At UNI-STUDENTS (hereinafter referred to as UNI), we are committed to protecting and respecting your privacy. This notice lists important information about UNI and how we will treat any personal data you provide.

To learn more about how we use your data and your rights with respect to data, please read our complete privacy policy. For all other information about our services, please refer to our terms and conditions.

What data privacy principles does the company adhere to?

• The company will process all personal data in a legal, fair and transparent manner;

• The company collects personal data only when necessary;

• The company provides services for you;

• Keep your company informed about its products and services;

• Make the company comply with its legal and regulatory obligations;

• The personal data collected by the company will be sufficient, relevant and limited to the necessary information related to the specific purpose of processing your data;

• The company will take all reasonable measures to ensure that personal data is accurate and up to date if necessary;

• The company will keep personal data in a form that does not exceed the time required to collect personal data for processing in accordance with the company record keeping requirements stipulated by the Financial Conduct Authority;

• The company will store and process personal data in a manner that ensures appropriate security;

• The company will only share personal data if it needs to provide agreed services or the company must comply with its legal and regulatory requirements.

What personal data does our company collect and why?

In the process of providing products / services to you, the company may collect information considered as personal information (such as name, contact information, address, passport number, driving license).

As a UNI customer, contact or employee, we will need some personal information to verify your identity and establish an appropriate relationship with you. Some of this information may need to meet legal obligations (for example, to comply with obligations under the money laundering regulations, while other information may need to be related to providing services to you). The information collected will vary depending on the services that the company provides to you or the services you provide to the company, but usually includes:

• Personal information: such as name, date of birth, passport number or national insurance number (Canada: social security number);

• Contact information: including your address, phone number and email address.

Where does the company store my personal data?

The company has established comprehensive policies and procedures to ensure the safety and reliability of your personal data, including:

• data encryption;

• Firewall;

• Intrusion detection;

• 24/7 physical protection of data storage facilities (ie Microsoft ’s UK data center);

• Conduct background checks on people entering physical facilities;

• All service operations have relevant safety protection procedures.

How long does the company keep personal data?

As a regulated entity, the company must keep its books and records for a specified period of time (five years from the date of termination of the business relationship, if it is a non-customer, five years from the date of recording, or, if the Financial Conduct Authority For special requirements, seven years from the date of recording). Therefore, information that falls within any of the above requirements will be retained within the prescribed time frame.

Any information outside the scope of this requirement will be retained in relevant and useful circumstances, and will be destroyed when this is no longer the case or the data subject specifically requests it.

Where and how to ask questions about this policy or contact us?

We welcome your questions, comments and requests regarding this privacy policy.

Complaint

If you believe that UNI's handling of your personal data violates this law, you can complain to the regulatory agency responsible for compliance with personal data protection regulations.

In the UK, complaints can be submitted to the Information Commissioner ’s Office. For more information on how to make a complaint, please visit the website of the Information Commissioner ’s Office at https://ico.org.uk/.