Trust is one of the pillars on which our company was founded on. Likewise, your trust in our service is invaluable and feeling that you can trust us with your data is paramount. We are responsible for ensuring that not only the personal data from over 50.000 Unbabelers (our community of Editors, Evaluators and Annotators) are protected, but also that our clients’ data privacy and security are safe.
Under the light of GDPR, personal data means any information related to a ‘Data Subject’, that can be used to directly or indirectly identify the Data Subject.
Community (Editors, Evaluators and Annotators): Unbabel uses Personal Data to connect each editor with the tasks they are more likely to achieve a better end result, such as e-mail, web and push notifications. Unbabel may use their Personal Data to communicate with its Community if there is an inaccuracy or complaint related to an assigned translated work. Unbabel may also require our Community’s payment details to perform and register payment over work provided on the platform. The following Community personal data is collected by Unbabel:
Clients: In order to provide reporting, e-mail communications and billing to its clients, Unbabel collects the following personal data from its Clients’ accounts:
Unbabel proceeds to the encryption of any personal data that may be included in the requested works (i.e.: Names, Credit Card Numbers, Social Security, e-mails, etc.).
Purposes: Unbabel will collect and use Personal Data solely for fulfilling the above specified purposes and for ancillary purposes of the same, unless it obtains the consent of the individual concerned or as required by law. Personal Data should not be further processed in a manner that is incompatible with the purpose for what it has been collected, and, to the extent necessary for those purposes, it should be accurate, complete, and up-to-date.
From Unbabel’s perspective, Personal Data is owned and controlled by the Data Subject to whom it relates.
To support the delivery of our services, Unbabel relies on service providers. Any third-party engaged by Unbabel that might have access or process data that may contain Personal Data is considered a processor. Despite the Unbabel translation pipeline was designed taking in consideration privacy and security measures, Unbabel still performs a security and privacy review of the practices of any processors before engaging with them. Below follows a list of our current processors:
Contractual safeguards & due diligence for our processors: Any processor and subcontractor used by Unbabel are put under a rigorous scrutiny to assess their security, confidentiality and privacy policies. We require all our processors to have a signed Data Protection Agreement (DPA) with us, similar to the DPA that our clients sign with us, including but not limited to the requirements to:
Unbabel considers that Community and Clients privacy and data security is of the utmost importance, with that in mind we do not disclose Personal Data except when necessary to provide our services or when lawfully requested by an accredited authority.
All the communication involving Unbabel follows high security standards, being transported over an encrypted secure channel. In the same way, data is also encrypted at rest, meaning that data is stored within encrypted databases with appropriate level of access security.
Unbabel won’t sell, provide or disclose any kind of personal data. All the data we store, are kept in encrypted databases and transported in encrypted secured channels and will not be accessed for any other purpose than provisioning, maintaining and improving our services. We restrict access to personal data to a reduced, privacy protection trained staff that is bound by NDA. Unbabel only discloses data to third parties where the disclosure is absolutely necessary to provide the services that our clients requests or in response to a lawful request from an accredited authority.
By data breach we mean a breach of Unbabel’s Security that leads to an accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored or otherwise processed on Unbabel’s systems. We don’t consider a personal data breach any unsuccessful attempts or activities that do not compromise data security as unsuccessful log-in attempts, pings, port scans, denial of service attacks or other attacks on our systems. In the event of a personal data breach that is likely to result in a high risk to the rights and freedoms of natural persons, Unbabel commits itself to notify all Data Subjects without undue delay after the incident discovery. Unbabel also commits itself to notify the supervisory authority without undue delay and, where feasible, no later than 72 hours after having become aware of it if a breach may result in a risk to the rights and freedoms of natural persons.
To maintain and improve service continuity and quality, data is deleted upon account termination or by explicit request either on our platform or by email, provided and insofar that such deletion does not prevent Unbabel or the user to comply with their legal or contractual obligations. If you want us to delete your data without accessing our platform, follow the procedure below:
In compliance with GDPR, Unbabel enables data subjects to export their data via our platform or by explicit request. If you want to export all the personal data that Unbabel holds from you, please follow the procedure below:
Unbabel allows their users to access and rectify their personal data and also to restrict the processing of their personal data in their user’s profile. If you want to rectify or restrict the processing of the personal data that Unbabel holds from you without accessing our platform, follow the procedure below:
In the section below we can find an overview on how we enforce data security at Unbabel.
As of May 25th, 2018 Unbabel is GDPR compliant.
For any enquiries or requests please use the following e-mails according to subject: Subject/E-mail address