Last updated on May 12th 2023
Protecting your privacy is important to us. Accordingly, we’re providing this Privacy Notice to explain our online information practices including the collection of information, and how we intend to use and disclose information that we receive when you use our Services. Please note that when providing our Services Unitu acts as a data processor. This means that Unitu processes Personal Data on behalf of the data controller which is your educational institution. To ensure full transparency of our processing activities, we have included information about the processing of your Personal Data in this Privacy Notice, even though we act as a data processor.
Our Services include your (“you”, “user”) use of our websites including unitu.io and any of our subdomains (“Site” or “Sites” or “Website”); mobile applications (“App(s)”), application program interface(s) (“API(s)”) . This Privacy Notice applies to Personal Information that is collected, used or Processed by Unitu in the course of our business and applies only to those websites, services and Apps included within “Services” and doesn’t apply to any third-party websites, services or applications, even if they are accessible through our Services. Everyone whose responsibilities include the Processing of Personal Information on behalf of Unitu are expected to protect that information and data by adhering to this Privacy Notice. Please read this Privacy Notice carefully to understand how we process your Personal Information.
Unitu Website
Unitu Ltd. is committed to safeguarding your privacy. Personal Information subject to this privacy notice will be collected and retained by Unitu, with its office at 2 Viscount House, 8 Lakeside Drive, London, United Kingdom, NW10 7GS and company number 7993739. You can contact us by email at support@unitu.io.
Unitu Platform
Your respective educational institution is the controller of your Personal Information and it provides Unitu with specific personal information for the sole purpose of creating your Unitu account and for using the service as it was intended.
Lawful Basis
Consequently, Your educational institution is responsible for ensuring lawful basis when processing Your Personal Data.
The following capitalised terms shall have the meanings herein as set forth below.
“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
“Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
“Personal Information or Personal Data” is any information relating to an identified or identifiable natural person (“Individual”).
“Process” or “Processing” means any operation which is performed upon Personal Information, whether or not by automatic means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
“Sensitive Data” or “Sensitive Personal Information” is a subset of Personal Information which, due to its nature, has been classified by law or by notice as deserving additional privacy and security protections. Sensitive Personal Information includes Personal Information regarding UK and EU residents that is classified as a “Special Category of Personal Data” under UK and EU law, which consists of the following data elements: (1) race or ethnic origin; (2) political opinions; (3) religious or philosophical beliefs; (4) trade union membership; (5) genetic data; (6) biometric data where Processed to uniquely identify a person; (6) health information; (7) sexual orientation or information about the Individual’s sex life; or (8) information relating to the commission of a criminal offence.
“Services” means the services that are provided to you made available by through Unitu platform.
“Third Party ” is any company, natural or legal person, public authority, agency, or body other than the Individual or Unitu.
3.1 Personal Data of users of Services offered by Unitu (Any person whose data has been shared with Unitu by the university for the purpose of obtaining services through the Unitu platform.)
Our primary goals in collecting information are to provide and improve our Services, to administer your use of the Services (including your account, if you are an account holder), and to enable you to enjoy and easily navigate our Services. The types of Personal Information we may collect (directly from you or from Third-Party sources) and our privacy practices depend on the nature of the relationship you have with Unitu and the requirements of applicable law.
We endeavour to collect only that information which is relevant for the purposes of Processing. Some of the ways that Unitu may collect Personal Information include:
A. Information provided to Unitu by your educational institution:
Your educational institution has provided Unitu with specific personal information for the sole purpose of creating your Unitu account and for using the service as it was intended. The below information is what Unitu requests from your educational institution:
B. You may provide Personal Information directly to Unitu by interacting with the Services, participating in surveys, and requesting services.
C. As you navigate the Services, certain passive information may also be collected about your visit, including through cookies and similar technologies.
D. Information You Provide Directly to Us. When you use the Services or engage in certain activities such as activating your account with Unitu, we may ask you to provide some or all of the following types of information:
E. Sharing with other Service users. When you use the Services, we share certain information about you with other Service users.
F. Information You Submit Through Services. You agree that Unitu is free to use information regarding your use of the Services, for the sole purpose of improving the product and services that are delivered to the end user. Unitu does not, however, claim any ownership rights in any user content that you make available through the Services and nothing in this privacy notice will be deemed to restrict any rights that you may have to use and exploit your user content.
G. Our Policy Toward Children. Our Services are not directed to children under 13, or other age as required by local law. We do not knowingly collect Personal Information from children under 13, or other age as required by local law. If we learn that we have collected any Personal Information from children under 13 (or other age as required by local law), we will promptly take steps to delete such information and terminate the child’s account.
3.2 Of Unitu website visitors who visit the website and voluntarily submit Personal Information (for e.g. you may be asked to submit your name and email address if you request for a live demo.). The following information may be requested from you:
In addition, each time you visit our website we may collect your IP address.
We use your Personal Data to facilitate your use of the Unitu platform. It’s important to note that we do not define the purposes and methods of processing your Personal Data. Instead, your educational institution is responsible for defining these aspects and instructing us to handle your Personal Data in compliance with applicable data processing agreements and data protection laws.
As a result, your educational institution acts as the data controller and ensures the legality of processing your personal data. Nevertheless, we process your data in accordance with all relevant laws and take the same necessary precautions as your educational institution to protect your data.
5. Cookies and similar technologies
Please consult our cookie policy available on our website/platform to inform yourself of the cookies we may use on this website/platform.
6. Who do we share your personal data?
We will not share any Personal Information that we have collected from you except as described below:
In addition, from time to time, server logs may be reviewed for security purposes – e.g., to detect unauthorised activity on the Services. In such cases, server log data containing IP addresses may be shared with law enforcement bodies or Third Party service providers in order that they may identify users in connection with their investigation of the unauthorised activities or otherwise assist us with security related activities.
Our Services may contain links to other websites and applications, e.g. Facebook, Instagram, Twitter or any other similar sites. Any information that you provide on or to a third- party website or service is provided directly to the owner of the website or service and is subject to that party’s privacy notice. Our Privacy Notice does not apply to such websites or services and we are not responsible for the content, privacy or security practices and policies of those websites or services. To protect your information we recommend that you carefully review the privacy policies of other websites and services that you access.
We take reasonable security measures to ensure that your information is treated securely and in accordance with this Privacy Notice. The internet cannot be guaranteed to be 100% secure, and we cannot ensure or warrant the security of any information you provide to us. We do not accept liability for unintentional disclosure. By using the Site or providing Personal Information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Site. If we learn of a security system’s breach, we may attempt to notify you electronically by posting a notice on the Site or sending an email to you. You may have a legal right to receive this notice in writing.
We will take appropriate technical and organisational precautions to protect your personal data:
a. Encryption. We encrypt all the data we store with different keys. When you provide personal data online, we use the industry standard for encryption on the Internet – Transport Layer Security (TLS) technology – to help protect the data that you provide. This internet encryption standard scrambles data as they are transferred from your device to our server. We also use digital certificates to ensure that you are connected to authentic channels.
b. Data Storage. All personal data is stored on a server. We use secured servers located in the European Economic Area to store the data.
c. Restricted Access. Internal access to the personal data is limited on a strict ‘need-to-know’ basis. Only authorized personnel, whose activity will be monitored to prevent any misuse, will be able to access the personal data.
9. Our commitment to your privacy
To make sure your personal data is secure, we communicate our privacy and security guidelines to our employees and strictly enforce privacy safeguards within the company.
10. International transfers of personal data
We will only store or transfer your personal data within the United Kingdom and the European Economic Area (the “EEA”). The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein. This means that your personal data will be fully protected under the applicable data protection laws including UK GDPR, and/or to equivalent standards by law.
11. Data Retention
We retain the Personal Information of our website visitors for as long as it is necessary to fulfil the purpose(s) for which it was collected. In respect of the personal data provided by educational institutions, we retain the Personal Information for as long as the educational institution instructs us to retain it.
12. UK GDPR Data Protection Rights
We would like to make sure you are fully aware of all of your data protection rights. Where we act as a data processor, we will always forward your request to your relevant educational institution, provide the necessary assistance to them with responding to your request and act in accordance with their instructions. When we act as a data controller in respect of Personal Information of our website visitors, we will be in charge of every data subject request you submit to us. Every user of this website and our services (based in the EEA & the UK) is entitled to the following rights, under certain conditions:
Your exercise of these rights is subject to certain exemptions like the safeguarding of public interest (e.g.prevention or detection of crime) and our interests (e.g. maintenance of legal privilege).
If you would like to exercise any of these rights, please contact us at support@unitu.io. Please include your full name, email address associated with your account, and a detailed description of your data request. Such requests will be processed in line with local laws. We will check your entitlement and respond to you within a month. If you are not satisfied with how we have addressed your concerns, you can also contact the competent Data Protection Authority (DPA).
13. How can you change or review your information and preferences?
We reserve the right to change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our platform/application in a way that affects personal data processing.
Every change will be published on our website/platform or through our other usual communication channels.
If you think any part of this Privacy Notice violates any law or you have any feedback or comment, then kindly submit a request for action/removal to our Grievance Officer. We will redress your grievances within a month.
Email: support@unitu.io
Unitu. 2024. All rights reserved.