Privacy Policy

// Data Controller

Who is responsible

UNYTE ECOSYSTEM OÜ (registry code 17470023), located at Karu tn 14-8, 10120 Tallinn, Estonia, is the data controller for personal data processed through the UNYTE platform.

// What we collect

The data

Email addresses — used for authentication via magic links. We do not store passwords.

Project data — information you submit about your projects, including descriptions, configurations, and settings.

Usage metrics — token consumption, revenue data, and operational metrics necessary to run the platform and process revenue sharing.

Ecosystem events — behavioral and interaction data within the platform used to improve shared services and the overall ecosystem experience.

// Why we collect it

The purpose

To operate the platform and authenticate your identity. To process revenue sharing and enforce Revenue Rights splits through the payment infrastructure. To provide shared services — API access, analytics, and ecosystem intelligence. To communicate with you about your account and projects.

// Third-party services

Who else touches your data

Stripe — payment processing. Handles financial transactions and payouts. Subject to Stripe's privacy policy and PCI compliance.

Resend — transactional email delivery. Used for magic link authentication and platform notifications.

Vercel — application hosting and edge network. Serves the platform frontend and API routes.

Neon — database hosting. Stores application data in EU-region PostgreSQL instances.

All third-party providers are either EU-based, GDPR-compliant, or operate under appropriate data processing agreements.

// Authentication

No passwords

UNYTE uses magic link authentication. You sign in by clicking a link sent to your email. We never store, process, or have access to any passwords.

// Data storage

Where your data lives

Application data is stored in Neon PostgreSQL databases hosted in the EU region. We do not transfer personal data outside the European Economic Area without appropriate safeguards.

// Your rights

GDPR rights

Under the General Data Protection Regulation, you have the right to: access your personal data, rectify inaccurate data, erase your data, port your data to another service, restrict processing, and object to processing.

To exercise any of these rights, contact us at vanastasiu@gmail.com. We will respond within 30 days.

// Data retention

How long we keep it

Account data is retained while your account is active. If you request account deletion, we will erase your personal data within 30 days, except where retention is required by law (e.g., financial records for tax compliance).

// What we don't do

The line we don't cross

We do not sell your personal data. We do not use your data for advertising. We do not share your data with third parties for their own marketing purposes. The data we collect exists to run the platform — nothing more.