Unicorn SPRL is a private limited company registered in Belgium (BCE 0464.831.621). In this document the terms 'we', 'our' or 'us' refer to Unicorn SPRL.
Unicorn SPRL provides programming, database and systems administration and other technical services to our customers. Our customers are typically other businesses or organisations.
As with all EU companies, our data protection and privacy procedures are governed by the General Data Protection Regulation (GDPR). Under this regulation we have responsibilities as a both a data controller (where we determine the purposes and means of processing of data) and as a data processor (where we process data on behalf of the controller, typically our customer).
In all cases it is our policy to comply with all applicable provisions of Belgian data protection legislation and the GDPR and to make all reasonable efforts to keep personal data secure and up-to-date.
We are the data controller for data used internally by Unicorn SPRL. This includes:
We use this data to:
We are also the data controller for data collected from our web and email servers and other systems used by us to communicate with customers and potential customers. This data typically contains the details of the service being accessed and relevant metadata such as the time of the connection, the IP address and the username (if any) provided.
For web server logs it also includes the full URL being accessed and data which may identify the web browser and operating system.
For email servers it includes the sender and recipient addresses of each email received by or sent by us.
We use this data to:
We may ask a third party to collect, store or process data. In such cases processing and storage of the data will be regulated by the terms of the GDPR.
We will comply with any request that we believe compels us in law to share or process data, for example requests from law enforcement and tax authorities.
We may disclose, share or transfer your personal data to any future subsidiary company or holding company.
Should we sell any of our assets to a third party, your personal data will be transferred to that third party.
We work with the following third parties to collect, process and store data for us:
OVH Groupe SAS and Vultr Holdings Corporation. OVH and Vultr provide us with servers and other internet hosting infrastructure. You can read their privacy policies at https://www.ovh.ie/personal-data-protection/ and https://www.vultr.com/legal/gdpr/. The legal basis for this processing is Article 6(1) b GDPR.
As part of our routine business activities, we may be required to process personal data on behalf of our customers.
In this capacity we are typically acting as a data processor on behalf of our customer who is the data controller and who is ultimately responsible for ensuring and demonstrating that all processing is carried out in accordance with the GDPR.
As a data processor we may share or look into data provided to us, but will only do so at the documented request of the data controller and we will limit our use of the data to the scope of that request.
Typical requests where we may need to inspect personal data include:
It is our policy to comply with all applicable data protection and privacy laws and to be a good citizen of the internet. You may contact us directly at firstname.lastname@example.org and we will do our best to resolve any complaints.
You also have the right to make a complaint to the Belgian Data Protection Authority, whose contact details may be found at https://www.dataprotectionauthority.be/.