PRIVACY POLICY
​
1. Introduction
Unifi ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy outlines in detail how we collect, use, store, and share your personal information when you interact with our website, mobile app, and related services. We are fully compliant with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and any applicable local data protection laws.
2. Information We Collect
We may collect and process a range of personal data depending on how you interact with our services:
-
Personal Identification Information: This includes your name, email address, university name, course of study, year group, gender, and profile photo. These details are essential for creating your Unifi Card and enabling personalised features within the app.
-
Verification Information: To ensure our platform remains exclusive to students, we require users to verify their student status using a valid university-issued email address. This helps us prevent fraudulent accounts and maintain a trusted community.
-
Usage Data: We collect data about your interactions within the app, such as login activity, feature usage, time spent in each section, transactions using your Unifi Card, and loyalty point accrual. This allows us to tailor our service to meet your needs and improve functionality.
-
Marketing Preferences: We record your consent preferences for receiving marketing emails, in-app communications, and promotional materials. You can manage these preferences at any time.
-
Location Data (optional): If you permit it, we may collect location data to display nearby participating venues and location-based promotions. This is never collected without your express consent.
-
Cookie Data: Cookies and similar technologies are used when you visit our website to analyse usage patterns and improve user experience. Cookies can remember preferences, help navigate pages efficiently, and deliver relevant marketing. More details can be found in our [Cookie Policy].
3. How We Use Your Information
We use your data for a variety of essential purposes, which include but are not limited to:
-
Platform Access and Maintenance: To manage your account and ensure you can use Unifi’s services reliably and securely.
-
Student Verification: To authenticate your student status using your university email and assign you a verified Unifi Card.
-
Discount and Loyalty Features: To allow you to redeem venue offers and earn loyalty points with your Unifi Card.
-
Communication: To send service updates, transactional confirmations, and relevant promotional communications based on your preferences.
-
Platform Improvements: To monitor usage patterns, gather feedback, and refine the app to better serve user needs.
-
Venue Marketing (with consent): To allow participating venues to contact opted-in users with marketing, offers, and event announcements.
-
Technical and Fraud Prevention: To protect against suspicious or fraudulent behaviour and maintain app stability.
-
User Notification: To inform you of system changes, new features, and updates to terms or services.
4. Legal Basis for Processing
Unifi processes your personal data under the following lawful grounds:
-
Consent: When you voluntarily opt in to share your data with venues for marketing or promotional purposes.
-
Contractual Necessity: When it is essential to fulfil the agreement between you and Unifi, such as delivering your Unifi Card and enabling access to verified features.
-
Legitimate Interests: Where we use data to improve our services, prevent misuse, and ensure a smooth user experience without infringing your rights.
-
Legal Obligations: When we must comply with regulatory or legal responsibilities, such as maintaining records or disclosing information to authorities when required.
5. Sharing Your Information
We treat your data with the utmost care and share it only in specific circumstances:
-
No Sale of Data: We do not sell your personal data to third parties under any circumstance.
-
With Venue Partners (if opted-in): Your data will only be shared with verified venue partners if you have explicitly consented through a double opt-in process within the app. This enables venues to provide you with tailored offers and loyalty rewards.
-
With Trusted Service Providers: We may share data with service providers for hosting, analytics, or support purposes. All providers (e.g., AWS, Google Firebase, Mailchimp, Stripe) are contractually required to handle data securely and lawfully.
-
Venue Access to Social Features: Venue partners may be able to view public group chat interactions. However, they must comply with all behavioural guidelines and are not permitted to use this data inappropriately.
6. Data Security and Retention
We implement comprehensive measures to safeguard your information:
-
Secure Storage: Your data is stored on encrypted servers within the UK or EEA, protected by firewall and security systems.
-
Restricted Access: Only authorised personnel with relevant responsibilities can access your data.
-
Data Retention: We only keep your data for as long as necessary to fulfil the service or meet legal obligations. Once no longer needed, data is securely deleted.
7. International Transfers
When personal data is transferred outside the UK or EEA, we ensure that such transfers are protected by appropriate legal safeguards such as:
-
Standard Contractual Clauses (SCCs) approved by the ICO
-
Adequacy Decisions by UK authorities for certain countries
8. Your Rights
As a user, you have the following rights under UK GDPR:
-
Access: Request to see a copy of the personal data we hold about you.
-
Correction: Request to update or correct any incomplete or inaccurate information.
-
Erasure: Ask us to delete your personal data under certain conditions (e.g., when no longer needed).
-
Restrict Processing: Temporarily halt data use while we resolve a concern.
-
Object: Prevent us from using your data for direct marketing or certain automated processes.
-
Withdraw Consent: You can change or withdraw your consent preferences at any time within the app settings.
-
Lodge a Complaint: You may lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data rights are being infringed.
9. Automated Decision-Making
Unifi does not use automated decision-making or profiling processes that have a legal or significant impact on users. All loyalty rewards and communications are generated through user actions and preferences.
10. Use of Cookies
Cookies help personalise your browsing experience. They:
-
Identify returning users
-
Save login sessions
-
Analyse web traffic and performance
-
Deliver relevant ads (if consented) You can control cookies through browser settings, but please note that disabling cookies may affect functionality.
11. Social Features and Community Content
Unifi includes features that promote open communication such as group chats and hub forums:
-
These chats are public to verified users, including venue partners.
-
Be mindful of sharing any personal or sensitive information.
-
We reserve the right to moderate or remove any content that violates our community guidelines.
12. Contact Us
To exercise your rights or ask questions, please contact our Data Protection Officer (DPO): Email: info@unifi.app
Address: Unifi, S7 Audley House, Northbridge Road, Berkhamsted, HP41EH