Privacy Policy

Junify Corporation and its affiliates collects and uses personal data when providing its services to business customers. This Privacy Policy explains how we collect, use, share, and protect personal data and describes the choices available to Customers, administrators, and end users.

Junify provides services only to organizations. Our services are not intended for personal consumer use and are not directed to children.

If you have any questions about this Privacy Policy, please contact us at [email protected].

1. Who we are and scope of this Privacy Policy

This Privacy Policy applies to:

  • The Junify enterprise services that we provide to Customers
  • The Junify websites, including marketing sites, landing pages, and online forms
  • Communications with us, such as support requests and sales inquiries

This Privacy Policy does not replace or limit any data processing agreement or similar contract between Junify and a Customer. If there is any conflict between this Privacy Policy and a data processing agreement, the terms of the data processing agreement will usually control for the processing that falls within its scope.

This Privacy Policy is written for:

  • Administrators and other representatives of our Customers
  • End users who access Junify through their organization
  • Website visitors and prospective Customers
  • Legal, security, and compliance professionals who evaluate Junify

2. Key definitions

For the purposes of this Privacy Policy:

  • Junify, we, us, or our means Junify Inc
  • Customer means the organization that has entered into an agreement with Junify for use of the services
  • Admin means a user designated by the Customer to manage the Customer account and settings
  • End user means an individual who uses the services under a Customer account, such as an employee or contractor
  • Website visitor means an individual who visits our websites or interacts with our marketing content
  • Services means the enterprise software products, platforms, and related services that Junify provides to Customers
  • Customer Content means content and data that a Customer or its end users upload, submit, or connect to the services, such as files, emails, configuration data, or other materials
  • Service Data means account, usage, and technical information that Junify collects and generates to operate, secure, and improve the services
  • Applicable Data Protection Laws means all privacy and data protection laws and regulations that apply to our processing of personal data, including where applicable the laws of the European Union and the European Economic Area, the United Kingdom, the United States, Japan, and other jurisdictions
  • Personal data or personal information means any information relating to an identified or identifiable individual, to the extent defined by Applicable Data Protection Laws
  • Controller means the entity that determines the purposes and means of processing personal data
  • Processor means the entity that processes personal data on behalf of a controller
  • Subprocessor means a processor engaged by Junify to help provide the services

3. Roles of Junify as controller and processor

3.1 Enterprise services
  • The Customer is usually the controller of personal data contained in Customer Content and in certain Service Data that is generated by use of the services
  • Junify usually acts as a processor of that data, processing it on behalf of the Customer in accordance with the Customer agreement and the Customer’s instructions

Customer administrators define the scope of data collection and monitoring through configuration of the services. The Customer is responsible for providing any required notices to end users and for having a valid legal basis for the processing carried out through the services.

Junify may also act as a controller for certain Service Data that we use for our own purposes, such as account management, security monitoring, and service improvement. In those cases we determine the purposes and means of processing and comply with Applicable Data Protection Laws as a controller.

The details of our controller and processor roles in relation to a particular Customer relationship may be further specified in a data processing agreement or similar contract.

3.2 Websites and marketing

For our public websites, marketing activities, and sales operations, Junify generally acts as a controller of personal data collected from website visitors, prospects, and business contacts.

4. Our principles for data processing

Junify processes personal data in accordance with the following principles:

  • Lawfulness, fairness, and transparency

    We process personal data only when we have a lawful basis and in a fair and transparent manner.

  • Purpose limitation

    We collect and use personal data only for specified and legitimate purposes and do not process it in ways that are incompatible with those purposes.

  • Data minimization

    We collect the minimum amount of personal data needed to achieve the stated purposes and encourage Customers to configure the services in a privacy protective way.

  • Storage limitation

    We retain personal data only for as long as necessary for the purposes described in this Privacy Policy or in the Customer agreement, or as required by law.

  • Integrity and confidentiality

    We apply appropriate technical and organizational measures, including encryption and access controls, to protect personal data against unauthorized or unlawful access, use, or disclosure.

  • Role based access control

    Access to personal data is restricted based on job role and business need. Access is logged and subject to review.

  • Use of de identified and aggregated data

    Where possible, we use de identified or aggregated data for analytics, service improvement, and reporting. We do not attempt to re identify de identified data.

  • User and admin controls

    We provide administrators with settings that control the scope of data collection and optional features. We support Customers in fulfilling requests from data subjects.

  • Accountability and privacy by design

    We consider privacy impacts when designing new features, perform internal reviews, and seek to build privacy protection into our products and processes from the outset.

  • Limited human access to Customer Content

    Junify staff do not routinely access Customer Content. Human access is limited to specific situations such as security incidents, legal obligations, or support requests, and is subject to strict controls and logging.

5. Categories of personal data we process

The specific data we process depends on how the services are configured and which features are used. At a high level, we process the following categories of personal data.

5.1 Account information

Account information includes:

  • Name and contact details such as email address
  • Organization name and department
  • User role and permissions within the Customer account
  • Authentication information such as password hashes or single sign on identifiers
  • Billing and administrative contact details for Customer accounts

Junify uses account information to create and manage Customer accounts, provide access to the services, communicate with Customers, and perform billing and contract management.

5.2 Device and technical information

Device and technical information may include:

  • Internet Protocol address
  • Browser type and settings
  • Operating system and device type
  • Language and time zone
  • Application version and related technical identifiers
  • Basic information about the network and connection

We use this information to operate and secure the services, adapt the experience to the device, and diagnose technical issues.

5.3 Usage information

Usage information may include:

  • Login and logout events
  • Information about features used and actions taken within the services
  • Service performance metrics and error logs
  • Aggregated statistics about feature usage and configuration

We use usage information to provide the services, maintain security, understand service performance, and improve our products. We may generate aggregated statistics from usage information that no longer relates to an identified or identifiable individual.

5.4 Content you provide as Customer Content

Customer Content includes:

  • Files and documents such as text files, spreadsheets, presentations, and configuration files
  • Emails, attachments, and related metadata if an email integration is enabled
  • Data ingested from connected systems such as identity providers or software as a service applications
  • Activity logs and audit trails generated by End User actions within the Services
  • Other content that Customers or end users submit to or through the services

Customer Content is processed by Junify as a processor on behalf of the Customer. We do not use Customer Content to train or fine‑tune our own generative AI models. Generative AI components in the services operate on Customer Content in an inference‑only mode and are not trained on Customer Content. Where features require temporary storage or indexing of Customer Content, such processing is performed only to provide the services to the Customer in accordance with the Customer’s instructions.

5.5 Admin authorized data

Some features involve processing of data that is more sensitive or that comes from additional sources, for example:

  • Email accounts or collaboration tools
  • Device and endpoint information
  • Location related information
  • Additional attributes from third party software as a service applications

Junify collects and processes this type of data only when a Customer administrator has explicitly enabled the relevant feature or integration and has configured the scope of the data to be collected. By default such features are usually turned off.

5.6 Third party app or integration data

When a Customer connects third party applications or identity providers to the services, we may receive data from those providers, such as:

  • User identifiers and email addresses
  • Group and role information
  • Basic profile information
  • Signals about software usage needed for the relevant feature

We use this data to provide the requested integration, for example to synchronize users or to enable specific security or analytics functions.

5.7 Support and communications data

If you contact us through email, in product chat, or other channels, we may collect:

  • Contact details
  • The content of your request or feedback
  • Attachments or screenshots you choose to provide
  • Records of our communications and actions taken

We use this data to respond to requests, maintain our relationship with Customers, and improve our services.

5.8 Cookies and tracking technologies

Our websites and some parts of the services use cookies and similar technologies such as pixels and software development kits. These technologies may collect information about how you use our websites and services, including pages visited, referral URLs, and other usage details. For more information, see section 8.

5.9 Data processed by generative AI components

Where a Customer enables features that use generative artificial intelligence models, we may process:

  • Prompts and queries submitted by end users
  • Relevant context selected from Customer Content or Service Data as part of the feature
  • Model outputs shown to users

We limit the data provided to these models to what is necessary to generate the requested output and operate the feature. For details, see section 9 and the relevant annex.

5.10 Special categories of personal data and children’s data

Junify does not seek to collect special categories of personal data such as information about health, race or ethnic origin, political opinions, religious or philosophical beliefs, or similar data, and our services are not designed to process such data.

We do not direct our services to children and do not knowingly collect personal data from children. If a Customer chooses to store special category data or children’s data in Customer Content, this is done under the Customer’s responsibility as controller, and we process such data only as a processor in accordance with the Customer’s instructions. Even in that case, we do not use such data to train general models or for independent marketing.

We recommend that Customers avoid storing highly sensitive personal data in Junify unless it is strictly necessary and appropriate safeguards are in place.

6. How we use personal data and legal bases

6.1 Purposes of use

Provision and operation of the services

To provide, operate, and maintain the services, including user authentication, configuration, data processing requested by the Customer, storage, and display of Customer Content, as well as billing and account management.

Execution of automated processing as configured by administrators

To carry out automated processing, analysis, and reporting configured by Customer administrators, including monitoring, alerting, and protection tasks within the scope defined by the Customer.

Security and misuse prevention

To protect the services, Customers, and Junify from security threats and misuse, including threat monitoring, detection and investigation of suspicious activity, prevention of fraud, and incident response.

Service improvement and research

To analyze usage trends, develop new features, and improve the performance and reliability of the services, primarily using Service Data and de identified or aggregated data.

Customer support and communication

To respond to requests, inquiries, and complaints, to provide technical support, and to send service related communications such as security alerts, updates, and administrative messages.

Optional features such as generative AI and advanced monitoring

To provide optional features that involve additional processing, such as generative AI assistance or shadow IT detection, where these features are enabled by the Customer and configured by administrators.

Legal compliance and dispute resolution

To comply with legal obligations, respond to lawful requests by public authorities, enforce our agreements, and protect our rights, privacy, safety, and property and those of our Customers and others.

6.2 What we do not do
  • We do not sell personal data or share it for third party behavioral advertising
  • We do not use Customer Content, or prompts and outputs from generative AI features, to train or improve generative AI models for Junify or for any third party.
  • We do not use personal data for our own independent marketing to end users who access the services through a Customer, except as permitted by the Customer and by law
  • We do not collect highly sensitive data such as precise GPS location or extensive device telemetry unless an administrator explicitly enables the relevant feature
6.3 Legal bases for processing

Where Applicable Data Protection Laws require a legal basis for processing, we rely on the following:

  • Performance of a contract

    When processing is necessary to provide the services under the Customer contract, including user authentication, core functionality, and support.

  • Legitimate interests

    When processing is necessary for our legitimate interests or the legitimate interests of a Customer, such as service improvement, security, and fraud prevention, and these interests are not overridden by the rights and interests of data subjects.

  • Consent

    When we request consent for certain activities, such as non essential cookies or optional AI features in specific jurisdictions. Where we rely on consent, you can withdraw it at any time.

  • Legal obligations

    When processing is necessary to comply with legal obligations, such as maintaining certain records or responding to lawful requests.

The specific legal basis can depend on the context and on the relationship between Junify and the data subject. Additional information may be provided in a data processing agreement or a region specific notice.

7. Admin controls and user choices

Junify designs its services to allow Customer administrators to control what data is collected and how certain features operate.

7.1 Administrator configuration

Administrators can:

  • Enable or disable specific features and integrations
  • Define which data sources are connected to the services
  • Configure data collection scope and retention settings within the options provided by Junify
  • Manage end user access and permissions
  • Review certain logs and reports relating to use of the services

For sensitive features, such as email monitoring, endpoint monitoring, or location related functions, default settings are usually off and must be explicitly enabled by an administrator.

7.2 End user options

End users may have certain choices, including:

  • Updating some profile information within the services
  • Controlling certain optional features within the limits set by the Customer
  • Opting out of certain communications sent directly by Junify, such as marketing emails, by using unsubscribe links

Because Junify usually acts as a processor for Customer Content and related data, end users should first contact their organization’s administrator for questions about the organization’s use of Junify and the configuration of the services.

8. Cookies and similar technologies

We use cookies and similar technologies for several purposes:

  • To enable basic site functionality and security
  • To remember preferences and improve user experience
  • To understand how our websites and services are used
  • To support our marketing and sales efforts, where permitted by law

You can control cookies through:

  • The cookie consent tools on our websites where available
  • Browser settings that restrict or remove cookies
  • Opt out mechanisms provided by certain analytics or advertising providers

Essential cookies that are necessary for the operation of the site or service may not be disabled where they are strictly necessary. For more information about the cookies used on our websites, we may provide a separate cookie notice or annex.

9. Generative AI

Junify may offer features that use generative artificial intelligence models provided by trusted third party model providers.

When these features are enabled:

  • We send the minimum necessary input to the model to provide the requested functionality, which may include parts of Customer Content and relevant context
  • We use the model outputs to provide responses or suggestions within the services
  • We configure and contractually require our model providers so that Customer Content, prompts, and outputs are used only to provide the requested AI functionality (inference) and are not used by those providers to train or improve their general‑purpose or generative AI models.
  • Administrators can control which users can access AI features and how those features are used

Generative AI may occasionally produce incorrect or inappropriate outputs. Customers should not rely solely on AI outputs for decisions that have legal, financial, or other significant effects. Human review and judgment remain essential.

Further details about AI related processing, data flows, and subprocessors may be provided in a dedicated annex.

10. Sharing and disclosure of personal data

We share personal data only as described in this Privacy Policy or with the consent of the relevant controller or data subject.

10.1 Sub-processors and service providers

We engage sub-processors and service providers to support the services, for example for:

  • Cloud infrastructure and storage
  • Email delivery
  • Security monitoring and logging
  • Analytics
  • Customer support tools

These partners process personal data only under our instructions and are subject to contractual obligations that require appropriate security and privacy protections. We maintain a separate Sub-Processor List identifying our key sub-processors and make it available to Customers, and we update that list as described in the applicable customer agreement or DPA.

10.2 Independent controllers

Some third parties act as independent controllers when processing personal data they receive from us or directly from you. For example, payment processors and some marketing and analytics providers may use personal data for their own purposes in accordance with their own privacy policies. In such cases, we encourage you to review their privacy policies for more information.

10.3 Customer and other users

Depending on the configuration of the services, personal data may be shared within the Customer organization. For example, administrators may be able to view certain usage information and reports relating to end users. Features that involve collaboration may allow users to view each other’s names, contact details, or activity.

10.4 Corporate transactions

If Junify is involved in a merger, acquisition, financing, reorganization, or sale of all or part of its business, personal data may be transferred to another entity as part of the transaction. In that case we will require the receiving entity to respect this Privacy Policy or follow equivalent protections.

10.5 Legal obligations and protection of rights

We may disclose personal data when we believe in good faith that such disclosure is reasonably necessary to:

  • Comply with Applicable Data Protection Laws or other legal obligations
  • Respond to lawful requests and legal process
  • Protect the rights, property, or safety of Junify, our Customers, users, or the public
  • Detect, prevent, or investigate security incidents, fraud, or other wrongdoing

We carefully assess the scope and legal basis of such requests and seek to limit disclosures to what is legally required.

11. International data transfers

Junify is based in the United States and may process personal data in the United States and other countries. These countries may have data protection laws that are different from the laws of your country.

When we transfer personal data from regions such as the European Economic Area, the United Kingdom, or Japan to countries that do not provide an adequate level of data protection, we implement appropriate safeguards such as:

  • Standard contractual clauses approved by relevant authorities
  • Other lawful transfer mechanisms under Applicable Data Protection Laws

We may also conduct transfer impact assessments and implement additional safeguards where required.

12. Data retention

We retain personal data for as long as necessary to fulfill the purposes described in this Privacy Policy and in the Customer agreement, or as required by law. Retention periods may vary based on the type of data and the context of processing.

In general:

  • Account information is retained for the duration of the Customer relationship and for a period afterward as necessary for billing, contract management, dispute resolution, and compliance with legal obligations
  • Customer Content is retained according to the Customer’s configuration and instructions. In some cases, data may be deleted shortly after processing is complete. In other cases, data may be stored until deleted by administrators or until the Customer account is closed
  • Logs and security related data are retained for a period that allows us to investigate incidents, maintain security, and meet compliance requirements
  • Support and communications data are retained for a reasonable period to maintain records of interactions and improve our services
  • AI processing data is retained only as needed to provide the feature, resolve issues, and prevent abuse, and for no longer than necessary for those purposes

We may retain de identified or aggregated information that no longer identifies an individual for a longer period for analytics, service improvement, and statistical purposes.

13. Security

We use technical and organizational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, and unauthorized disclosure or access.

These measures include:

  • Encryption in transit and at rest for appropriate data sets
  • Access controls and role based access management
  • Logging and monitoring of access to production systems
  • Secure software development practices and code review
  • Regular vulnerability management and security testing
  • Background checks and confidentiality obligations for employees where appropriate
  • Training programs on security and privacy for relevant personnel
  • Incident response procedures for detecting, reporting, and responding to security incidents

While we take reasonable steps to protect personal data, no system can be completely secure. Customers are responsible for maintaining the security of their own systems and for configuring the services in a secure way, including management of access credentials and administrator permissions.

Junify aims to align its security program with recognized frameworks such as SOC 2 and similar standards and may pursue external attestations or certifications as the services mature.

14. Data subject rights

Depending on your location and subject to Applicable Data Protection Laws, you may have certain rights regarding your personal data, such as:

  • The right to know whether we process your personal data and to access that data
  • The right to request correction of inaccurate or incomplete personal data
  • The right to request deletion of personal data in certain circumstances
  • The right to request restriction of processing in certain circumstances
  • The right to object to certain processing, including processing based on legitimate interests or for direct marketing
  • The right to data portability, to receive certain personal data in a structured, commonly used, and machine readable format
  • The right to withdraw consent at any time where processing is based on consent
  • The right to lodge a complaint with a supervisory authority

When Junify processes personal data as a processor on behalf of a Customer, we usually cannot act directly on requests from end users regarding Customer Content or other data controlled by the Customer. In those cases, you should direct your request to the relevant Customer. We will assist the Customer in responding to such requests when required by our agreement and by law.

For personal data that Junify processes as a controller, you may submit a request by contacting us at [email protected]. We may need to verify your identity and may not be able to fulfill a request where we are legally required or permitted to retain data.

15. Region specific information

This section provides additional information for individuals in certain jurisdictions. These supplements apply in addition to the rest of this Privacy Policy. If there is any conflict between this section and the other sections of this Privacy Policy, this section will usually control for individuals in the relevant jurisdiction.

15.1 European Economic Area and United Kingdom

If you are located in the European Economic Area or the United Kingdom, Junify will usually act as a processor of Customer Content and related personal data when providing the services to a Customer, and as a controller of certain Service Data such as account, billing, security and website data.

For processing where Junify acts as a controller, the legal bases described in section 6 apply. You have the rights described in section 14, including the right to request access to your personal data, rectification, erasure, restriction, objection to certain processing and data portability, subject to the conditions set out in Applicable Data Protection Laws.

You also have the right to lodge a complaint with a supervisory authority. A list of supervisory authorities in the European Economic Area is available from the European Data Protection Board. In the United Kingdom you can contact the Information Commissioners Office. We would appreciate the opportunity to address your concerns directly before you contact a supervisory authority, so we encourage you to contact us first using the details in section 17.

Where we transfer personal data from the European Economic Area or the United Kingdom to countries that do not provide an adequate level of data protection, we implement appropriate safeguards as described in section 11.

15.2 Japan

For individuals in Japan, Junify distinguishes between personal data that it controls and Customer Content that it processes on behalf of Customers.

Personal data that Junify collects and uses for its own purposes, such as account management, security monitoring, support communications and operation of the websites, is treated as personal data held by Junify under the Act on the Protection of Personal Information of Japan.

By contrast, Customer Content that Customers upload, connect or otherwise submit for their own business purposes is processed by Junify as a processor on behalf of the Customer. As a general rule, Junify does not treat Customer Content as Junifys retained personal data under the Act on the Protection of Personal Information. The Customer is responsible for defining the purposes of use of Customer Content and for providing any required notices to data subjects.

When Junify transfers personal data from Japan to other countries, Junify implements safeguards required by the Act on the Protection of Personal Information and other Applicable Data Protection Laws. Where required, we can provide additional information about such safeguards upon request.

15.3 California and other United States states

Certain United States state privacy laws grant specific rights to residents, including rights relating to access, deletion, correction and opt out of certain uses and disclosures of personal information.

Junify does not sell personal information or share it for cross context behavioral advertising, as those terms are defined under California law. We also do not use Customer Content for our own independent advertising or marketing that targets individuals.

If you are a resident of California, subject to Applicable Data Protection Laws you may have the right to:

  • Know the categories of personal information that we collect, the categories of sources from which we collect it, the purposes for which we use it, the categories of personal information we disclose for a business purpose and the categories of third parties to whom we disclose it
  • Access specific pieces of personal information that we hold about you
  • Request deletion of personal information that we hold about you, subject to certain exceptions
  • Request correction of inaccurate personal information
  • Opt out of any sale or sharing of personal information, including for cross context behavioral advertising where applicable
  • Limit the use and disclosure of sensitive personal information where this is required by law
  • Be free from unlawful discrimination for exercising your privacy rights

For residents of other United States states that have comprehensive privacy laws, including for example Colorado, Connecticut, Utah and Virginia, similar rights may be available, such as rights to access, delete, correct and obtain a copy of your personal information and rights to opt out of certain processing such as targeted advertising or sale of personal information, in each case as defined by the laws of your state.

To exercise your rights under United States state privacy laws, you may contact us using the details in section 17 and indicate that your request relates to your state privacy rights. We may need to verify your identity before responding to your request and we may not be able to fulfill your request in all cases, for example where a legal exception applies. Where required by law, you may appoint an authorized agent to submit a request on your behalf, subject to verification steps.

Junify may provide a separate United States state privacy notice, including a California specific notice at collection, that describes our practices and your rights in more detail. Where such a notice is published, it should be read together with this Privacy Policy and, in the event of any inconsistency, that notice will usually control for residents of the relevant state.

16. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, services, or legal requirements.

When we make material changes, we will:

  • Update the “Last updated” date at the top of this Privacy Policy
  • Provide additional notice to Customers through channels such as email, in product notifications, or administrator dashboards, where appropriate
  • Comply with any legal requirements regarding notice or consent for changes

If you continue to use the services after the effective date of a revised Privacy Policy, your use will be subject to the updated policy, subject to any requirements in your agreement with us.

17. Contact us

If you have questions, concerns, or requests regarding this Privacy Policy or our processing of personal data, you can contact us at:

Junify Inc

470 Ramona Street

Palo Alto CA 94301

United States

Email: [email protected]

18. Annexes

Junify may provide feature specific annexes that form part of this Privacy Policy. These annexes describe in more detail how particular features process data, including:

  • The feature description and purpose
  • Who can enable the feature
  • Data collected and processed when the feature is enabled
  • The purposes of processing for that feature
  • Subprocessors and third parties involved
  • Retention practices
  • Administrator and user controls
  • Data that is not collected or processing that is explicitly excluded

Examples of such annexes may cover topics such as email and communication integrations, endpoint and device monitoring, shadow IT detection, generative AI features, and website cookies and analytics.

Information about Junify’s sub-processors is provided in a separate Sub-Processor List and is not itself an annex to this Privacy Policy.

In case of any inconsistency between an annex and this Privacy Policy, the annex will usually control for processing that is specific to that feature.