Question 1
Has the company considered Solutions to improve work with data ethics? For example setting up a data ethics working group, awareness-raising activities, a culture of openness.
Not applicable	No considerations	Some considerations	Actions planned	Measures implemented	Continuous process established
☐	☐	☐	☐	☐	☒
Comments
Data ethics is included as a fixed point twice a year. It is discussed whether there are relevant topics to be addressed and relevant documentation updated and published on Unitas' website as prescribed.

Question 2
Has the company considered ongoing involvement of relevant stakeholders? For example to avoid unintentional bias.
Not applicable	No considerations	Some considerations	Actions planned	Measures implemented	Continuous process established
☐	☐	☐	☐	☐	☒
Comments
In connection with the company's general maturation process, has UNITAS employed a COO with responsibility for the subject being dealt with in relation to whether there are any elements that should be dealt with in connection with data ethics and especially the processing of employees' personal data.

Question 3
Has the company considered the consequences associated with influencing the user's behavior? For example, counteracting addiction, overuse, bullying.
Not applicable	No considerations	Some considerations	Actions planned	Measures implemented	Continuous process established
☐	☐	☒	☐	☐	☐
Comments
It is part of the company's culture to talk about this on an ongoing basis. For the company's current size and organization, no current campaigns or the like have been launched.

Question 4
If the company influences the user's behaviour, has the company considered how it can be made more transparent and give the user more control?
Not applicable	No considerations	Some considerations	Actions planned	Measures implemented	Continuous process established
☒	☐	☐	☐	☐	☐
Comments
Unitas only processes personal data as part of a contract with the delivery of service and consulting services. There is thus nothing to give the user control over.

Question 5
Has the company considered how the user's rights are prioritized, rather than commercial or institutional interests?
Not applicable	No considerations	Some considerations	Actions planned	Measures implemented	Continuous process established
☐	☐	☐	☐	☐	☒
Comments
There are supporting continuous processes implemented that ensure that data is deleted or anonymized according to applicable deletion rules where this is technically possible. Insight or anything else triggered by a data subject has first priority unless a law requires that Unitas processes the information in question.

Question 6
Has the company thought about how the user gets the most value out of the data that is collected?
Not applicable	No considerations	Some considerations	Actions planned	Measures implemented	Continuous process established
☒	☐	☐	☐	☐	☐
Comments
Data is collected solely for the purpose of fulfilling a contract and primarily in connection with invoicing and bookkeeping.

Question 7
Has the company considered how to avoid unintended consequences? For example, monitoring, abuse, spreading of misinformation or the like.
Not applicable	No considerations	Some considerations	Actions planned	Measures implemented	Continuous process established
☐	☐	☐	☐	☒	☐
Comments
A data classification has been drawn up and, where possible, this has been incorporated at a level that ensures that employees know whether data may be shared, and technical restriction has also been implemented to a certain extent. In connection with monitoring, there is separation of functions that ensures that only administrators have access to various log data.

Question 8
Has the company considered how the company can protect special target groups? For example, children and young people or social groups with special challenges.
Not applicable	No considerations	Some considerations	Actions planned	Measures implemented	Continuous process established
☒	☐	☐	☐	☐	☐
Comments
The company does not process this type of information.

Question 9
Has the company considered whether data collection and solutions/products can limit citizens' rights?
Not applicable	No considerations	Some considerations	Actions planned	Measures implemented	Continuous process established
☒	☐	☐	☐	☐	☐
Comments
The company does not collect general citizens' personal data.

Question 10
Has the company considered whether they can avoid reinforcing social and ethical issues? For example inequality, display of population groups and segments or that a Solution can only be used by certain users.
Not applicable	No considerations	Some considerations	Actions planned	Measures implemented	Continuous process established
☒	☐	☐	☐	☐	☐
Comments
The company does not process personal data of the nature mentioned, or make Solutions available directly to users.

Question 11
Does the company communicate its privacy-by-design strategies to its users?
Not applicable	No considerations	Some considerations	Actions planned	Measures implemented	Continuous process established
☒	☐	☐	☐	☐	☐
Comments
The company does not work with Solutions or prepare its own Solutions where the purpose is the processing of personal data. The company does not use cookies on the website, and only collects personal data relevant for contractual purposes, e.g. offers, invoices and other bookkeeping.

Latest update 29 August 2024 regarding establishing a continuous process for counteracting bias (question no. 2)
Previous update: May 15, 2023
Previous update: February 3, 2023
Answered by: Morten Schaumann, CEO