Privacy Policy — unimoney

01 — Introduction

We take your privacy seriously

unimoney Platform, Inc. ("unimoney", "we", "us", "our") operates a B2B growth platform that helps businesses acquire, retain, and grow customers. This Privacy Policy explains how we handle personal data collected through our website (unimoney.io), our web application, and any other services we provide (collectively, the "Services").

By using our Services, you acknowledge that you have read and understood this policy. If you are using our Services on behalf of a company, that company also accepts this policy.

Plain-English Summary: We collect only what we need, use it to run and improve our services, never sell it to third parties, and give you full control over your data. That's the short version — the detail follows below.

This policy applies to all personal data we process as a data controller. When we process data on behalf of our business customers, we act as a data processor under a separate Data Processing Agreement (DPA).

02 — Data We Collect

What information we gather

We collect information you provide directly, data generated automatically when you use our Services, and in some cases data from third-party sources.

Information you provide

Account data — name, business email, company name, job title, and password when you register.
Billing data — payment card details (processed and stored by Stripe; we hold only the last four digits and expiry), billing address, and invoice history.
Profile data — optional avatar, phone number, timezone, and notification preferences.
Communication data — messages you send us via email, chat, or support tickets.
Content data — campaigns, copy, creative assets, and audience data you upload or create inside the platform.

Data collected automatically

Usage data — pages visited, features used, session duration, click paths, and error logs.
Device & browser data — IP address, browser type, operating system, screen resolution, and language settings.
Cookies & similar technologies — see Section 5 for full details.
API call logs — timestamps, endpoints, response codes, and payload sizes for API usage.

Data from third parties

OAuth profile data from Google, Microsoft, or LinkedIn if you use social sign-in.
CRM enrichment from HubSpot or Salesforce when you connect an integration.
Public company firmographic data from data partners to pre-fill account details.

03 — How We Use Data

Our purposes for processing your data

We process personal data only when we have a lawful basis for doing so. The table below maps each purpose to its legal basis under GDPR and equivalent frameworks.

Purpose	Legal Basis	Examples
Provide & operate the Services	Contract performance	User authentication, dashboard access, billing
Improve & personalise the platform	Legitimate interest	Feature recommendations, A/B tests, UX analysis
Security & fraud prevention	Legitimate interest	Anomaly detection, audit logs, rate limiting
Marketing communications	Consent	Product updates, newsletters, webinar invites
Legal & regulatory obligations	Legal obligation	Tax records, law enforcement requests
Customer support	Contract performance	Ticket resolution, onboarding assistance

We never use your data to train general-purpose AI or machine learning models, and we never sell it to third parties for advertising.

04 — Sharing & Disclosure

Who we share your data with

We do not sell, rent, or trade your personal data. We may share it with the following categories of recipients under strict contractual obligations:

Sub-processors — infrastructure providers (AWS, Google Cloud), analytics tools (Mixpanel), support platforms (Intercom), and payment processors (Stripe). A full sub-processor list is available at unimoney.io/legal/sub-processors.
Integrations you enable — when you connect HubSpot, Salesforce, or other third-party tools, data is shared only to the extent you configure.
Professional advisors — lawyers, auditors, and insurers under confidentiality obligations.
Business transfers — if unimoney is acquired or merges, data may transfer to the successor entity subject to equivalent protections.
Law enforcement — only when required by valid legal process; we will notify you where legally permitted.

Note: We will never share your data with advertising networks, data brokers, or any party for the purpose of targeting advertisements.

05 — Cookies & Tracking

How we use cookies and similar technologies

We use cookies and similar technologies to keep you signed in, understand how you use our platform, and improve your experience. We categorise cookies as follows:

Category	Purpose	Can You Opt Out?
Essential	Authentication, session management, CSRF protection	No — required for the service to function
Analytics	Usage patterns, feature adoption, error tracking	Yes — via cookie preferences
Preferences	Language, theme (light/dark), timezone	Yes — clearing cookies resets preferences
Marketing	Campaign attribution (first-party only)	Yes — via cookie preferences or opt-out link

You can manage your cookie preferences at any time via the Cookie Settings link in the site footer. Note that disabling non-essential cookies will not affect your ability to use the core platform.

06 — Data Retention

How long we keep your data

We retain personal data only for as long as necessary for the purposes described in this policy, or as required by law. Our standard retention schedule is:

Account data — retained for the duration of your subscription plus 90 days post-cancellation to allow account reinstatement.
Billing records — 7 years to comply with tax and accounting regulations.
Usage logs — 13 months rolling window for security and analytics purposes.
Support tickets — 3 years from ticket closure.
Marketing data — until you withdraw consent or unsubscribe.
Deleted content — purged from production systems within 30 days; from backups within 90 days.

Upon expiry of the applicable retention period, data is securely deleted or anonymised using industry-standard methods.

07 — Your Rights

Control over your personal data

Depending on your location, you may have the following rights regarding your personal data:

Access — request a copy of the personal data we hold about you.
Rectification — ask us to correct inaccurate or incomplete data.
Erasure — request deletion of your personal data ("right to be forgotten").
Restriction — ask us to limit how we process your data in certain circumstances.
Portability — receive your data in a structured, machine-readable format.
Object — opt out of processing based on legitimate interest, including profiling.
Withdraw consent — where processing is based on consent, withdraw it at any time without affecting prior processing.

How to exercise your rights: Submit a request via your account Settings → Privacy, or email Ask@unimoney.info. We will respond within 30 days. Identity verification may be required.

If you are located in the European Economic Area, you also have the right to lodge a complaint with your national data protection authority.

08 — Security

How we protect your data

We implement technical and organisational measures appropriate to the risk of processing, including:

Encryption in transit using TLS 1.3 and at rest using AES-256.
SOC 2 Type II certification, audited annually by an independent third party.
Annual penetration testing by a CREST-accredited firm.
Role-based access control with principle of least privilege.
Multi-factor authentication enforced for all internal systems.
24/7 security monitoring and automated anomaly detection.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and affected users without undue delay.

09 — International Transfers

Transferring data across borders

unimoney is headquartered in the United States. If you are located outside the US, your personal data may be transferred to and processed in the US or other countries where our sub-processors operate. These countries may have different data protection laws than your own.

We use the following transfer mechanisms to ensure your data receives adequate protection:

EU Standard Contractual Clauses (SCCs) for transfers from the European Economic Area.
UK International Data Transfer Agreements (IDTAs) for transfers from the United Kingdom.
Data Processing Addenda with all sub-processors covering applicable transfer requirements.

A copy of our SCCs is available on request at Ask@unimoney.info.

10 — Children's Data

Our platform is not for children

unimoney's Services are designed for business professionals and are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If we discover that we have collected personal data from a child without parental consent, we will delete it promptly.

If you believe we may have collected data from a child, please contact us at Ask@unimoney.info.

11 — Policy Changes

How we notify you of updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

Post a prominent notice on the platform dashboard for 30 days.
Send an email notification to the primary account holder.
Update the "Last Updated" date at the top of this page.

Your continued use of the Services after the effective date of the updated policy constitutes acceptance of the changes. If you disagree with the changes, you may close your account before the effective date.

12 — Contact Us

Questions about this policy?

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please reach out through any of the channels below.

Sales

Ask@unimoney.info

Support

Help@unimoney.info

Registered Address

14th avenue, 3rdth floor, CB tech tower, sector-47(part-A), gurugram, haryana-122018