other words, if your organization processes personal data for your own organization’s purposes and needs — not merely as a service provider acting on behalf of another organization — then you are likely to be a data controller.
UNIQUEDOC is a Data Controller for our direct customers where companies provide service to our customers.
Businesses or organizations that process personal data solely on behalf of, and as directed by, data controllers are data processors. In other words, when a data controller outsources a data processing function to another entity, that other entity is generally a data processor. UNIQUEDOC does not consider itself a Data Process or for our customers.
Our Privacy Promise
- To keep your data safe and private.
- Not to sell your data.
- To give you ways to manage and review your information notification choices at any time.
What personal information does UNIQUEDOC process on behalf of its customers?
- We collect and maintain personal contact details provided by customers at registration which includes contact name, email address and company name (if a business).
- All customer data, that is, data controlled by our customers which we process according to their instructions, is appropriately classified as Confidential. We cannot identify this customer data as it is encrypted and not accessible by UNIQUEDOC staff.
How we use your personal information
Data Protection law will change on 25 May 2018. This notice sets out most of your rights under the new laws. We will update it as further changes come into effect.
How the law protects you.
As well as our Privacy Promise, your privacy is protected by law. This section explains how that works.
Data Protection law says that we are allowed to use personal information only if we have a proper reason to do so. This includes sharing it outside UNIQUEDOC. The law says we must have one or more of these reasons:
- To fulfill a contract we have with you, or
- When it is our legal duty, or
- When it is in our legitimate interest, or
- When you consent to it.
A legitimate interest is when we have a business or commercial reason to use your information. But even then, it must not unfairly go against what is right and best for you. If we rely on our legitimate interest, we will tell you what that is.
Here is a list of all the ways that we may use your personal information, and which of the reasons we rely on to do so. This is also where we tell you what our legitimate interests are.
How we use your personal information
- To manage our relationship with you or your business.
- To provide personal notifications.
- To study how our customers use our product to improve user experience.
- To provide advice or guidance about our product and services.
- To develop and manage our product.
- To manage how we work with other companies that provide service to our customers.
- To make and manage customer payments.
- To deliver our product and service.
- To collect subscription fees
- The effective management of our business, its finances, communication, governance and audit.
- To exercise our rights set out in agreement and contracts with customers and suppliers.
- Your Consent.
- Fulfilling our service to you.
- Our legitimate interests.
- Our legal duty.
- Fulfilling contracts and providing our service to you.
- Our legitimate interests.
- Our legal duty.
- Fulfilling contracts.
Our legitimate interests
- Keeping our records up to date.
- Improving our product and user experience.
- Seeking your consent when we need to contact you.
- Fulfilling our legal duties.
- To develop products and services and what we charge for them.
- Fulfilling our legal duties.
- Complying with any regulations that apply.
Why your data is in safe hands with UNIQUEDOC
- We do: use data to help us provide a secure customer service, which includes tailoring the information we share with you to help ensure that it’s relevant, useful and timely.
- We do: respect your privacy and work hard to meet strict regulatory requirements.
- We do: make every attempt to ensure multiple encryptions of your data to protect it.
- We do not: sell or pass your personal data to third parties.
Personal Information and how we use it.
Description – Type of personal information
Contact – How to contact you.
Transactional – Details about subscription and transactional payments.
Contractual – Details about the products or services we provide to you.
Behavioural – Details about how you use our product.
Technical – Details about the devices and technology you use to access our product.
Usage Data – Other data about how you use our products and services.
Consents – Any permissions, consents or preferences that you give us.
Where we collect personal information from
Data you give to us:
- When you register for our products
- When you contact us via the phone
- When you use our websites and mobile device apps
Data we collect when you use our product.This includes the amount, frequency, type, location, origin and recipients:
- Profile and usage data. This includes the profile you create to identify yourself when you connect to our internet and mobile services. It also includes other data about how you use those services. We gather this data from devices you use to connect to those services, such as computers and mobile phones, using cookies and other internet tracking software. Your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation.
Who we share your personal information with
We may share your personal information with companies that are an essential part of providing services to you.
- BUTO – Video conversion platform. about buto
- Stripe – online payments
- TokBox – OpenTok platform for web real time communications (when applied)
We may also share your personal information if the make-up of UNIQUEDOC changes in the future:
- We may choose to sell, transfer, or merge parts of our business, or our assets. Or we may seek to acquire other businesses or merge with them.
- During any such process, we may share your data with other parties. We’ll only do this if they agree to keep your data safe and private.
- If the change to Uniquedoc happens, then other parties may use your data in the same way as set out in this notice.
You are responsible for keeping your password, PIN and other login details confidential. We will not ask you for your password (except when you log in to the website).
Sending data outside of the EEA
We will only send your data outside of the European Economic Area (‘EEA’) to:
- Follow your instructions.
- Comply with a legal duty.
If we do transfer information outside of the EEA, we will make sure that it is protected in the same way as if it was being used in the EEA. We’ll use one of these safeguards:
- Transfer it to a non-EEA country with privacy laws that give the same protection as the EEA. Learn more on the European Commission Justice website.
- Put in place a contract with the recipient that means they must protect it to the same standards as the EEA. Read more about this here on the European Commission Justice website,
- Transfer it to organisations that are part of Privacy Shield. This is a framework that sets privacy standards for data sent between the US and EU countries. It makes sure those standards are similar to what is used within the EEA. You can find out more about data protection on the European Commission Justice website.
If you choose not to give personal information
We may need to collect personal information by law, or under the terms of a contract we have with you.
If you choose not to give us this personal information, it may delay or prevent us from meeting our obligations. It may also mean that we cannot perform services needed to access our product. It could mean that we cancel a product or service you have with us.
Any data collection that is optional would be made clear at the point of collection.
We may use your personal information to tell you about relevant updates to and general information about our product. This is what we mean when we talk about ‘marketing’.
The personal information we have for you is made up of what you tell us, and data we collect when you use our services. We Do Not mine other companies for data on you.
We can only use your personal information to send you marketing messages if we have either your consent or a ‘legitimate interest’. That is when we have a business or commercial reason to use your information. It must not unfairly go against what is right and best for you.
You can ask us to stop sending you marketing messages by contacting us at any time.
We may ask you to confirm or update your choices if there are changes in the law, regulation, or the structure of our business.
If you change your mind you can update your choices at any time by contacting us.
How long we keep your personal information
We will keep your personal information for as long as you are a customer of UNIQUEDOC.
After you stop being a customer, we may keep your data for up to 10 years for one of these reasons:
- To respond to any questions or complaints.
- To show that we treated you fairly.
- To maintain records according to rules that apply to us.
We may keep your data for longer than 10 years if we cannot delete it for legal, regulatory or technical reasons. We may also keep it for research or statistical purposes. If we do, we will make sure that your privacy is protected and only use it for those purposes.
How to get a copy of your personal information
You can access your personal information we hold by checking ‘My Details’ under your Account Settings, you may also contact us at email@example.com for a list of your personal data.
Letting us know if your personal information is incorrect
You have the right to question any information we have about you that you think is wrong or incomplete. Please contact us at firstname.lastname@example.org if you want to do this.
If you do, we will take reasonable steps to check its accuracy and correct it.
What if you want us to stop using your personal information?
You have the right to object to our use of your personal information, or to ask us to delete, remove, or stop using your personal information if there is no need for us to keep it. This is known as the ‘right to object’ and ‘right to erasure’, or the ‘right to be forgotten’.
There may be legal or other official reasons why we need to keep or use your data. But please tell us if you think that we should not be using it.
We may sometimes be able to restrict the use of your data. This means that it can only be used for certain things, such as legal claims or to exercise legal rights. In this situation, we would not use or share your information in other ways while it is restricted.
You can ask us to restrict the use of your personal information if:
- It is not accurate.
- It has been used unlawfully but you don’t want us to delete it.
- It not relevant any more, but you want us to keep it for use in legal claims.
- You have already asked us to stop using your data but you are waiting for us to tell you if we are allowed to keep on using it.
If you want to object to how we use your data, or ask us to delete it or restrict how we use it or, please contact us at email@example.com
How to withdraw your consent
You can withdraw your consent at any time. Please contact us at firstname.lastname@example.org if you want to do so.
If you withdraw your consent, we may not be able to provide certain products or services to you. If this is so, we will tell you.
How to complain
Please let us know if you are unhappy with how we have used your personal information. You can contact us using our secure online contact form
You also have the right to complain to the Information Commissioner’s Office. Find out on their website how to report a concern
Organisation name: UNIQUEDOC Limited; Registration reference A1022518
Future formats for sharing data
The Data Privacy laws will change on 25 May 2018. From that date you will have the right to get your personal information from us in a format that can be easily re-used.
You can also ask us to pass on your personal information in this format to other organisations.