Privacy Policy

Last Updated: June 2, 2026

Overview

Next Chapter Software Inc. (“Next Chapter”, “we”, “us” or “our”) protects personal information of identifiable individuals of whom we interact, including in connection with our software-as-a-service offerings (the “Services”).

This Privacy Policy describes how Next Chapter collects, uses and discloses personal information. For the purposes of this Privacy Policy, “personal information” means information about an identifiable individual. This information may include, but is not limited to, your name, date of birth, mailing address, e-mail address, and telephone number. It may also include information that, when used in combination with other information, allows you to be identified, such as age, occupation, and location.

Generally under Canadian privacy laws, personal information does not include any business contact information that is solely used to communicate with you in relation to your employment, business or profession, such as your name, position name or title, work address, work telephone number, work fax number or work electronic address.

Personal information also does not include information that has been anonymized according to generally accepted best practices and in such a way that it is, at all times, reasonably foreseeable in the circumstances that it irreversibly no longer allows an individual to be identified, whether on its own or in combination with other information.

Next Chapter acts as a processor on the customer's behalf for the majority of personal information described in this Privacy Policy — content ingested from third-party systems that customers connect to the Services (such as source-code repositories, issue trackers, messaging platforms, and knowledge bases). For account-level information (such as user name, email, avatar, and IP address) used for authentication and logging, Next Chapter acts as a controller.

Updates

This Privacy Policy is current as of the “updated” date which appears at the top of this page. It may be modified or updated from time to time. When changes are made to this Privacy Policy, they will become immediately effective when published in a revised Privacy Policy posted on our website unless otherwise noted. We may also communicate the changes through our services or by other means.

Except where not permitted by applicable law, by submitting your personal information to us, by accessing or using any of the products or services we offer, by using our Services, or by voluntarily interacting with us after we publish or communicate a notice about the changes to this Privacy Policy, you consent to our collecting, using and disclosing your personal information as set out in the revised Privacy Policy.

Consent

We collect, use and disclose your personal information with your consent, or as permitted or required by law.

For users in the EEA and the United Kingdom, our processing of personal information in these jurisdictions relies on the lawful bases identified in the Legal Bases subsection below.

If you choose to provide us with your personal information after reviewing this Privacy Policy, we will assume that you consent to the collection, use and disclosure of your personal information. However, we will require your consent when necessary as required by applicable privacy laws. Subject to applicable laws, your consent may be expressed or implied, depending on the circumstances and the sensitivity of the personal information in question. How we obtain your consent (i.e. the form we use) will depend on the circumstances, as well as the sensitivity of the information collected.

Without limiting the foregoing, we may on occasion ask you to consent when we collect, use, or disclose your personal information in specific circumstances. Sometimes your consent will be implied through your conduct with us if the purpose of the collection, use or disclosure is obvious and you voluntarily provide the information.

You may withdraw your consent to our collection, use or disclosure of your personal information at any time by contacting us using the contact information in the “Contact Us” section below. However, note that:

  • withdrawal of your consent may prevent us from providing our Services and website access to you, in whole or in part, or prevent those from functioning as intended;
  • before we implement the withdrawal of consent, we may require proof of your identity; and
  • even if you withdraw your consent, we may keep using, disclosing or retaining some of your personal information to the extent permitted or required by applicable law.

With your consent, we may occasionally communicate with you regarding our products, services, news and events. You have the option to not receive this information. We provide an opt-out function within all email or push communications of this nature, or will cease to communicate with you for this purpose if you contact us and tell us not to communicate this information to you. The only kind of these communications that you may not “opt-out” of are those required to communicate announcements related to the Services, including information specific to your account with us (if any), planned Services suspensions and outages. We will attempt to minimize this type of communication to you.

Information Collected by Next Chapter

Next Chapter collects personal information that you submit through the Services or that is generated from your use of the Services, such as contextual information concerning your use and interaction with elements of your integrated development environment. Personally identifiable information includes:

  • Emails
  • User identifiers
  • User generated app content
  • Third-Party services information
  • Account preferences and settings
  • Usage information, including:
    • Device information
    • Services metadata
    • Log data (which includes IP addresses)

When you access our Services through third party accounts (e.g. GitHub account), we may process your account information to the extent necessary to provide you with and verify access to our Services.

Legal Bases (EEA and UK users). Where the GDPR or UK GDPR applies, we rely on the following lawful bases for processing personal data:

  • Legitimate interests, provided they are not overridden by your rights and freedoms (e.g., providing and operating the Service, service improvement, security, fraud prevention);
  • Consent, which you may withdraw at any time;
  • Performance of a contract; and
  • Compliance with a legal obligation.

Where we process personal data on behalf of a customer (for example, content ingested from systems the customer connects), we act as a processor and the customer's lawful bases apply. Our processor obligations to customers are set out in a Data Processing Agreement (DPA), available on request. A list of the third-party subprocessors we engage to deliver the Services is also available on request.

Purposes for Collection and Use

We may use your personal or account information for various purposes, including as follows:

  • to provide the Services to you (Legal Basis: Performance of a Contract);
  • to improve the quality of our Services (e.g. debugging) (Legal Basis: Legitimate Interests);
  • to create, manage and control your account information, and to verify access rights to the Services (Legal Basis: Performance of a Contract);
  • to communicate with you about the Services, including providing you with information about the Services and informing you of changes or additions to the Services (Legal Basis: Performance of Contract);
  • to send you marketing communications about the availability of any other services or features we provide (Legal Basis: Consent);
  • to assess service levels, monitor traffic patterns and gauge usage of features and service options of the Services (Legal Basis: Legitimate Interests);
  • to enforce this Privacy Policy or our Terms of Service located at https://getunblocked.com/privacy/ and https://getunblocked.com/terms/ respectively (Legal Basis: Legitimate Interests; or Compliance with a legal obligation where a specific law requires it);
  • to protect against fraud or error, and to respond to claims of any violation of our rights or those of any third parties (Legal Basis: Legitimate Interests);
  • to respond to your requests for customer service (Legal Basis: Performance of a Contract);
  • to protect the rights, property or personal safety of you, us, our users and the public (Legal Basis: Legitimate Interests);
  • as required to comply with applicable laws or as authorized by applicable laws (Legal Basis: Compliance with a legal obligation);
  • to manage and develop our professional relationships with you and prospective customers, including maintaining contact and account records, issuing invitations to business events, sending occasional gifts, and conducting business-development outreach (Legal Basis: Legitimate Interests);
  • to process payments for the Services (Legal Basis: Performance of a Contract) and to keep billing and accounting records (Legal Basis: Legitimate Interests); and
  • such other purposes that may be communicated to you.

Data Retention and Deletion

Customers that wish to voluntarily delete their data can do so by contacting Next Chapter at support@getunblocked.com. Customer data is retained for as long as the account is in active status. Data enters an “expired” state when the account is voluntarily closed. Expired account data will be retained for 30 days. After this period, the account and all related data will be removed.

If a customer account is involuntarily suspended, then there is a 30 day grace period during which the account will be inaccessible but can be reopened if the customer meets their payment obligations and resolves any terms of service violations.

If a customer wishes to manually backup their data in a suspended account, then they must ensure that their account is brought back to good standing so that the user interface will be available for their use. After 60 days, the suspended account will be closed and the data will enter the “expired” state. It will be permanently removed 30 days thereafter (except when required by law to retain).

Disclosure of Personal Information

Personal information we collected may be shared as follows or as otherwise described in this Privacy Policy:

  • with relevant parties in connection with your transaction(s) and use of our Services (e.g. contextual information derived from your interaction and use of the integrated development environment with other users within your organization);
  • in response to a request for information if we believe disclosure is in accordance with any applicable law, regulation or legal process, or as otherwise required by any applicable law, rule or regulation; and
  • with CRM and sales engagement platforms, advertising and lead generation platforms, payment processors, analytics and data enrichment providers, and contractors who need access to such information to carry out work on our behalf in connection with our Services.

If we provide your information to third party service providers, we take reasonable measures to ensure that this Privacy Policy and its principles are complied with and these third parties provide sufficient guarantees to implement appropriate security measures. We also require that they only use your personal information for the limited purposes for which it is provided. When our service providers no longer need your personal information for those limited purposes, we require that they dispose of the personal information. We do not authorize the service providers to disclose your personal information to unauthorized parties or to use your personal information for their direct marketing purposes.

Additionally, we may use and disclose your information when we believe such use or disclosure is permitted, necessary or appropriate:

  • under applicable law, including laws outside your country of residence;
  • to comply with legal process, including outside of your country of residence;
  • to respond to requests from public and government authorities, or to cooperate with law enforcement, including public and government authorities outside your country of residence;
  • to enforce the terms of the agreements for our Services;
  • to protect our operations or those of any of our affiliates or subsidiaries;
  • to protect our rights, privacy, safety or property, and/or those of our affiliates, you or others;
  • to allow us to pursue available remedies or limit the damages that we may sustain; and
  • in connection with a sale or business transaction, we may transfer your personal information to a third party to the extent necessary to conclude any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, brands, affiliates, subsidiaries or other assets.

If we otherwise intend to disclose your personal information to a third party, in a manner not identified in this Privacy Policy, we will identify that third party and the purpose for the disclosure, and obtain your consent.

In addition, from time to time we may disclose or allow access to your personal information outside Canada where it may be subject to the lawful access requirements of the jurisdiction in which it is stored or able to be accessed. If you have any questions about our use of service providers outside of Canada, you may contact us using the contact information set out below.

Transfers of Personal Information

Your personal information may also be stored and processed in any country where we have facilities or in which we engage third party service providers, including the United States of America. As a result, to the extent permitted under applicable law, your personal information may be transferred to countries outside your country of residence, which may have different data protection rules than in your home country. For transfers of personal data from the European Economic Area (EEA), the United Kingdom (UK), or Switzerland to a country not formally recognized as providing adequate data protection by the European Commission, the UK Government, or the Swiss Federal Data Protection and Information Commissioner, we rely on appropriate safeguards under applicable law: Standard Contractual Clauses (SCCs) for EEA and Swiss personal data, or the UK Addendum to the EU SCCs for UK personal data. A copy of the relevant safeguards is available on request. While such information is outside of your country, it is subject to the laws of the country in which it is located, and may be subject to disclosure to the governments, courts or law enforcement or regulatory agencies of such other country, pursuant to the laws of such country.

Children’s information

We do not knowingly collect personal information of children under the age of 18. If we learn we have collected or received personal information from a child under 18, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us using the information in the “Contact Us” section below.

Rights to Your Information

We make reasonable efforts to ensure that your personal information is kept as accurate, complete and up-to-date as reasonably necessary. We will not routinely update your personal information, unless such a process is necessary. We expect you, from time to time, to supply us with updates to your personal information, when required.

You may make a written request to review any personal information about you that we have collected, used or disclosed, and we will provide you with any such personal information to the extent required and/or permitted by law. You may also challenge the accuracy or completeness of your personal information in our records and request corrections. If you successfully demonstrate that your personal information in our records is inaccurate or incomplete, we will amend the personal information as required. To exercise these rights, please contact us by using the contact information in the “Contact Us” section below. You also have the right to lodge a complaint with your local regulatory authority, such as the Privacy Commissioner of Canada, the Information Commissioner's Office (UK), or the data protection supervisory authority in your EEA member state of residence.

Depending on your jurisdiction (including the EEA and the United Kingdom), you may also have the right to request erasure of your personal information, restrict or object to certain processing, obtain a portable copy of personal information you provided to us, and withdraw consent where we rely on it. These rights are not absolute and may be subject to legal exceptions.

Where Next Chapter acts as a processor on a customer's behalf (for example, for content ingested from systems the customer connects), requests to access, correct, or delete personal information should be directed to the customer in the first instance, and we will support the customer in responding. Where Next Chapter acts as a controller, the right to erasure is conditional and we may decline a request where the data remains necessary for the purposes for which it was collected (including contractual commitments to our customers and the security and integrity of the Service), or for the establishment, exercise, or defence of legal claims.

We may require that you provide sufficient identification to fulfill your request to access or correct your personal information. Any such identifying information will be used only for this purpose.

Links

The Services may contain links to other sites and services and we are not responsible for the privacy practices or the content of such sites and services. We encourage you to read the privacy policy of linked sites and services. Their privacy policies and practices differ from our policies and practices.

Retention of Personal Information

We will use, disclose or retain your personal information only for as long as necessary to fulfill the purposes for which that personal information was collected and as permitted or required by law. These times vary depending on the purpose for which the information was collected and the need for the information. We will destroy records containing personal information or in some cases, anonymize all personal information in the records, when we no longer need the information for the purpose for which it was collected, or for other business or legal purposes, or its retention is no longer required by law.

Security Measures

We have implemented reasonable physical, organizational, contractual and technological security measures with a view to protecting your personal information and other information from loss or theft, unauthorized access, disclosure, copying, use or modification. Our security posture is regularly attested through external audits and through compliance with SOC 2 standard. We have taken steps to ensure that the only personnel who are granted access to your personal information are those with a business ‘need-to-know’ or whose duties reasonably require such information.

While we take precautions against possible breaches in our websites and customer databases, no website or Internet transmission is completely secure, so unfortunately we cannot guarantee that unauthorized access, hacking, data loss, or other breaches will never occur. Your use of our website and the Services are at your own risk. We assume no liability for disclosure of your personal information due to transmission errors, unauthorized access, or causes beyond our control, including security failures on the part of our partners and third party service providers and processors.

If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any information that you provided to us has been compromised), please contact us immediately using the contact information in the “Contact Us” section below.

Cookies and Tracking Technologies

This section explains how we use cookies and similar tracking technologies on getunblocked.com (the “Website”) and in connection with the Services. It forms part of, and should be read together with, the rest of this Privacy Policy.

What are cookies?

A cookie is a small text file that a website places on your browser when you visit, and that the browser sends back on later requests. Cookies allow a site to recognize your device, retain limited information across page loads, and identify you on return visits. Similar technologies, including pixels, tags, web beacons, and local storage, operate in a comparable way; we refer to all of them collectively as “cookies” in this section.

Cookies set directly by us are first-party cookies. Cookies set by our service providers and other third parties when you visit the Website are third-party cookies. Cookies that expire when you close your browser are session cookies; cookies that persist for a defined period are persistent cookies.

Categories of cookies we use

We use three categories of cookies: strictly necessary cookies, functional cookies, and marketing cookies.

Strictly necessary cookies (essential). These cookies are required for the Services and the secured areas of the Website to function. We use them to authenticate you, maintain your signed-in session, route your requests through our infrastructure, and protect against fraud and abuse. The Services cannot operate without these cookies, and they are not used for advertising or behavioral analytics. Where the GDPR or UK GDPR applies, our legal basis is performance of a contract (delivering the Services you have requested). Consent is not required for these cookies.

Functional cookies (non-essential). Functional cookies may be used to personalize your experience, for example by remembering display preferences, language or region selections, or other choices you have made about how the Website or the Services are presented to you. These cookies are not strictly required for the Website or the Services to operate, and you can use the Website and the Services without them. Where the GDPR or UK GDPR applies, our legal basis for setting functional cookies is your consent, which you may withdraw at any time without affecting the lawfulness of processing carried out before withdrawal.

Marketing cookies (non-essential). Marketing cookies are set on the public, unauthenticated areas of the Website by us or by our advertising and lead-generation partners. We use them to measure the performance of our marketing campaigns, attribute conversions, and recognize visitors across sites for retargeting and audience-building. Marketing cookies are not set within the signed-in Services. Where the GDPR or UK GDPR applies, our legal basis for setting marketing cookies is your consent, which you may withdraw at any time without affecting the lawfulness of processing carried out before withdrawal. Consent is given or withdrawn at the marketing-category level rather than for each individual cookie.

Third-party cookies

The marketing cookies set on the Website may be placed by third-party advertising networks, retargeting providers, and lead-generation platforms, each acting as an independent controller for its own activities. A current list of our third-party marketing partners is available on request from support@getunblocked.com. Each provider has its own privacy and cookie policy governing how it collects and uses information from cookies it sets, and we do not control its practices.

Your choices and how to manage cookies

For users in the EEA, the United Kingdom, Switzerland, and other jurisdictions that require prior consent, non-essential cookies are set only after you have provided affirmative consent through our cookie banner (shown on our website). The banner gives equal prominence to accepting and refusing non-essential cookies, and you can withdraw your consent at any time; withdrawing your consent is as easy as giving it. For users in other jurisdictions, no banner is shown. Once signed in, users in all jurisdictions can manage their cookie preferences from their account settings, including withdrawing consent previously given. When you opt out, we stop setting the relevant cookies and instruct our partners to do the same. Refusing or withdrawing consent for marketing cookies does not affect your ability to use the Website or the Services.

Our Services are not directed to children. As described in the Children's Privacy section of this Privacy Policy, we do not knowingly collect personal information from individuals under 18, and we do not seek consent to non-essential cookies from anyone we know or have reason to believe is a child.

You can also control cookies through your browser. Most browsers let you block or delete cookies from their settings menu, and let you choose to be notified when a cookie is being set. Blocking strictly necessary cookies may prevent you from signing in or using parts of the Services.

Retention

Strictly necessary cookies are retained only for as long as needed to keep you signed in or to complete the request you have made; session cookies are deleted when you close your browser. Marketing cookies have individual lifetimes set by the relevant provider. Where we rely on your consent for non-essential cookies, we will ask you to renew it at appropriate intervals, and we record your cookie choice (whether consent or refusal) so you are not re-prompted unnecessarily. The retention period is the same for consents and refusals, and is set with regard to the context of your visit, the scope of your earlier consent, and reasonable user expectations.

Changes to this section

We may update this section from time to time to reflect changes to the cookies we use or to applicable law. The “Last Updated” date at the top of this Privacy Policy indicates when this section was most recently revised.

Google API Limited Use Disclosure

Next Chapter's use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.

Next Chapter may send relevant contents of your documents to 3rd party large language models (LLMs) to generate responses to your questions. Your data is sent securely, and it is not retained by 3rd parties or used to train any 3rd party LLMs. By connecting Google Drive, you agree to allow Next Chapter to share your data.

Contact Us

If you have any queries about the disclosure of your personal information or if you otherwise have any questions or suggestions regarding our Privacy Policy or wish to make a complaint, you may contact Next Chapter Software by email at:

support@getunblocked.com

or by mail at:

600-1085 Homer St
Vancouver, BC, Canada
V6B 2X5

For users in the EEA and the United Kingdom, you may contact Next Chapter Software via our GDPR Representatives for Europe and the UK.

General Data Protection Regulation (GDPR) - European Representative

Pursuant to Article 27 of the General Data Protection Regulation (GDPR), Next Chapter Software Inc. (dba Unblocked) has appointed European Data Protection Office (EDPO) as its GDPR Representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR:

UK General Data Protection Regulation (GDPR) - UK Representative

Pursuant to Article 27 of the UK GDPR, Next Chapter Software Inc. (dba Unblocked) has appointed EDPO UK Ltd as its UK GDPR Representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR: