Legal
Protect your Data
![SOC 2](/images/security-page-logos/soc2-logo.jpg)
![GDPR](/images/security-page-logos/gdpr-logo.jpg)
SOC2
unitQ is SOC 2 Type II compliant, ensuring the highest standards in data protection and information security policies and controls. For more information, please contact us.
EU GDPR
unitQ is compliant with the EU General Data Protection Regulation (EU GDPR).
ISO 27001, ISO 27017, ISO 27018
The unitQ datacenters are compliant with ISO 27001, ISO 27017 and ISO 27018 certifications. These internationally accepted security standards cover the systems, applications, people, technology, policies, procedures and data centers serving customers. Our hosting provider, AWS, has achieved all three of these certificates. AWS ISO 27001 covers the AWS and AWS shared common infrastructure. The ISO 27017 certification covers cloud security specifically for cloud service providers. ISO 27018 governs protection of personally identifiable information in public cloud services.
unitQ Disclosure Policy
Our responsible disclosure policy promotes the discovery and reporting of security vulnerabilities. If you're a security researcher and you think you've found a vulnerability with unitQ, do the following:
- Report any potential security bugs and vulnerabilities to us on the third-party service Bugcrowd.
- Give us reasonable time to respond before making any information about the security issue public.
- Don't access or modify user data without permission of the account owner.
- Act in good faith not to degrade the performance of our services (including denial of service).
unitQ Subprocessors
To support delivery of our Services, unitQ, Inc. (or one of its Affiliates listed below) may engage and use data processors with access to certain customer data (each, a “Subprocessor”). This page provides important information about the identity, location, and role of each Subprocessor. Terms used on this page but not defined have the meaning set forth in the Customer Terms of Service or superseding written agreement between Customer and unitQ (the “Agreement”).
Third Parties
unitQ currently uses third party Subprocessors to provide infrastructure services and to help us provide customer support and email notifications. Prior to engaging any third party Subprocessor, unitQ performs diligence to evaluate their privacy, security and confidentiality practices and executes an agreement implementing its applicable obligations.
Infrastructure Subprocessors
unitQ may use the following Subprocessors to host customer data or provide other infrastructure that helps with delivery of our Services: