Privacy Policy

UnifiedONE is built and operated from Den Haag in the Netherlands. For the personal data described here, UnifiedONE is the data controller, which means we decide why and how it is used and we are responsible for looking after it. You can reach us using the details at the end of this policy.

We only collect what we need, and it falls into three groups.

• Information you give us. When you fill in a form, start an account, or email us, we receive things like your name, work email, company, and whatever you choose to write in your message.
• Information we collect as you use the service. Basic technical details such as your device and browser type, general location from your IP address, and how you move through the product, so we can keep it working and improve it.
• Security information from connected environments. When you connect your environment, the platform processes security signals to detect and stop threats. Only validated attacker information leaves your environment to protect the wider community. Your files, messages, customer records, and the content of your systems stay with you.

We use your information to do the things you would expect, and nothing you would not.

• To provide, run, and secure the service.
• To reply to you, set up demos, and offer support.
• To detect, validate, and stop threats, and to strengthen protection across the community.
• To understand how the product is used so we can make it better.
• To meet our legal and regulatory obligations.

Under European data protection law we need a lawful basis for using your personal data. Depending on the situation, we rely on your consent (which you can withdraw), the performance of a contract with you, our legitimate interest in running and securing the service, and compliance with our legal obligations.

We do not sell your personal data, and we do not share it for advertising. We share information only in a few limited ways.

• With service providers who help us run the platform, such as hosting and email, under contracts that hold them to the same care we take.
• Within the community, in the form of validated threat indicators through Shared Defense Intelligence™. This is attacker information only, never your data, your people, or your customers.
• When the law requires it, for example a valid legal request, always limited to what is necessary.
• If the business is ever involved in a merger or acquisition, in which case we will tell you before your data becomes subject to a different policy.

We use a small number of cookies and similar technologies to keep the site working, remember your preferences, and understand how the product is used. You can control cookies through your browser settings, and where consent is required we will ask for it first.

We are a European company and we keep personal data within the European Economic Area wherever we can. If data ever needs to move outside the EEA, we put recognized safeguards in place first, such as the European Commission's standard contractual clauses, so it stays protected to the same standard.

We keep personal data only for as long as we need it for the purposes described here, or for as long as the law requires. When we no longer need it, we delete it or make it anonymous. If you ask us to delete your data sooner, we will, unless we are legally required to keep some of it.

Security is the whole point of what we do, so we hold our own house to a high standard. We use encryption in transit and at rest, strict access controls, and continuous monitoring, and we review our practices regularly. No system is ever perfectly safe, but we work hard to keep yours protected and to act quickly if something goes wrong.

European data protection law gives you real control over your personal data. You can ask us to:

• See the personal data we hold about you and get a copy.
• Correct anything that is wrong or incomplete.
• Delete your data when we no longer have a reason to keep it.
• Limit or object to how we use it.
• Receive your data in a portable format, or have it sent to another provider.
• Withdraw consent at any time, where we relied on it.

Just contact us and we will help, free of charge. If you feel we have not handled your data properly, you have the right to complain to your local data protection authority. In the Netherlands that is the Autoriteit Persoonsgegevens.

UnifiedONE is a tool for organizations, not a service for children. We do not knowingly collect personal data from anyone under 16. If you believe a child has given us their data, please tell us and we will remove it.

As the product grows, this policy may change. When we make a meaningful change we will update the date at the top and, if it matters to you, let you know directly. The current version always lives on this page.