Back to Login

UniRoom

For students, by students.

Privacy Policy

Last Updated: 11/12/2025

1. Who We Are

UniRoom ("we", "our", "us") is a student-focused community and group-matching platform designed to help users connect with others at similar education stages. We are committed to protecting your personal data and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This Privacy Policy explains what data we collect, why we collect it, and how we use, store, and protect it.

2. Information We Collect

2.1 Account Information

  • Username (required)
  • Email address (required)
  • Password (if using email sign-up) — SHA-256 hashed on the client before being sent to Firebase
  • Google Sign-In information (if used to sign up / log in)

2.2 Profile Information (Added by You)

Stored in Firestore under public_profiles and visible to other users based on your settings:

  • Optional: First name, last name, email visibility toggle
  • Avatar and banner images
  • Bio
  • Location (optional)
  • Education level & year group
  • Subjects and course interests
  • LinkedIn URL
  • Visibility preferences for profile fields

2.3 Platform Activity

We process data related to how you use UniRoom, including:

  • Rooms you create, join, or are invited to
  • Posts, comments, likes, and any content you create
  • Friendships, connections, and messages
  • Community interactions and feedback you submit
  • Rate-limit and anti-spam metadata
  • Q&A content, badges/likes, files you upload, and aggregate usage statistics

Some room and community data is publicly readable where designed that way (e.g., community posts).

2.4 Device & Technical Information

Collected automatically by Firebase for security and fraud prevention:

  • IP address
  • Device identifiers
  • Browser and OS information
  • Security logs (e.g., detection of unusual activity)

2.5 Support Communications

Any messages or reports you send to our support email or in-app channels.

3. How We Use Your Information

3.1 To Provide and Operate UniRoom

  • Creating and managing accounts
  • Authenticating users
  • Showing your public profile to other users
  • Enabling rooms, communities, posts, comments, likes, and friendships
  • Delivering messages and notifications
  • Storing and displaying uploaded media (avatars, banners, images)

3.2 Safety, Security & Platform Integrity

  • Spam, abuse, and fraud prevention
  • Rate-limiting and automated misuse detection
  • Account and sign-in protection
  • Moderation and community safety enforcement

Data is encrypted at rest on Firebase servers, but not end-to-end encrypted.

3.3 Communication With You

  • Account emails (verification, password reset, important service updates)
  • Responses to support requests

3.4 Platform Improvement

  • Feature development
  • Analytics, performance monitoring, and debugging
  • Understanding community behaviour to improve student experience

4. Legal Bases (Where Applicable)

  • Contract: To provide the UniRoom service you sign up for.
  • Legitimate Interests: Security, fraud prevention, analytics, platform improvement.
  • Consent: When you choose to display optional info (email, last name, etc.) publicly.

5. Sharing & Disclosure

5.1 With Service Providers

We use:

  • Firebase Authentication
  • Firestore (database)
  • Firebase Storage
  • Optional Firebase Analytics

These providers process your data in accordance with Google/Firebase's privacy and security standards.

5.2 With Other Users

Information visible to others includes:

  • Public profile fields (only those you choose to expose)
  • Posts, comments, likes, Q&A content
  • Rooms you create or join (depending on room settings)

Email is never shown unless you explicitly turn that visibility on.

5.3 Legal Requirements & Safety

We may disclose information:

  • To comply with applicable laws
  • To respond to lawful requests
  • To protect the rights, safety, and security of users or UniRoom

5.4 Business Transfers

If UniRoom is involved in a merger, acquisition, or asset sale, user data may be transferred as part of that process.

6. Data Retention

Your account, profile, and activity data are kept while your account is active.

When you delete your account:

  • Your user record, friendships, and room memberships are removed.
  • Posts/comments may remain for thread continuity but will be de-identified where possible.
  • Backups, logs, or cached data may persist temporarily per Firebase's standard retention patterns.

7. Your Rights & Controls

You can:

  • Edit your profile information and visibility preferences at any time
  • Change or remove optional profile fields
  • Delete your account directly in the app
  • Choose Google Sign-In instead of email/password
  • Request removal of specific posts or images

If you need help accessing, correcting, or deleting data, contact us at uniwaycontactuk@gmail.com.

8. Security

  • Passwords are hashed on the client with SHA-256 before being sent to Firebase Auth
  • Firebase enforces encryption at rest and in transit
  • Firestore/Storage security rules restrict access by authentication and permissions

No online platform is 100% secure. Please keep your login credentials private.

9. International Data Transfers

Firebase may process data in multiple regions worldwide. By using UniRoom, you consent to your data being transferred to and stored in locations where Firebase operates, subject to Google's data protection practices and safeguards.

10. Children's Privacy

UniRoom is designed for students aged 16+ (or the minimum digital consent age in your region). Under-16 users are not permitted to use the service.

11. Changes to This Policy

We may modify this Privacy Policy from time to time. When changes are made:

  • The "Last updated" date will be revised
  • Material updates may be communicated by email or in-app notification

12. Contact

For questions or rights requests: uniwaycontactuk@gmail.com

Privacy|Terms|Guidelines