Legal
Privacy
Policy.
Last updated: 2025 ยท Unifi App Limited
01
Introduction
Unifi ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy outlines in detail how we collect, use, store, and share your personal information when you interact with our website, mobile app, and related services. We are fully compliant with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and any applicable local data protection laws.
02
Information We Collect
We may collect and process a range of personal data depending on how you interact with our services:
- Personal Identification Information: Your name, email address, university name, course of study, year group, gender, and profile photo โ essential for creating your Unifi Card and enabling personalised features.
- Verification Information: A valid university-issued email address to verify your student status and prevent fraudulent accounts.
- Usage Data: Login activity, feature usage, time spent in each section, transactions using your Unifi Card, and loyalty point accrual.
- Marketing Preferences: Your consent preferences for receiving marketing emails, in-app communications, and promotional materials.
- Location Data (optional): If you permit it, we may collect location data to display nearby participating venues and promotions. Never collected without express consent.
- Cookie Data: Cookies and similar technologies used when you visit our website to analyse usage patterns and improve user experience.
03
How We Use Your Information
- Platform Access and Maintenance: To manage your account and ensure reliable, secure access to Unifi's services.
- Student Verification: To authenticate your student status and assign you a verified Unifi Card.
- Discount and Loyalty Features: To allow you to redeem venue offers and earn loyalty points.
- Communication: To send service updates, transactional confirmations, and relevant promotional communications based on your preferences.
- Platform Improvements: To monitor usage patterns, gather feedback, and refine the app.
- Venue Marketing (with consent): To allow participating venues to contact opted-in users with marketing, offers, and event announcements.
- Technical and Fraud Prevention: To protect against suspicious or fraudulent behaviour and maintain app stability.
- User Notification: To inform you of system changes, new features, and updates to terms or services.
04
Legal Basis for Processing
- Consent: When you voluntarily opt in to share your data with venues for marketing or promotional purposes.
- Contractual Necessity: When it is essential to fulfil the agreement between you and Unifi.
- Legitimate Interests: Where we use data to improve our services and prevent misuse without infringing your rights.
- Legal Obligations: When we must comply with regulatory or legal responsibilities.
05
Sharing Your Information
We do not sell your personal data to third parties under any circumstance.
- With Venue Partners (if opted-in): Your data is only shared with verified venue partners if you have explicitly consented through a double opt-in process within the app.
- With Trusted Service Providers: We may share data with providers for hosting, analytics, or support (e.g., AWS, Google Firebase, Mailchimp, Stripe). All are contractually required to handle data securely and lawfully.
- Venue Access to Social Features: Venue partners may view public group chat interactions but must comply with all behavioural guidelines.
06
Data Security & Retention
- Secure Storage: Your data is stored on encrypted servers within the UK or EEA, protected by firewall and security systems.
- Restricted Access: Only authorised personnel with relevant responsibilities can access your data.
- Data Retention: We only keep your data for as long as necessary to fulfil the service or meet legal obligations. Once no longer needed, data is securely deleted.
07
International Transfers
When personal data is transferred outside the UK or EEA, we ensure transfers are protected by appropriate legal safeguards such as Standard Contractual Clauses (SCCs) approved by the ICO, and Adequacy Decisions by UK authorities for certain countries.
08
Your Rights
As a user, you have the following rights under UK GDPR:
- Access: Request to see a copy of the personal data we hold about you.
- Correction: Request to update or correct any incomplete or inaccurate information.
- Erasure: Ask us to delete your personal data under certain conditions.
- Restrict Processing: Temporarily halt data use while we resolve a concern.
- Object: Prevent us from using your data for direct marketing or certain automated processes.
- Withdraw Consent: Change or withdraw your consent preferences at any time within the app settings.
- Lodge a Complaint: You may lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data rights are being infringed.
09
Automated Decision-Making
Unifi does not use automated decision-making or profiling processes that have a legal or significant impact on users. All loyalty rewards and communications are generated through user actions and preferences.
10
Use of Cookies
Cookies help personalise your browsing experience. They identify returning users, save login sessions, analyse web traffic and performance, and deliver relevant ads (if consented). You can control cookies through browser settings, but disabling cookies may affect functionality.
11
Social Features & Community Content
Unifi includes features that promote open communication such as group chats and hub forums. These chats are public to verified users, including venue partners. Be mindful of sharing personal or sensitive information. We reserve the right to moderate or remove any content that violates our community guidelines.
12
Contact Us
To exercise your rights or ask questions, please contact our Data Protection Officer:
Email: info@unifi.app
Address: Unifi, S7 Audley House, Northbridge Road, Berkhamsted, HP4 1EH