Disclosure Policy

  • Last Updated: June 21, 2025.

UnoLock Disclosure Policy


1.1 Introduction

Techsologic Incorporated (Corporation Number 734340-0, headquartered at 150 Elgin Street, 8th Floor, Ottawa, ON K2P 1L4, Canada), provider of the UnoLock platform, including all services, features, applications, and websites (collectively, the "Services"), establishes this Disclosure Policy to govern the communication of information related to the Services to users ("you," "your," "user"), including LegacyLink nominees, as defined in Section 3 (Services Overview) of the UnoLock Terms of Service ("Terms"), and to external entities. This policy, incorporated into the Terms, available at https://www.unolock.com/tos.html, ensures transparency, trust, and compliance with Canadian law (PIPEDA), GDPR, HIPAA, and other regulations, aligning with our zero-knowledge architecture and Absolute Anonymity, as per Section 9 (Privacy and Anonymity) and Section 17 (Compliance with Privacy Regulations) of the Terms. UnoLock safes are provisioned and encrypted entirely on the client, we never receive or retain the encryption keys, and operational telemetry excludes identifiers that could link a specific safe to a specific individual.

1.2 Purpose

This policy outlines how and when Techsologic Incorporated ("Techsologic," "we," "us," or "our") discloses information about the Services, including updates, security measures, data breaches, and legal compliance, to maintain user trust and operational integrity. It complements the Privacy Policy, GDPR Compliance Policy, and Security Policy at https://www.unolock.com/policies.

1.3 Disclosure to Users

Techsologic commits to providing timely, accurate, and transparent information to users regarding:

  • Service Updates: Changes to the Services, Terms, or Techsologic Policies (e.g., Privacy Policy, Fair Use Policy), notified via https://www.unolock.com/support.html or email (if provided), as per Section 14 (Modifications to Terms) of the Terms.
  • Security Measures: Updates to security protocols, such as encryption or authentication enhancements, as per Section 6 (Data Security and Encryption) and the Security Policy.
  • Data Breaches: Notification of breaches involving personal data (e.g., support emails) within 72 hours, per GDPR, including details and mitigation steps, as per Section 17.3 (Compliance with GDPR) and Section 1.7 (Incident Response) of the Security Policy.

Due to our zero-knowledge architecture, vault data cannot be disclosed or compromised, as per Section 9.2 (Zero-Knowledge Architecture) of the Terms. We do not collect mapping data between user identities and safes, and because encryption keys never leave the client, Techsologic cannot decrypt, inspect, or attribute vault contents even in the event of a disclosure request.

1.4 Disclosure to External Entities

Techsologic may disclose information to external entities under limited circumstances:

  • Legal Compliance: When required by law, such as valid subpoenas or court orders, in accordance with Canadian and international regulations, as per Section 17 of the Terms. Our response is limited to confirming whether we possess any user-supplied contact information or system metadata related to the request.
  • Law Enforcement: Cooperation with authorities to address illegal activities (e.g., violations of the Acceptable Use Policy) is limited to system integrity data. Because we do not hold the encryption keys and maintain no linkage between identities and safes, we cannot disclose safe ownership or decrypt stored content, as per Section 9.5 (Minimal Logging Practices) of the Terms.
  • Third-Party Vendors: Sharing with vendors (e.g., Stripe, AWS S3) only as necessary for service provision, under strict GDPR-compliant confidentiality agreements, as per Section 8 (Third-Party Systems) of the Terms. Vendors never receive vault keys or unencrypted safe contents.

Disclosures are minimized to protect user privacy, as per Section 9 (Privacy and Anonymity). Where disclosure requests relate to vault contents or safe ownership, we confirm our inability to comply because those artifacts reside exclusively with the user.

1.5 Principles of Disclosure

Techsologic adheres to the following principles:

  • Accuracy: Disclosures provide verifiable, accurate information.
  • Timeliness: Notifications are issued promptly for events impacting users or required by law (e.g., GDPR's 72-hour breach reporting).
  • Privacy Protection: Only necessary information is disclosed, preserving Absolute Anonymity, as per Section 9 of the Terms. Operational telemetry does not hold safe identifiers, and we are structurally unable to decrypt vault data.
  • Legal Compliance: Disclosures comply with PIPEDA, GDPR, and other regulations, as per Section 17 of the Terms.

1.6 User Rights and Inquiries

You have the right to inquire about disclosures related to your data (e.g., support communications) via support@unolock.com. Due to our zero-knowledge architecture, vault data cannot be disclosed, as per Section 9.2 of the Terms. GDPR rights (e.g., access, erasure) apply to voluntarily provided data, as per Section 1.7 of the Privacy Policy and Section 1.4 of the GDPR Compliance Policy. Responses will be provided within 30 days, where feasible, and will clarify that we neither retain vault keys nor maintain records tying specific safes to specific users.

1.7 Policy Modifications

Techsologic may revise this policy, as per Section 14 (Modifications to Terms) of the Terms. Material changes will be notified via https://www.unolock.com/support.html with 30 days' notice, where feasible. Continued use constitutes acceptance, as per Section 14.5 of the Terms.

1.8 Contact Information

For inquiries or to request disclosure information, contact:

  • Mail: Techsologic Incorporated, 150 Elgin Street, 8th Floor, Ottawa, ON K2P 1L4, Canada
  • Email: security@unolock.com
  • Security Reports: https://www.unolock.com/support.html
  • Support Portal: https://www.unolock.com/support.html