Privacy Notice

United Kingdom University Work (“we“, “our“, or “us“) respect your personal data and use it in a manner consistent with applicable data protection laws. Your privacy is important to us, and this Privacy Notice (“Notice“) explains how we use your personal data and keep it secure.

Who Are We?

Your personal data will be held by United Kingdom University Work, a registered charity in England and Wales (Charity number: 1175012). For more information, see About Us.

Please contact us if you have any questions about this Notice or the personal data we hold about you:

United Kingdom
University Work
483 Green Lanes
London
N13 4BY

events@unistudents.eu

What Is Personal Data?

Personal data covers any information that enables us to identify you as an individual. This could include, but is not limited to, name, address, telephone number, or email address.

How Do We Use Your Personal Data?

Most of the personal data we process is provided to us directly by you. The table below sets out the categories of personal data about you that we process, our purposes of processing that data, and the lawful basis we rely on:
What personal data? Why? Lawful basis under EU GDPR / UK GDPR
Personal details (such as name, gender), contact details (such email address, phone number), education details (university, current university year) and payment details (such as proof of payment from the bank or third-party payment processors). We use this information to process event bookings and make proper and necessary arrangements in relation to events organised by us that you have registered for. Our legitimate interests: to allow us to deliver events and services.
Our legal obligation: to store your information such as a record of the transaction for accounting purposes.
Personal details (such as name) and contact details (such as email address, phone number). We use this information to send you emails about upcoming events and relevant content from previous events you have attended. Consent. You are able to remove your consent at any time by contacting events@unistudents.eu.
We collect this information when you complete a survey, questionnaire, or feedback form, although these can often be filled out anonymously. Our legitimate interests: to allow us to prepare, learn, and improve future events and services.
Personal details (such as name), contact details (such as email address), device data (such as IP address, browser user agent string), and profile picture. If you leave a comment on our website, we collect this information to identify you as the commenter (although this can be provided anonymously), and to help with spam detection. Consent. You are able to remove your consent at any time by contacting events@unistudents.eu. This will involve removing your comments from our website.
Our legitimate interests: for the secure use of our website.
Device data (such as IP address, user ID of logged in users, username of login attempts). This information is conditionally logged to check for malicious activity and to protect the website from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to website content, and password updates. Our legitimate interests: for the secure use of our website.
Images (such as photos and videos). Group photos from past events or trips may be taken and posted as content on the website as a report for other website visitors to read. Consent. You are able to remove your consent at any time by contacting events@unistudents.eu.
Special category information (such as health information, dietary requirements). We use this information to tailor and make necessary arrangements in relation to events and services to ensure you receive proper care. Consent. You are able to remove your consent at any time by contacting events@unistudents.eu.

How Long Do We Keep Your Personal Data?

We will retain your personal data for as long as required for the purposes set out above, or as required to comply with applicable law or to defend or enforce our legal rights.

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal data they provide in their user profile. All users can see, edit, or delete their personal data at any time (except they cannot change their username). Website administrators can also see and edit that information.

Security logs are retained for 60 days.

Who Do We Share Your Personal Data With?

We may share your personal data only in the following circumstances:

  • To third parties who provide a service to us and are our data processors such as analysing data, processing payments, and providing customer service. These data processors have access to personal data needed to perform their functions, but may not use it for other purposes. We require these third parties to comply strictly with our instructions and applicable data protection laws and will make sure that appropriate controls are in place. Some examples of the services we use are:
    • If you leave a comment on a post on our website, an anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service Privacy Policy is available here.  After approval of your comment, your profile picture is visible to the public in the context of your comment.
    • If you leave a comment on a post on our website, visitor comments may be checked through an automated spam detection service.
    • If you subscribe for email updates or register for an event, then your name and email address will be provided to email services such as MailChimp, Brevo, or Gmail, so we can send out email announcements (if requested), confirmation emails, or request specific information directly from you to take care of you at the event.
    • If you register for an event or fill out a feedback form, you will be directed to a form service such as TypeForm or Google Forms.
    • If you pay for an event or make a donation, you will be directed to a payment processor, such as PayPal or Stripe, Some basic information such as your name, email address, and the amount payable, may be transmitted in order to identify your payment.
    • If you register for an event, we use the Google Drive service to manage the registration details and make arrangements for the event. Registration data is kept private and only accessed by event administrators. The Google Drive service Privacy Policy is available here.
    • If you register for an event, we may use messaging services such as WhatsApp and Telegram for communication with some or all participants and event coordinators. This may include direct messaging or adding you to a group for event coordination or for announcements. With each event, we will specifically check for consent before we do this, and you are free to leave the group at any time.
    • This website is scanned for potential malware and vulnerabilities by the SolidWP Site Scanner. We do not send personal data to the scanner; however, the scanner could find personal data posted publicly (such as in comments) during the scan.
    • If you request a password reset, your IP address will be included in the reset email.
  • Where we are under a duty to disclose your personal data to comply with any legal obligation (for example to government bodies and law enforcement agencies), or to enforce or apply our rights (including in relation to our website or other applicable terms and conditions) or to protect ourselves (for example in cases of suspected fraud or defamation).

Your personal data will not be passed to third parties for marketing purposes.

International Transfers of Personal Data

We may transfer your personal data to a recipient based in a country outside of the UK and / or European Economic Area (“EEA”). Where we do so, we will ensure that such transfer is in accordance with our obligations under applicable data protection laws.

Where we can, we will use service providers established in countries that are recognised as having adequate data protection laws (by the competent UK and EU authorities) or who agree to process our data in the UK or EEA. However, where this is not possible, we implement appropriate safeguards with our service providers in accordance with the requirements of data protection laws. These may include, without limitation, using the International Data Transfer Addendum or International Data Transfer Agreement (issued by the UK Information Commissioner) and the EU Standard Contractual Clauses (adopted by the European Commission).

Your Data Protection Rights

  • ‘Right of access’ means you can request a copy of the personal date we hold about you.
  • ‘Right to rectification’ means you can ask us to update or amend the information we hold about you, if it is incorrect.
  • ‘Right to erasure’ means you can ask us to remove your personal data from our records in certain circumstances.
  • ‘Right to restrict processing’ means you can ask us to restrict the processing of your personal data in certain circumstances.
  • ‘Right to object’ means you can object to the processing of your personal data in certain circumstances.
  • ‘Right to data portability’ means you can ask that we transfer your personal data to another organisation, or to you, in certain circumstances.

To exercise any of these rights, please email events@unistudents.eu. We may require some proof of identification. A request to access, amend, or delete your personal data may be refused in certain circumstances, where permitted by law.

How To Complain

If you have a complaint about the way we handle your personal data, please contact us at events@unistudents.eu or you can lodge a complaint with the ICO. Please see  ico.org.uk/make-a-complaint or call 0303 123 1113 for more information.

Cookies

Our website uses the following types of cookies:

  • Essential Cookies: These cookies are necessary for our website to function such as security, network management, and accessibility and cannot be switched off in our systems.
  • Analytical Cookies: These allow us to recognise and count the number of visitors to our website and to see how visitors move around our website. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
  • Functionality Cookies: These are used to recognise you when you return to our website. This enables us to personalise our content for you and remember your preferences.
  • Third Party Cookies: In addition to our own cookies, we may also use various third-parties’ cookies to report usage statistics of the service and deliver advertisements on and through the service. Pages on this website may include embedded content (e.g. videos, images, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website, for example, YouTube.

Specifically, we use and set the following cookies when you visit our website:

Provider Purpose Function
WordPress If you leave a comment on our website, you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. Functionality
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. Essential
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed. Functionality
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day. Functionality
Solid Security A cookie named “itsec_interstitial_browser” is created to track a user’s login process to implement enhanced security features. Essential
Visiting the login page sets a temporary cookie that aids compatibility with some alternate login methods. This cookie contains no personal data and expires after 1 hour. Essential
WP Statistics We collect information about the Internet Protocol (IP) addresses of all our website visitors, using WP Statistics, in order to see how our website is used and monitor website traffic so as continuously improve and develop the design and content of our website. This information is not personally identifiable information – it is anonymised. Analytical
This Notice might change from time to time without notice to you. If we change the way we are using your personal data, we will take appropriate measures to inform you, which will be consistent with the significance of the changes we make.

Last Updated: June 2024

United Kingdom University Work is a registered charity in England and Wales (#1175012).

Contact us

events@unistudents.eu

483 Green Lanes,
London, N13 4BY

Updates