Terms of Service

UNITYHUB ORDER FORM

Services: Scheduling employee office days (the “Services”).

Services Fees: fees are calculated in accordance with the plan chosen by the Customer.

Initial Service Term: 1 month

This Services Order Form is a binding, legal agreement between the Company that accesses and uses the Services and UnityHub Ltd (trading as UnityHub) (the “Company”, “us”, or “our”) for the provision of the Services and is subject to the Terms of Service set out below.

By accessing and using the Services, you represent that (1) you have read, understand, and agree to be bound by the terms of use, (2) you have the authority to enter into the terms of use personally or on behalf of the Company, and to bind that Company to the terms of use.

If you subscribe to the services for a term (the “Initial Term”), then the terms will be automatically renewed for additional periods of the same duration as the Initial Term at the Company’s then-current fee for such services unless you opt out of the auto-renewal.

TERMS OF SERVICE

1. SAAS SERVICES AND SUPPORT

1.1. Subject to the Services Order Form above and these Terms of Service (including any Exhibits to it) as amended from time to time), The company will use commercially reasonable efforts to provide the Services to the Customer during the Term (as defined in Section 5.1 below).

1.2. As part of the registration process, the Customer will identify an administrative username and password for the Customer’s Company account. The company reserves the right to refuse registration of or cancel passwords it deems inappropriate.

1.3. Customer recognizes that the Company is always innovating and finding ways to improve the Services with new features and services. Customer therefore agrees that the Services may change from time to time and no warranty, representation, or other commitment is given in relation to the continuity of any functionality of the Service.

1.4. Subject to the terms hereof, the Company will provide Customer with reasonable technical support services in accordance with the terms set forth in Exhibit A.

2. RESTRICTIONS AND RESPONSIBILITIES

2.1. Company hereby grants to Customer a non-exclusive, non-transferable, non-sublicensable right to access and use the Services during the Term in accordance with the Agreement, solely for Customer’s internal business purposes.

2.2 Customer will not, directly or indirectly (except to the extent permitted by any applicable law which is incapable of exclusion by the agreement of the parties): reverse engineer, decompile, disassemble or otherwise attempt to discover the source code, object code or underlying structure, ideas, know-how or algorithms relevant to the Services or any software, documentation or data related to the Services (“Software”); modify, translate, or create derivative works based on the Services or any Software(except to the extent expressly permitted by Company or authorized within the Services); license, sell, rent, lease, transfer, assign, distribute, display, disclose or otherwise commercially exploit the Services and any Software (except to the extent expressly permitted by Company or authorized within the Services); use the Services or any Software for timesharing or service bureau purposes or otherwise for the benefit of a third party; or remove any proprietary notices or labels. With respect to any Software that is distributed or provided to Customer for use on Customer premises or devices, the Company hereby grants Customer a non-exclusive, non-transferable, non-sublicensable license to use such Software during the Term only in connection with the Services.

2.3. Customer shall comply with all applicable technology control and export laws and regulations.

2.4. Customer represents, covenants, and warrants that Customer will use the Services only in compliance with the terms and conditions of the Agreement, and all applicable laws and regulations. Customer hereby agrees to indemnify and hold harmless Company against any damages, losses, liabilities, settlements, and expenses (including without limitation costs and attorneys’ fees) in connection with any claim or action that arises from any actual or alleged breach of the terms and conditions of the Agreement, and/or any applicable laws and regulations, or otherwise from Customer’s use of Services. Although the Company has no obligation to monitor the Customer’s use of the Services, the Company may do so and may prohibit any use of the Services it believes may be (or alleged to be) in violation of the Agreement.

2.5. Customer shall be responsible for obtaining and maintaining any equipment and ancillary services needed to connect to, access, or otherwise use the Services, including, without limitation, modems, hardware, servers, software, operating systems, networking, web servers, and the like (collectively, “Equipment”). Customer shall also be responsible for maintaining the security of the Equipment, Customer account, passwords (including but not limited to administrative and user passwords), and files, and for all uses of Customer account or the Equipment with or without Customer’s knowledge or consent.

3. CONFIDENTIALITY; PROPRIETARY RIGHTS

3.1. Each party undertakes that it shall not at any time during this Agreement, and for a period of two years after termination or expiry of this Agreement, disclose to any person any confidential information concerning the business, affairs, customer, clients or suppliers or the other party or of any member of the group of companies to which the other party belongs, except as permitted by clause 3.2 below.

3.2 Notwithstanding clause 3.1, each party may disclose the other party’s confidential information:

  • to its employees, officers, representatives, contractors, subcontractors, or advisers who need to know such information for the purposes of exercising the party’s rights or carrying out its obligations under or in connection with this Agreement. Each party shall ensure that its employees, officers, representatives, contractors, subcontractors, or advisers to whom it discloses the other party’s confidential information comply with this clause 3; and
  • as may be required by law, a court of competent jurisdiction, or any governmental or regulatory authority.

3.3 No party shall use any other party’s confidential information for any purpose other than to exercise its rights and perform its obligations under or in connection with this Agreement.

3.4. Customer shall own and retain all rights, titles, and interest in and to the Customer Data, and shall have sole responsibility for the legality, reliability, integrity, accuracy, and quality of the Customer Data.

3.5. The Company shall own and retain all rights, titles, and interests in and to (a) the Services and Software, all improvements, enhancements, or modifications thereto,(b) any software, applications, inventions, or other technology developed in connection with Services or support, and (c) all intellectual property rights related to any of the foregoing.

3.6. Notwithstanding anything to the contrary, the Company shall have the right to collect and analyze data and other information relating to the provision, use, and performance of various aspects of the Services and related systems and technologies (including, without limitation, information concerning Customer Data and data derived therefrom), and Company will be free (during and after the Term) to (i) use such information for the purpose of providing the Services; (ii) use such information and data to improve and enhance the Services and for other development, diagnostic and corrective purposes in connection with the Services and other Company offerings, and (iii) disclose such data solely in aggregate or other de-identified forms in connection with its business. No rights or licenses are granted except as expressly set forth herein.

4. PAYMENT OF FEES

4.1. Customer will pay Company the then applicable Service Fees. Company reserves the right to change the Service Fees or applicable charges and to institute new charges and Service Fees at the end of the Initial Service Term or then-current renewal term, upon thirty (30) days prior notice to Customer (which may be sent by email). If Customer believes that Company has billed Customer incorrectly, Customer must contact Company no later than 60 days after the closing date on the first billing statement in which the error or problem appeared, in order to receive an adjustment or credit. Inquiries should be directed to the Company’s customer support department.

4.2. Company may choose to bill through an invoice, in which case, full payment for invoices issued in any given month must be received by the Company ten (10) days after the mailing date of the invoice. Unpaid amounts are subject to interest at an annual rate of 4% over the then-current base lending rate of Australia and New Zealand Bank (ANZ Bank) from time to time on any outstanding balance, or the maximum permitted by law, whichever is lower, commencing on the due date for payment and continuing until payment is received in full by Company, plus all expenses of collection, and may result in immediate termination of the Service. Customer shall be responsible for all taxes associated with Services other than applicable taxes based on the Company’s net income.

4.3. For the purpose of calculating the Service Fees, the term “Additional Revenue” means any revenue generated by the Customer arising from the Customer’s use of the Services (prior to the addition of taxes).

5. TERM AND TERMINATION

5.1. Subject to earlier termination as provided below, the Agreement is for the Initial Service Term and shall be automatically renewed for additional periods of the same duration as the Initial Service Term (collectively, the “Term”), unless either party gives the other party at least ten (10) days’ notice in writing to terminate the Agreement at the end of the then-current term. A reason for this termination does not need to be given.

5.2. Without prejudice to any other rights or remedies available to it, the Company may, without liability, immediately disable Customer’s account for the Services or prevent access by Customer to the Services for any breach by the Customer of this Agreement.

5.3. In addition to any other remedies it may have, either party may also terminate the Agreement immediately on written notice (or without notice in the case of non-payment), if the other party (i) materially breaches any of the terms or conditions of the Agreement which breach is irremediable or (if such breach is remediable) fails to remedy the breach within ten (10) days of being notified in writing to do so, or (ii) is unable to pay its debts (within the meaning of section 123 of the Insolvency Act 1986) or becomes insolvent, or is subject to an order or a resolution for its liquidation, administration, winding-up or dissolution (otherwise than for the purposes of a solvent amalgamation or reconstruction), or has an administrative or other receiver, manager, trustee, liquidator, administrator or similar officer appointed over all or any substantial part of its assets, or enters into or proposes any composition or arrangement with its creditors generally, or is subject to any analogous event or proceeding in any applicable jurisdiction. The customer will pay in full for the Services up to and including the last day on which the Services are provided. Upon any termination (i) all licenses granted under the Agreement shall immediately terminate and Customer’s right to access and use the Services will end, and (ii) (subject to the terms and conditions of the DPA) Company will make all Customer Data available to Customer for electronic retrieval for a period of thirty (30) days, but thereafter, Company may, but is not obligated to, delete stored Customer Data. All sections of the Agreement which by their nature should survive termination will survive termination, including, without limitation, accrued rights to payment, confidentiality obligations, warranty disclaimers, and limitations of liability.

6. WARRANTY AND DISCLAIMER

6.1 The Company shall use reasonable efforts consistent with prevailing industry standards to maintain the Services in a manner that minimizes errors and interruptions in the Services and shall perform the Services in a professional and workmanlike manner. Services may be temporarily unavailable for scheduled maintenance or for unscheduled emergency maintenance, either by Company or by third-party providers, or because of other causes beyond Company’s reasonable control, but Company shall use reasonable efforts to provide advance notice in writing or by e-mail of any scheduled service disruption.

6.2 The Company does not warrant that the Services will be uninterrupted or error-free; nor does it make any warranty as to the results that may be obtained from the use of the Services. Except as expressly set forth in this section, the services are provided “AS IS” and the Company disclaims and excludes from the Agreement to the fullest extent permitted by applicable law all warranties, representations, conditions, and all other terms of any kind whatsoever, express or implied by statute or common law or otherwise, including, but not limited to, implied warranties of merchantability and fitness for a particular purpose and non-infringement.

7. LIMITATION OF LIABILITY

7.1 Nothing in the Agreement excludes the liability of either party for death or personal injury caused by its negligence, or for fraud or fraudulent misrepresentation.

7.2 Subject to clause 7.1, Company and its suppliers (including but not limited to all equipment and technology suppliers), officers, affiliates, representatives, contractors and employees shall not be responsible or liable with respect to any subject matter of the Agreement or terms and conditions related thereto under any contract, tort (including negligence), for breach of statutory duty, or otherwise: (a) for error or interruption of use of the Services or for loss, alteration, or inaccuracy or corruption of data (including Customer Data) or cost of procurement of substitute goods,services or technology; (b) for any loss (whether direct or indirect) of profits, revenue, business, or goodwill; (c) for any indirect, exemplary, incidental, special or consequential loss, costs, damages, charges or expenses; (d) for any matter beyond Company’s reasonable control; or (e) for any amounts that, together with amounts associated with all other claims, exceed the fees paid by Customer to Company for the Services under the Agreement in the 12 months prior to the act that gave rise to the liability, in each case, whether or not Company has been advised of the possibility of such damages.

8. MISCELLANEOUS

8.1 Company may use Customer’s name, logo, and related trademarks in any of Company’s publicity or marketing materials for the purpose of highlighting that Customer uses the Services, and alongside any testimonials that Customer has agreed to give.

8.2 Company shall have no liability to Customer under the Agreement if it is prevented from or delayed in performing its obligations under the Agreement by any act, event or omission beyond its control, including (without limitation): strikes, lock-outs, or other industrial disputes; failure of a utility service or transport or telecommunications network; act of God, fire, flood, or storm; war, riot, or civil commotion; malicious damage; compliance with any law or governmental order, rule, regulation or direction; accident; breakdown of machinery; or default of suppliers or sub-contractors. Company shall notify Customer of any such event and (where possible) its expected duration.

8.3 If any provision of the Agreement is found to be unenforceable or invalid, that provision will be limited or eliminated to the minimum extent necessary so that the Agreement will otherwise remain in full force and effect and enforceable.

8.4 If there is an inconsistency between any of the provisions in the main body of the Agreement and the Exhibits, the provisions in the Exhibits shall prevail to the extent of the inconsistency.

8.5 The Agreement is not assignable, transferable or sublicensable by Customer except with Company’s prior written consent. Company may transfer and assign any of its rights and obligations under the Agreement without the consent of Customer.

8.6 The Agreement(including the Exhibits and any documents referred to in it) constitutes the entire agreement between the parties and is the complete and exclusive statement of the mutual understanding of the parties and supersedes and cancels all previous written and oral agreements, communications, and other understandings relating to the subject matter of the Agreement. All waivers and modifications must be in writing and signed by both parties, except as otherwise provided herein.

8.7 No failure or delay by either party to exercise any right or remedy provided under the Agreement shall constitute a waiver of that or any other right or remedy, nor shall it prevent or restrict the further exercise of that or any other right or remedy.

8.8 No agency, partnership, joint venture, or employment is created as a result of the Agreement and Customer does not have any authority of any kind to bind Company in any respect whatsoever.

8.9 The Agreement does not confer any rights on any person or party (other than the parties to the Agreement), under the Contracts (Rights of Third Parties) Act 1999 or otherwise.

8.10 Applicable laws may require that some of the information or communications the Company sends to the Customer should be in writing. When using the Services, Customer accepts that communication with Company will mainly be electronic and Company may provide information to Customer by posting notices on the Services. All notices under the Agreement will be in writing and will be deemed to have been duly given when received if personally delivered; when receipt is electronically confirmed if transmitted by facsimile or e-mail; the day after it is sent if sent for the next day delivery by recognized overnight delivery service; and upon receipt, if sent by certified or registered mail, return receipt requested, provided that Company may give notice to Customer at either the e-mail or postal address Customer provides to Company or any other way Company deems appropriate. The foregoing notice provisions do not apply to the termination of the Agreement, or to the service of any proceedings or other documents in any legal action or dispute resolution.

8.11 The Agreement and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims) shall be governed by and construed in accordance with the law of New Zealand.

8.12 Each party irrevocably agrees that the courts of New Zealand shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with the Agreement or its subject matter or formation (including non-contractual disputes or claims).

8.13 Company has the right to revise and amend these Terms of Service from time to time. Changes to these Terms of Service are effective when they are posted on this page, and Customer will be subject to the Terms of Service in force at the time that it makes use of the Services (unless otherwise agreed by the parties in writing).

EXHIBIT A

Support Terms

The company will use commercially reasonable efforts to respond to all Helpdesk tickets within one(1) business day

The company will provide Technical Support to the Customer via both telephone and electronic mail on weekdays during the hours of 9:00 am New Zealand time through to 5:00 pm, with the exclusion of Public Holidays in New Zealand (“Support Hours”).

EXHIBIT B

Data Processing Addendum

UNITYHUB DATA PROCESSING ADDENDUM

1. BACKGROUND

1.1. The Customer and UnityHub Limited (“UnityHub”, “the Company”, “we”, “us”, or “our”) entered into the Agreement (as defined below) for the provision of the Services (as defined in the Agreement) from UnityHub to the Customer.

1.2. In the event that UnityHub Processes personal data (each as defined below) contained in Customer Data of individuals located in New Zealand (as defined below), or if the Customer is established in New Zealand, this Data Processing Addendum (the “DPA”) shall be supplemental to the Agreement and shall apply to the Processing of such personal data. In the event of a conflict between any of the provisions of this DPA and the provisions of the Agreement, the provisions of this DPA shall prevail.

1.3. Both parties will comply with all applicable requirements of the Data Protection Laws (as defined below). This DPA is in addition to and does not relieve, remove, or replace, a party’s obligations under the Data Protection Laws.

2. DEFINITIONS

2.1. Unless otherwise set out below, each capitalized term in this DPA shall have the meaning set out in the Agreement, and the following capitalized terms used in this DPA shall be defined as follows:

2.1.1. “Agreement” means the agreement entered into between the Company and the Customer for the provision of the Service, comprising the Order Form and the Terms of Service (including the Exhibits to it);

2.1.2. “Controller” has the meaning given in the Data Protection Laws;

2.1.3. “Customer Personal Data” means the personal data (as defined in the Data Protection Laws) described in ANNEX 1 and any other personal data that UnityHub processes on behalf of the Customer in connection with UnityHub’s provision of the Service;

2.1.4. “Data Protection Laws” means: Coming soon

2.1.5. “Data Subject” has the meaning given in the Data Protection Laws;

2.1.6. “EU GDPR” means the General Data Protection Regulation ((EU) 2016/679);

2.1.7. “European Economic Area” or “EEA” means the Member States of the European Union together with Iceland, Norway, and Liechtenstein;

2.1.8. “Processing” has the meaning given in the Data Protection Laws, and “Process” shall be interpreted accordingly; Data Protection Laws GDPR;

2.1.9. “Security Incident” means any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, any Customer Personal Data;

2.1.10. “Standard Contractual Clauses” means the Standard Contractual Clauses (processors) approved by the European Commission Decision on 4 June 2021 or any subsequent version thereof released by the European Commission (which will automatically apply);

2.1.11. “Subprocessor” means any Processor engaged by UnityHub that agrees to receive from UnityHub and Process any Customer Personal Data; and

2.1.12. “Supervisory has the meaning given to it in section 3(10) (as supplemented by section 205(4)) of the Data Protection Act 2018.

3. DATA PROCESSING

3.1. Instructions for Data Processing. UnityHub will only Process Customer Personal Data in accordance with the Customer’s instructions unless Processing is required by Data Protection Laws to which UnityHub is subject, in which case UnityHub shall, to the extent permitted by Data Protection Laws, inform the Customer of that legal requirement before Processing that Customer Personal Data. The Agreement (subject to any changes to the Services agreed between the Parties), including this DPA, shall be the Customer’s complete and final instructions to UnityHub in relation to the processing of Customer Personal Data.

3.2. Processing outside the scope of this DPA or the Agreement will require a prior written agreement between the Customer and UnityHub on additional instructions for Processing.

3.3. Required consents. Where required by applicable Data Protection Laws, the Customer warrants that it will ensure that it has obtained/will obtain all necessary consents for the Processing of Customer Personal Data by UnityHub in accordance with the Agreement, and agrees to indemnify UnityHub for any direct losses arising out of a breach of this clause.

4. TRANSFER OF PERSONAL DATA

4.1. Authorised Subprocessors. The Customer agrees that UnityHub may use Amazon Web Services, Inc., Stripe Inc., Slack Technologies LLC, LogRocket, Inc., and Microanalytics.io as Subprocessors to Process Customer Personal Data, together with additional subcontractors when required from time to time, which the Customer hereby approves in advance.

4.2. Save as set out in clauses 4.1, UnityHub shall not permit, allow, or otherwise facilitate Subprocessors to Process Customer Personal Data unless UnityHub enters into a written agreement with the Subprocessor which imposes the same obligations on the Subprocessor with regards to their Processing of Customer Personal Data as are imposed on UnityHub under this DPA.

4.3. Liability of Subprocessors. UnityHub shall at all times remain responsible for compliance with its obligations under the DPA and will be liable to the Customer for the acts and omissions of any Subprocessors if they were the acts and omissions of UnityHub.

4.4. Transfers of Personal Data. To the extent that the Processing of Customer Personal Data by UnityHub involves the export of such Customer Personal Data to a third party to a country or territory outside New Zealand, other than (i) a country or territory ensuring inadequate level of protection for the rights and freedoms of Data Subjects in relation to the Processing of personal data as determined by the European Commission, or (ii) where the third party is a member of a compliance scheme recognized as offering adequate protection for the rights and freedoms of Data Subjects as determined by the European Commission, such export shall be governed by the Standard Contractual Clauses between the Customer as exporter and such third party as importer. For this purpose, the Customer appoints UnityHub as its agent with the authority to complete and enter into the Standard Contractual Clauses as an agent for the Customer on its behalf for this purpose.

4.5. In the event of any conflict between any terms and conditions of the Standard Contractual Clauses and this DPA, the Standard Contractual Clauses shall prevail.

5. DATA SECURITY, AUDITS AND SECURITY NOTIFICATIONS

5.1. UnityHub Security Obligations. Taking into account state of the art, the costs of implementation, and the nature, scope, context, and purposes of Processing, as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, UnityHub shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including the measures set out in ANNEX 2.

5.2. Security Audits. The Customer may, upon reasonable notice, audit(by itself or using independent third-party auditors) UnityHub’s compliance with the security measures set out in this DPA (including the technical and organizational measures as set out in ANNEX 2) no more than once per year, including by conducting audits of UnityHub’s data processing facilities. Upon request by the Customer, UnityHub shall make available all information reasonably necessary to demonstrate compliance with this DPA.

5.3. Security Incident Notification. If UnityHub or any Subprocessor becomes aware of a Security Incident, UnityHub will (a) notify the Customer of the Security Incident within 72 hours of becoming aware of the Security Incident, (b) investigate the Security Incident and provide such reasonable assistance to the Customer (and any law enforcement or regulatory official) as required to investigate the Security Incident, and (c) take steps to remedy any non-compliance with this DPA.

5.4. UnityHub Employees and Personnel. UnityHub shall treat the Customer Personal Data as the Confidential Information of the Customer and shall ensure that any employees or other personnel have agreed in writing to protect the confidentiality and security of Customer Personal Data.

6. ACCESS REQUESTS AND DATA SUBJECT RIGHTS

6.1. Data Subject Requests. Save as required (or where prohibited) under applicable law, UnityHub shall notify the Customer of any request received by UnityHub or any Subprocessor from a Data Subject in respect of their personal data included in the Customer Personal Data, and shall not respond to the Data Subject.

6.2. UnityHub shall provide the Customer with the ability to correct, delete, block, access, or copy the Customer’s Personal Data in accordance with the functionality of the Service.

6.3. Government Disclosure. UnityHub shall notify the Customer of any request for the disclosure of Customer Personal Data by a governmental or regulatory body or law enforcement authority (including any data protection supervisory authority) unless otherwise prohibited by law or a legally binding order of such body or agency.

6.4. Data Subject Rights. Where applicable, and taking into account the nature of the Processing, UnityHub shall use all reasonable endeavors to assist the Customer by implementing any other appropriate technical and organizational measures, insofar as this is possible, for the fulfillment of the Customer’s obligation to respond to requests for exercising Data Subject rights laid down in the GDPR.

6.5. Data Protection Impact Assessment and Prior Consultation. To the extent required under applicable Data Protection Laws, UnityHub shall provide reasonable assistance to the Customer with any data protection impact assessments and with any prior consultations to any Supervisory Authority of the Customer, in each case solely in relation to the Processing of Customer Personal Data and taking into account the nature of the Processing and information available to UnityHub.

7. TERMINATION

7.1. Subject to clause 7.2 below, the Customer may in its absolute discretion notify UnityHub in writing within thirty (30) days of the date of termination of the Agreement to require UnityHub to delete and procure the deletion of all copies of Customer Personal Data Processed by UnityHub. UnityHub shall, within ninety (90) days of the date of termination of the Agreement:

7.1.1.comply with any such written request; and

7.1.2.use all reasonable endeavors to procure that its Subprocessors delete all Customer Personal Data Processed by such Subprocessors,

7.1.3.and, where this clause 7.2 applies, UnityHub shall not be required to provide a copy of the Customer’s Personal Data to the Customer.

7.2. UnityHuband its Subprocessors may retain Customer Personal Data to the extent required by applicable laws and only to the extent and for such period as required by applicable laws and always provided that UnityHub shall ensure the confidentiality of all such Customer Personal Data and shall ensure that such Customer Personal Data is only Processed as necessary for the purpose(s) specified in the applicable laws requiring its storage and for no other purpose.

ANNEX 1

Details of the Processing of CUSTOMER Personal Data

This ANNEX 1 includes certain details of the processing of Customer Personal Data.

Subject matter and duration of the Processing of Customer Personal Data

The subject matter and the duration of the Processing of the Customer’s Personal Data are set out in the Agreement and this DPA.

The nature and purpose of the Processing of Customer Personal Data

The Customer’s Personal Data will be subject to the following basic Processing activities: transmitting, collecting, storing, and analyzing data in order to provide the Services to the Customer, and any other activities related to the provision of the Services or as specified in the Agreement.

The types of Customer Personal Data to be Processed

The types of Customer Personal Data to be Processed concern the following categories of data: names of Customer personnel; contact information (including email addresses and telephone numbers) of Customer personnel and of end users of services of the Customer; online identifiers of end users of services of the Customer.

The categories of Data Subject to whom the Customer’s Personal Data relates

The categories of Data Subject to whom the Customer’s Personal Data relates concern: employees and other personnel of the Customer.

The obligations and rights of the Customer

The obligations and rights of the Customer are as set out in the Agreement and this DPA.

ANNEX 2

Technical and Organisational Security Measures

UnityHub maintains internal policies and procedures, or procures that its Subprocessors do so, which are designed to:

  • secure any Customer Personal Data Processed by UnityHub against accidental or unlawful loss, access, or disclosure;
  • identify reasonably foreseeable and internal risks to security and unauthorized access to the Customer’s Personal Data Processed by UnityHub;
  • minimize security risks, including risk assessment and regular testing.

UnityHub will, and will use reasonable efforts to procure that its Subprocessors will, conduct periodic reviews of the security of its network and the adequacy of its information security program as measured against industry security standards and its policies and procedures.

UnityHub will, and will use reasonable efforts to procure that its Subprocessors periodically will, evaluate the security of its network and associated services to determine whether additional or different security measures are required to respond to new security risks or findings generated by the periodic reviews.

Updated 8th July, 2024.

Scroll to Top