Use
Purpose-limited processing
We use personal data to run the website, respond to enquiries, deliver services, protect the platform, and meet legal obligations.
Legal
Privacy Policy
This page explains how Unpaved handles personal data across our website, communications, scheduling workflows, and services.
Sharing
Controlled third-party access
We share data only with service providers, advisors, and infrastructure partners that support delivery of Unpaved, or where required by law.
Rights
Access, deletion, and control
Depending on where you are located, you may have rights to access, correct, delete, restrict, or object to certain processing of your personal data.
Main Terms
How Unpaved handles personal data
1. Scope of this policy
This Privacy Policy explains how Unpaved collects, uses, stores, and shares personal data when you visit our website, contact us, schedule meetings with us, or use the Unpaved services.
This policy applies to personal data processed by Unpaved as a controller. Where Unpaved processes customer personal data on behalf of a customer as a processor, that processing is governed by our contractual terms and any applicable data processing addendum.
2. Personal data we may collect
Depending on how you interact with Unpaved, we may collect contact details such as name, work email address, company, role, phone number, and communication preferences.
We may also collect scheduling information, message content, support correspondence, website usage information, device and browser information, and service usage data required to deliver, secure, and improve the services.
If a customer uses Unpaved to run interviews or workflow mapping projects, we may process personal data included in interview responses, organizational records, role information, workflow details, and related operational material on that customer's behalf.
3. How we use personal data
We use personal data to operate the website, respond to enquiries, book and manage meetings, provide and support the services, maintain account and service security, troubleshoot issues, and communicate with customers and prospective customers.
We may also use personal data to improve the website and services, prevent fraud or abuse, comply with legal obligations, enforce our agreements, and protect the rights, property, and safety of Unpaved, our users, and others.
4. Legal bases for processing
Where required by applicable law, Unpaved relies on one or more legal bases to process personal data. These may include performance of a contract, compliance with legal obligations, our legitimate interests in operating and securing the business, and consent where consent is required.
Where we rely on legitimate interests, we consider the purpose of the processing, the necessity of the processing, and the impact on the individual.
5. How we share personal data
We may share personal data with infrastructure providers, hosting providers, analytics providers, communications and scheduling providers, professional advisors, and other vendors that help us operate the website and services.
We may also share personal data where necessary in connection with a corporate transaction, to establish or defend legal claims, or where disclosure is required by law, regulation, court order, or competent authority.
6. International data transfers
Unpaved may process or transfer personal data outside the United Kingdom or European Economic Area. Where we do so, we use appropriate safeguards or lawful transfer mechanisms recognized under applicable data protection law.
These safeguards may include adequacy regulations, standard contractual clauses, the UK international data transfer addendum, or another lawful basis for transfer.
7. Data retention
We keep personal data only for as long as reasonably necessary for the purposes described in this policy, including to provide the services, maintain business records, meet legal obligations, resolve disputes, and enforce agreements.
Retention periods vary depending on the nature of the data, the context in which it was collected, and legal or operational requirements.
8. Security
Unpaved maintains technical and organizational measures designed to protect personal data against unauthorized access, disclosure, alteration, loss, or destruction.
No method of storage or transmission is completely secure, but we work to apply appropriate safeguards based on the nature of the information and the risks involved.
9. Your rights
Depending on your location and the applicable law, you may have rights to request access to personal data, correction of inaccurate data, deletion, restriction of processing, portability, or objection to certain uses of personal data.
You may also have the right to withdraw consent where processing is based on consent. To exercise these rights, contact us using the details below.
10. Cookies and similar technologies
Unpaved may use cookies or similar technologies to support essential website functions, understand site usage, and improve performance and user experience.
If we introduce optional analytics or marketing technologies that require consent under applicable law, we will present an appropriate notice or consent mechanism.
11. Third-party links and services
Our website may link to third-party websites or embed third-party services such as scheduling tools. Those third parties operate under their own terms and privacy notices, and Unpaved is not responsible for their independent practices.
We encourage you to review the privacy information made available by those third parties before using their services.
12. Contact and updates
Questions about this Privacy Policy or Unpaved's privacy practices may be sent to info@unpaved.ai.
This policy is effective as of 8 April 2026 and may be updated from time to time to reflect changes to our services, legal obligations, or data handling practices.
Need answers for procurement or security review?
Contact us if your legal, security, or procurement team needs additional privacy, retention, or data handling information.
Book a demo