At Unique, we are committed to the highest security and privacy standards.
Client data is the most valuable asset for our business and we make sure to treat it with uttermost care.
☑️ Our servers are located within Unique’s own private cloud, and we manage our APIs carefully to not allow any untrusted external connections.
☑️ Our ISMS is managed by a former SAP team making sure our software is updated regularly with the latest security patches.
☑️ Open.AI access is secured via Microsoft Switzerland (or Europe) and opt-out option for training purpose and prompt checking is available.
☑️ We are on the way to SOC 2 compliance which demonstrates our commitment to data security and privacy, builds trust with our customers, and meets regulatory requirements.
☑️ Your data is safe with Unique, because we are committed to ensuring up-to-date compliance with the General Data Protection Regulation (GDPR).
☑️ Unique’s GDPR-compliant process flow guarantees consent from all meeting attendees.
☑️ Any data and connections with Unique are secure using the latest encryption standards.
☑️ Data access and authorizations are managed on a need-to-know basis, and we apply the principle of least privilege.
☑️ Recordings, transcripts, and analytics are encrypted in transit and at rest.
Q: Is Unique GDPR compliant?
Yes. We are committed to GDPR compliance. We use technical measures like data minimization as well as organizational measures like compliance and awareness trainings to ensure GDPR compliance.
Q: Where is client data hosted?
We work together with Microsoft Switzerland and our data is stored in the Azure Cloud in Switzerland. If a client wish to chose another location that is also possible.
Q: Where is client data processed?
Client data is processed only in Switzerland if you choose the single tenant deployment option. For other deployment options, we may also process data within the European Union.
Q: How long is client data stored?
Data is stored for the duration of the contract or until you delete it. Data backups are stored for an additional 2 weeks after removal of the data. Logs are stored for a year for compliance and security purposes.
Q: Is there a process maintained to remove personal data based on the right to be forgotten if applicable to the services provided?
Yes, a process is in place.
Q: What certification do you have (ISO, SOC ...)?
We are already for ISO 9001 and 27001 certified with all processes and documents in place. Certificates are available. We work on SOC 2 certification and FINMA report, which should be available by end of 2023.
Q: How do you process the data?
All data is encrypted in transit and at rest. We minimize the data we store to only include what is needed. For more details please refer to Your data at Unique.
Q: Is there a designated organizational structure or function responsible for data privacy and data protection as it related to client-scoped privacy data?
Yes, we have a Chief Data Officer.
Q: Are software applications provided and what type?
Yes, cloud hosted SaaS (Software as a Service) as well as Enterprise version cloud hosted in customer tenant.
Q: What service hosting models and deployment models are provided as part of Unique services?
Azure cloud hosting on unique tenant or customer tenant.
Q: Which Information Security policies and procedures do you have in place?
Policies and procedures required by ISO 9001 and 27001 including hiring policies, risk management, supplier relation, asset management and data classification.