Privacy Policy

Welcome to Unigage. This Privacy Policy explains how Unigage Ltd. ("Unigage", "we", "us", or "our") collects, uses, discloses, and safeguards your personal information when you use our website at unigage.co.uk, our mobile application, and any related services (collectively, the "Service").

By accessing or using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

We are committed to protecting your privacy and handling your data in an open and transparent manner. We comply with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

We collect information in several ways to provide and improve our Service:

2.1 Information You Provide Directly

• Account Information: When you create an account, we collect your name, email address, phone number, date of birth, and university or institution affiliation.
• Profile Information: You may choose to provide additional details such as a profile picture, bio, interests, and social media handles.
• Event Information: When you create or participate in events, we collect event details, attendance records, and any associated content you submit.
• Communications: When you contact us, we collect the content of your messages, your email address, and any other information you choose to provide.
• Payment Information: If you make purchases through the Service, payment details are collected and processed by our third-party payment providers. We do not store full payment card details on our servers.

2.2 Information Collected Automatically

• Device Information: We collect information about the device you use to access the Service, including device type, operating system, unique device identifiers, and browser type.
• Usage Data: We collect information about how you interact with the Service, including pages visited, features used, time and date of visits, and referring URLs.
• Location Data: With your consent, we may collect approximate location data based on your IP address or, where permitted, more precise location data from your mobile device.
• Log Data: Our servers automatically record information including your IP address, access times, and system activity.

2.3 Information from Third Parties

• Social Login Providers: If you sign in using a third-party service (e.g., Google, Apple), we receive certain profile information from that provider as permitted by your privacy settings.
• University Partners: We may receive information from educational institutions with which we partner, such as student verification data.

We use the information we collect for the following purposes:

• Provide and Maintain the Service: To operate, deliver, and improve the features and functionality of the Service, including account management and event coordination.
• Personalisation: To personalise your experience, including recommending events, societies, and content that may interest you based on your profile and activity.
• Communications: To send you service-related notices, updates, security alerts, and support messages. With your consent, we may also send promotional communications.
• Analytics and Research: To understand usage trends, measure the effectiveness of our Service, and conduct research and development to improve user experience.
• Safety and Security: To detect, investigate, and prevent fraudulent transactions, abuse, and other harmful activities, and to protect the rights and safety of our users.
• Legal Compliance: To comply with applicable legal obligations, resolve disputes, and enforce our agreements.
• Payment Processing: To process transactions and send related information, including purchase confirmations and invoices.

We do not sell your personal information. We may share your information in the following circumstances:

• Service Providers: We share information with trusted third-party service providers who perform services on our behalf, such as hosting, analytics, payment processing, and customer support. These providers are contractually obligated to protect your information.
• Event Organisers: When you register for or attend an event, relevant information (such as your name and attendance status) may be shared with the event organiser.
• University Partners: We may share aggregated or anonymised data with partner universities for analytical and reporting purposes. Personally identifiable data is only shared with your consent.
• Legal Requirements: We may disclose your information if required to do so by law, regulation, legal process, or governmental request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
• Business Transfers: In the event of a merger, acquisition, reorganisation, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.
• With Your Consent: We may share your information with third parties when you have given us explicit consent to do so.

We take the security of your personal information seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, alteration, disclosure, or destruction.

Our security measures include:

• Encryption of data in transit using TLS/SSL and at rest where appropriate.
• Regular security assessments and vulnerability testing.
• Access controls and authentication mechanisms to limit access to personal data to authorised personnel only.
• Secure storage of passwords using industry-standard hashing algorithms.
• Regular backups and disaster recovery procedures.

While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the internet or method of electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to maintaining the highest practical standard of data protection.

We retain your personal information only for as long as is necessary to fulfil the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements.

Specific retention periods include:

• Account Data: Retained for as long as your account is active. If you delete your account, we will delete or anonymise your personal data within 30 days, unless we are required to retain it for legal purposes.
• Event Data: Retained for up to 24 months after the event date for analytical and record-keeping purposes.
• Transaction Records: Retained for up to 7 years as required by financial regulations.
• Usage and Log Data: Retained for up to 12 months for analytics and security purposes.
• Communications: Retained for as long as necessary to resolve any ongoing issues, and for up to 24 months thereafter.

When personal information is no longer needed, we will securely delete or anonymise it in accordance with our data retention policies.

Under applicable data protection laws, you have certain rights regarding your personal information. Depending on your location, these may include:

• Right of Access: You have the right to request a copy of the personal information we hold about you.
• Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal information.
• Right to Erasure: You have the right to request that we delete your personal information, subject to certain legal exceptions.
• Right to Restrict Processing: You have the right to request that we limit the processing of your personal information in certain circumstances.
• Right to Data Portability: You have the right to receive your personal information in a structured, commonly used, and machine-readable format, and to transmit it to another controller.
• Right to Object: You have the right to object to the processing of your personal information for direct marketing purposes or where processing is based on legitimate interests.
• Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at privacy@unigage.co.uk. We will respond to your request within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data protection rights have been violated.

We use cookies and similar tracking technologies to collect and track information about your activity on our Service. Cookies are small data files placed on your device that help us improve the Service and your experience.

The types of cookies we use include:

• Essential Cookies: Necessary for the Service to function properly, including authentication, security, and session management. These cannot be disabled.
• Analytics Cookies: Help us understand how users interact with the Service, which pages are most popular, and how users navigate the platform. We use this data to improve our Service.
• Functional Cookies: Enable enhanced functionality and personalisation, such as remembering your preferences and settings.
• Marketing Cookies: Used to deliver relevant advertisements and measure the effectiveness of our marketing campaigns. These are only set with your explicit consent.

You can manage your cookie preferences by adjusting your browser settings. Please note that disabling certain cookies may affect the functionality of the Service.

Our Service may contain links to or integrate with third-party websites, applications, and services that are not operated by us. We are not responsible for the privacy practices of these third parties.

Third-party services we integrate with may include:

• Authentication Providers: Google, Apple, and other social login services for account authentication.
• Payment Processors: Third-party payment gateways to securely process transactions.
• Analytics Services: Tools to help us understand usage patterns and improve the Service.
• Cloud Infrastructure: Hosting and infrastructure services to deliver the Service reliably and securely.
• Communication Services: Email and notification delivery platforms.

We encourage you to review the privacy policies of any third-party services you access through our Service. Each third-party service has its own privacy policy governing its collection and use of your information.

Unigage is based in the United Kingdom. Your information may be transferred to, stored, and processed in countries other than the United Kingdom where our service providers operate.

When we transfer personal data outside the United Kingdom, we ensure that appropriate safeguards are in place to protect your information, including:

• Transferring data to countries that have been deemed to provide an adequate level of data protection by the UK authorities.
• Using Standard Contractual Clauses (SCCs) approved by the relevant authorities.
• Relying on binding corporate rules or other legally recognised transfer mechanisms.

By using our Service, you acknowledge that your information may be transferred internationally. If you have questions about our international data transfer practices, please contact us at privacy@unigage.co.uk.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last updated" date at the top of this page.
• Notify you by email or through a prominent notice on our Service prior to the changes taking effect.
• Where required by law, obtain your consent before applying material changes to how we process your personal information.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of such changes.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We aim to respond to all legitimate requests within 30 days. Occasionally, it may take us longer if your request is particularly complex or you have made a number of requests, in which case we will notify you and keep you updated.