Unboxed Training & Technology

Privacy Policy

Updated: October 29, 2025

Spoke Privacy Policy for Enterprise SaaS

Unboxed Technology is committed to protecting your privacy. This Spoke Privacy Policy is intended for the commercial customer users of Unboxed (“you”), as will be more specifically defined in the definitive agreement between Unboxed and its commercial customer.

We want to be transparent about how we collect, use and share information about you. This policy is intended to help you understand what information we collect about you, what we do with that information and what access and control you have over that information. It covers information we collect about you when you interact with us, including using any of our products or services, unless a different policy is specified. We refer to all of our products and other services (including our website) as “Services” in this policy.

If you do not agree with this policy, please do not allow access or use our Services or interact with any other aspect of our business.

Where we provide Services pursuant to a contract with the company through which you are accessing the Services, that organization serves as the controller of the information processed by the Services (“Data Controller”). The Data Controller determines the purposes and means of processing personal data.

When providing Services under our contract with the company through which you are accessing the Services for use of the Spoke product, Unboxed Technology serves as a data processor (“Data Processor”) where we process data on behalf of the company and pursuant to its instructions, including performing operations such as collection, recording, organization, storage, structuring and use. For example, we are a Data Processor with the information in our LMS where we have a contract with an organization.

At the beginning of each section, we have ‘plain English’ summaries to help you understand the content.

How we collect your information

This section gives you the details about what information we collect about you and how we collect it.

We collect information about you when you provide it to us, when you use our Services, and when other sources provide it to us.

We collect information about you when you input it into the Services or otherwise provide it directly to us. This may include certain Personal Information, as may be defined under the applicable privacy laws, such as the CCPA, GDPR , such as real name, alias, address, personal identifier, Internet Protocol address, online identifier, and / or an email address.

Account and Profile Information: When you create an account, create or modify their profile, or set preferences, or any of the foregoing is done on your behalf by the company’s administrator for the Services, we collect the information provided. For example, you may self-enroll in one of our apps, providing information to us, possibly including adding a display name, profile photo, job title, and other details. We also keep track of your preferences when you select settings within the Services.

Content you provide directly to the Services: We collect and store content that you post, send, receive and share through the Services. This content includes any files and links you upload to our Services. This may also occur when you participate in interactive features, surveys, or promotions. Additionally, you also provide content when you sign up for a demo of our products. Some examples of content may include: an uploaded image, comments made in our LMS, and feedback.

Information you provide through our support channels: The Services include our customer support, where you may submit information regarding a problem you are experiencing with a Service. Whether you designate a technical contact, you open a support ticket, speak to one of our representatives directly or otherwise engage with our support team, you will be asked for contact information, a summary of the problem you are experiencing, and other documentation that would be helpful in resolving the issue.

Information we collect automatically

We may collect some information about you automatically when you use our Services, including browsing our websites. As set forth in more detail below, this includes Internet or other electronic network activity information, such as browsing history, search history, and information regarding a consumer’s interaction with an Internet website.

Your use of the Services: We keep track of when you visit and interact with any of our Services. This information may include the features you use; the links you click on; the type, size and filenames of attachments you upload to the Services; frequently used search terms; and how you interact with others on the Services.

Device and Connection Information: We collect information about your computer, phone, tablet, or any other devices you use to access the Services. This device information may include your connection type and settings when you install, access, update, or use our Services. We also collect information through your device about your operating system, browser type, IP address, URLs of referring/exit pages, device identifiers, and crash data. We may use your IP address or country preference to approximate your location to provide you with a better Service experience. How much of this information we collect depends on the type and settings of your devices.

Third parties, including Google and others, may use cookies, web beacons, and other storage technologies to collect or receive information from our websites and elsewhere on the internet and use that information to provide measurement services. The tracking technologies we utilize include the following:

Cookies. We may use different types of cookies when providing different types of web-related services. If you do not know what cookies are, or how to control or delete them, then we recommend you visit www.aboutcookies.org for detailed guidance. Cookies allow us to identify and authenticate visitors, track aggregate behavior, and enable important service features. We use both session ID cookies and persistent cookies. Session ID cookies are used to maintain your browser states as they browse through the Services, and they expire when you close your browsers. A persistent Cookie remains on your hard drive for an extended period, and we use that to identify you should you return to Services and want to find information you have previously entered or accessed.

You may refuse to accept or disable cookies through your web browsers. However, if you select this setting, you may be unable to access certain features of the Services.

Analytics. We may use analytics tools or similar tools provided by third parties (“Data Analytics Providers”) to help analyze how you utilize our Services. Data Analytics Providers use cookies and other tracking technologies to collect information such as how often users visit our website, what pages they visit, and what other websites they have used prior to visiting our website. We use the information we get from analytics tools only to improve Services. Analytics tools collect the IP address or other unique identifier assigned to you on the date you visited the Services. We do not combine the information generated through the use of analytics tools with other Personal Information. Data Analytics Providers plant a persistent cookie on your web browsers to identify you as a unique user the next time you visit our website, and the treatment of that information is governed by the Data Analytics Provider’s terms of use and/or privacy policy. To learn about how Google uses data related to website analytics when you use our site or apps, click here: https://policies.google.com/technologies/partner-sites. Additionally, to learn more about Google Analytics and how to opt out, please visit https://tools.google.com/dlpage/gaoptout

When you interact with our digital property, we may collect certain personal information including IP addresses, information about your web browsing and app usage.

Other services you link to your account: We receive information about you when the administrator of the company through which you are accessing the Services (“administrator”) integrates or links a third-party service with our Services. Your administrator may integrate our Services to allow you to access, store, share and edit certain content from a third-party through our Services. The information we receive when you link or integrate our Services with a third-party service depends on the settings, permissions and privacy policy controlled by that third-party service. Check the privacy settings and notices in these third-party services to understand what data may be disclosed or shared with our Services.

How we use your information

How we use your information depends on which Services you use, how you use them, and any preferences you have communicated to us.

To provide the Services and personalize your experiences: We use information about you to authenticate them when they log in, provide customer support, and operate and maintain the Services. For example, we may use the name and picture you provide on their profile to identify them to other Service users. Our Services may also include tailored features that personalize your experiences, such as providing individualized search results, activity feeds, training, or recommendations based on your job title or region.

For research and development: We use data about how people use our Services along with feedback provided directly to us to identify areas for improvement. We also may invite some users to help test new features before releasing improvements to all users.

To communicate about the Services: We use your information to send communications via email and within the Services, including providing customer support, sending you service notifications, new feature information, and security alerts. We may send you email notifications when others interact with you on the Services, for example, when you are assigned a new course or receive a response to a comment. We may also send you communications through the Services, such as modals with help text, a banner alert or a badge notification.

Customer support: We use your information to resolve technical issues and respond to support requests, to analyze crash information and to repair and improve the Services.

To protect our legitimate business interests, and legal rights: We use information about you and your Service use to verify accounts and activity, to monitor suspicious or fraudulent activity and to identify violations of Service policies. Where required by law or where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business.

For other activities with your consent: We use information about you that you have given us consent to do so for a specific purpose not listed above. For example, we may publish testimonials or featured customer stories to promote the Services, but only with your permission.

When we use your information

We use your information only when:

  • We need it to provide you the Services, including to operate the Services, provide customer support and personalized features and to protect the safety and security of the Services
  • It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development and to protect our legal rights and interests
  • You give us consent to do so for a specific purpose
  • We need to process your data to comply with a legal obligation

If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your information because we or a third party have a legitimate interest to do so, you have the right to object to that use. In some cases, this may prohibit use of those Services.

How we share your information

We share information we collect about you in the ways described in the section below. We are not in the business of selling information about you to advertisers or other third parties, and we do not sell your Personal Information for monetary consideration.

Sharing with other Service users

When you use the Services, we share certain information about you with other Service users.

For collaboration: You can create content, which may contain information about you, and grant permission to others to see, share, edit, copy and download that content based on settings your administrator selects. Some of the collaboration features of the Services display your profile information to other Service users when you share or interact with specific content. For example, when you comment on a news post, we may display your profile picture and name next to your comments so that other users understand who made the comment. Your administrators of the Services will be able to view your posts and activities.

Managed accounts and administrators: If you register or access the Services using an email address with a domain that is owned by you, information about you, including your name, profile picture, contact info, content and past use of your account may be accessible to your administrators as your administrator may select. We may share your administrator’s contact information with you to facilitate Service-related requests.

Sharing with third parties

We share information with third parties that help us operate, provide, improve, integrate, customize, support and market our Services.

Service Providers and Contractors: We work with third-party service providers and contractors to provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, analysis and other services for us, which may require them to access or use information about you. If a service provider needs to access information about you to perform services on our behalf, they do so under close instruction from us, including policies and procedures designed to protect your information.

Partners: We work with third parties who provide consulting, sales, and technical services to deliver and implement customer solutions around the Services. We may share your information with these third parties in connection with their services, such as to assist with billing and collections, to provide localized support, and to provide customizations. We may also share information with these third parties where you have agreed to that sharing.

Third Party Apps: Your organization may choose to add new functionality or change the behavior of the Services by installing or interfacing with third party apps within the Services. Doing so may give third-party apps access to your account and information like your name and email address, and any content you use in connection with those apps. Third-party app policies and procedures are not controlled by us, and this privacy policy does not cover how third-party apps use your information. We encourage you to review the privacy policies of third parties before using their applications or services. If you object to your information about being shared with these third parties, please uninstall the app and/or inform your organization’s administrator. In some cases, this may impact your ability to use our Services.

Links to Third Party Sites, Social Media Widgets, Third-Party Widgets: The Services may include links that direct you to other websites or services whose privacy practices may differ from ours. These websites or services may collect your IP address, the page you are visiting on the Services, and may set a cookie to enable the feature function properly. If you submit information to any of those third-party sites, your information is governed by their privacy policies, not this one. We encourage you to carefully read the privacy policy of any website you visit.

Compliance with Enforcement Requests and Applicable Laws; Enforcement of Our Rights: In exceptional circumstances, we may share information about you with a third party if we believe that sharing is reasonably necessary to (a) comply with any applicable law, regulation, legal process or governmental request, including to meet national security requirements, (b) enforce our agreements, policies and terms of service, (c) protect the security or integrity of our products and services, (d) protect Unboxed, our customers or the public from harm or illegal activities, or (e) respond to an emergency which we believe in good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person.

Business Transfers: We may share or transfer information we collect under this privacy policy in connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. You will be notified via email and/or a prominent notice on the Services if a transaction takes place, as well as any choices you may have regarding your information.

How we store and secure information we collect

This section describes how we securely store your information.

Information storage and security

We use data hosting service providers in the United States to host the information we collect, and we use technical measures to secure your data. While we implement safeguards designed to protect your information, no security system is impenetrable. Due to the inherent nature of the internet, we cannot guarantee that data, in transit or at rest, is completely safe from intrusion by others.

How long we keep information

How long we keep information about you depends on the type of information. After a period of time, we will either delete, anonymize, or securely store your information and isolate it from any further use until deletion is possible.

Account information: We retain your account information for as long as your account is active and a reasonable period afterwards in case you decide to re-activate the Services. We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, and to support business operations. If we retain information for Service improvement and development, we take steps to pseudonymize information that directly identifies you, and we only use the information to uncover collective insights about the use of our Services, not to specifically analyze personal characteristics.

Information you share on the Services: If your account is deactivated or disabled, the content you have provided may remain to allow other users to make full use of the Services, however, after a period of time to ensure the account was not deactivated in error, we will pseudonymize or anonymize your Personal Information so that it will be unable to identify you. For example, we may continue to display comments posted on one of our Services, however, we will replace the associated username so it cannot be used to identify a specific individual.

We will retain your information as long as required by the definitive agreement between your employer and Unboxed.

How to access and control your information

When it comes to your information, you may request access to such information and have choices regarding use of your information. Below is a summary of those choices, how to exercise them and any limitations.

Your Choices:

You have the right to request a copy of your information, to object to our use of your information (including for marketing purposes), to request that your information be corrected, to request the deletion or restriction of your information, or to request your information in a structured, electronic format. You can exercise some of the choices by logging into the Services and using settings available within the Services or your account. For all requests, you may contact us as provided at support@unboxedtechnology.com section below to request assistance.

Your request and choices may be limited in certain cases: for example, if fulfilling your request would reveal information about another person that is not you, or if you ask to delete information which we are permitted by law or have compelling legitimate interests to keep. Where you have asked us to share data with third parties, for example, by installing third-party apps, you will need to contact those third-party service providers directly to have your information deleted or restricted. If you have unresolved concerns, you may have the right to complain to a data protection authority in the country or state where you are domiciled, where you work, or where you feel your rights were infringed.

Access and update your information: Our Services may give you the ability to access and update certain information about you from within the Service. For example, you can access your profile information from your account and search for content containing information about you using key word searches in the Service. You can update your profile information within your profile settings and modify content that contains information about you using the editing tools associated with that content.

Deactivate your accounts: If you no longer wish to use our Services, your administrator may be able to deactivate your Services account. You can also deactivate your own account, with a setting available to you in your account settings, if so permitted by your administrator. If your administrator is unable to deactivate an account through your administrator settings, please contact Unboxed Support. Please be aware that deactivating your account does not immediately delete your information. Your information remains visible to other Service users based on their past participation within the Services. For more information on how to delete your information, see below.

Correct your information: If you believe that the information Unboxed possesses about you is incorrect, you can request that such information be corrected. Please note that this right is limited to a verifiable request from you.

Delete your information: Our Services give you the ability to delete certain information about you from within the Service. For example, you can remove content that contains information about you using the key word search and editing tools associated with that content, and you can remove certain profile information within your profile settings. In some cases, you may need to request assistance from Unboxed support to delete information. Please note, however, that we may need to retain certain information for record keeping purposes, to complete transactions or to comply with our legal obligations.

Request that we stop using your information: In some cases, you may ask us to stop accessing, storing, using and otherwise processing your information where you believe we don't have the appropriate rights to do so. For example, if you believe a Services account was created for you without your permission, you can request that we delete your account. Where you gave us consent to use your information for a limited purpose, you can contact us to withdraw that consent, but this will not affect any processing that has already taken place. When you make such requests, we may need time to investigate and facilitate your request. Depending on the nature of your request, this may limit your ability to access the Services. If you object to information about you being shared with a third-party app, please disable the app or contact your administrator to do so.

Data portability: Data portability is the ability to obtain some of your information in a format you can move from one service provider to another (for instance, when you transfer your mobile phone number to another carrier). Depending on the context, this may apply to some of your information, but not to all of your information. Should you request it, we will provide you with an electronic file of your basic information.

How we transfer information we collect internationally

We collect information globally and store that information in the United States. Whenever we transfer, process and store your information outside of your country of domicile, to wherever we or our third-party service providers operate for the purpose of providing you the Services, we follow security protocols including encryption to prevent any problems.

Other important privacy information

Notice to End Users

Where the Services are made available to you through the company through which you are accessing the Services, such company serves as the administrator of the Services and is responsible for the accounts and/or Service sites over which it has control. In this way, it is considered the Data Controller, while we are the Data Processor. Your use of the Services is subject to your organization's policies. We are not responsible for the privacy or security practices of the Data Controller, which may be different than this policy.

Data controllers may be able to:

  • Require users to reset their account passwords
  • Restrict, suspend or terminate users’ access to the Services
  • Access information in and about users’ accounts
  • Access or retain information stored as part of users’ accounts
  • Install or uninstall third-party apps or other integrations
  • Change the email address associated with users’ accounts
  • Change users’ information, including profile information
  • Restrict users’ ability to edit, restrict, modify or delete information

Use of AI Tools

You understand that your use of AI tools in furtherance of the imperatives of your organization is at your discretion and is not required by us and comes with risks that you agree to assume in using. This includes assessing the AI tools for their suitability, risks, and compatibility with your business. We recommend exercising due diligence and caution before implementing any AI tool or resource.

We do not use user data to train or improve third-party AI models. Data processed within AI-enabled experiences is used solely to deliver the requested functionality and is not retained or repurposed for external model training.

Our suggestions are based on basic research and intended as informational. We do not guarantee their accuracy, reliability, or suitability for your needs. We disclaim responsibility for any consequences, damages, or losses resulting from their use.

We do not endorse or assume liability for the performance or impact of these tools on your operations. These recommendations are not guarantees of effectiveness and should be evaluated further to ensure they meet your specific requirements.

We shall not be held responsible or liable for any issues, damages, losses, or negative consequences arising from the use or implementation of the suggested AI tools or resources. The performance, functionality, accuracy, or impact of these tools on your business or operations are the sole responsibility of you and your organization.

Do Not Track Disclosures

DNT is a feature offered by some browsers which, when enabled, sends a signal to websites to request that your browsing is not tracked, such as by third party ad networks, social networks and analytic companies. We do not currently take actions to respond to DNT signals because a uniform technological standard has not yet been developed. We continue to review new technologies and may adopt a DNT standard once one is created. For information about DNT, please visit: www.allaboutdnt.org.

Our policy towards children

The Services are not directed to individuals under 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will take steps to delete such information. If you become aware that a child has provided us with personal information, please contact us at support@unboxedtechnology.com.

Changes to our Privacy Policy

We may change this privacy policy from time to time. We will post any privacy policy changes through the Services application. We will also keep prior versions of this Privacy Policy in an archive and can provide upon request. We encourage you to review our privacy policy whenever you use the Services to stay informed about our information practices and the ways you can help protect your privacy.

If you disagree with any changes to this privacy policy, you will need to stop using the Services and deactivate your account(s), as outlined above.

Contact Us

Unboxed Training & Technology
2201 West Broad Street Suite 202
Richmond, VA 23220
E-Mail: support@unboxedtechnology.com

California Consumer Privacy Statement

We adopt this notice to comply with California privacy laws, rules and regulations, as applicable, which currently exist, as well as those which may be enacted in the future, and as they may be amended or supplemented.

You have certain rights regarding your “personal information,” or “personal data” as those terms are defined in relevant privacy laws. Such information is collectively referred to in this Privacy Policy as “personal information”.

1) You may request that we disclose the following:

  • The categories of personal information we have collected about you.
  • The categories of sources from which the personal information is collected.
  • The business or commercial purpose for collecting or selling personal information.
  • The categories of third parties with whom we share personal information.
  • The specific pieces of personal information we have collected about you.

We do not knowingly collect, use, share or disclose personal information from children under the age of 13.

2). We are obligated to make additional disclosures if we choose to sell or share your data for business purposes. While we do not sell your personal information for monetary consideration, we may disclose your personal information to third parties in the ordinary course of business. If you request, we will disclose the following to you:

  • The categories of personal information that the business collected about you.
  • The categories of personal information that the business sold about you and the categories of third parties to whom the personal information was sold, by category or categories of personal information for each third party to whom the personal information was sold.
  • The categories of personal information that we have disclosed about you for a business purpose.

You may request the above information at least twice per 12 month period. We will ask for some verification to comply with this request in order to protect your privacy.

3) You may also make a request to delete the information we have collected about you.

We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

  • Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  • Debug products to identify and repair errors that impair existing intended functionality.
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent.
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  • Comply with a legal obligation.
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Right to Correction

You have the right to request that we correct any personal information that is inaccurate, subject to verification limitations.

Right to Opt-Out

You have the right to direct us to not share your personal information at any time (the "right to opt-out"). To exercise the right to opt-out, your administrator (may submit a request to us by visiting the following Internet Web page link:

Do Not Sell or Share My Personal Information

You may also make a request to opt-out, or to exercise the access, data portability, correction and deletion rights by one of the following additional methods:

Calling us at (888) 723-9770, or

Contacting us at support@unboxedtechnology.com

Once you make an opt-out request, we will wait at least twelve (12) months before asking you to reauthorize personal information. However, you may change your mind and opt back in to personal information sales at any time by e-mailing us at support@unboxedtechnology.com.

We will only use personal information provided in an opt-out request to review and comply with the request.

Verification Requirements

Before responding to a request by you, we will ask your administrator to verify your identity using personal information you have previously provided to us about you, in order to protect your privacy. The manner in which we do so will vary on how you make a request and what is being requested. For example, if you submit an inquiry via email, we will respond with an email requesting verification. Otherwise, we may ask your administrator verbally if your administrator makes this request over the phone (or in person). We may not be able to oblige all requests, as we are prohibited from disclosing some information.

Only a person that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. Your administrator may also make a verifiable consumer request on behalf of a minor child as applicable.

Your administrator may only make a verifiable consumer request for access or data portability twice within a 12-month period. These requests are free, though we reserve the right to implement a reasonable fee for excessive or complex requests you may submit. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify the identity of the person about whom we collected personal information or an authorized representative, including whether they are one of you.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

In the event that you are using an authorized agent other than an administrator whose authority has already been verified, to request a disclosure or the deletion of your information, please send us a signed letter, including your name, email, your agent's name, and your agent's email, authorizing your agent. We may then ask you to verify your identity with us by email before responding to a request by your agent. We may also ask for written verification from you that the requestor is your authorized agent. Alternatively, you may directly confirm with us that the agent is authorized to submit the request.

We cannot respond to your request if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.

Response Timing and Format

We endeavor to respond to a verifiable consumer request for access, correction or deletion within forty-five (45) days of its receipt, and a verifiable opt-out request within fifteen (15) days from receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

Non-Discrimination

We will not discriminate against you for exercising any of your privacy rights. To the extent permitted by law, however, your exercise of such rights may limit your ability to access and use the Services.