Privacy Policy

Last Updated: May 2026 

UniLife Experiences Ltd is committed to protecting your personal data and privacy. This Privacy Policy explains what personal data we collect, how and why we use it, your rights, and the steps we take to keep your data safe. 

 

1. Who We Are 

UniLife Experiences Ltd is the Data Controller, responsible for your personal data under this policy. We are referred to as “UniLife”, “we”, “our” or “us”. 

You” refers to you as our customer or Union partner. 

The “Lead Booker” refers to the main contact person coordinating a group trip or event on behalf of a group. 

 

2. When We Collect Your Data 

We may collect personal data from you in the following ways: 

  • When you make an enquiry, booking, or purchase through our website, email, social media, phone, or in person 
  • When you subscribe to our newsletters or email alerts 
  • When you complete online forms or partial bookings 
  • When you attend or participate in our trips, events or promotions 
  • When you speak with our customer service or events team 
  • When you submit complaints, complete surveys, or participate in competitions 
  • When you provide information about medical issues, accidents, insurance claims, or feedback 

We may also collect data from your interaction with digital advertisements, cookies on our website (see our Cookies Policy), and through analytics tools that track user activity across our digital platforms. 

 

3. What Data We Collect 

The information we collect depends on your interactions with us and may include: 

  • Full name, title, gender, age, date of birth 
  • Contact information: address, email, phone number, social media handle 
  • University and course details, society or sports club affiliation 
  • Dietary needs, accessibility requirements, and room preferences 
  • Next of kin and emergency contact information 
  • Payment information (e.g., sort code, account number, card details) 
  • Passport and travel documentation 
  • Comments, enquiries, complaints or other communications 
  • Health or insurance-related data if necessary for trip safety or claims 

Some of this information may be considered special category data under the UK GDPR. In most cases, we will only collect this information with your explicit consent, where necessary to protect your vital interests during a trip, or where the data is required for us to facilitate your booking and our service to you. 

For any emergency contact information submitted, you must make the person whose information you are submitting aware of your travel plans and that you are sharing their contact information with us. 

 

4. How We Use Your Data 

We use your data for the following purposes: 

a. To Fulfil Your Booking or Contract 

  • To manage enquiries, bookings, and event participation 
  • To send updates about your trip or booking 
  • To coordinate with your Lead Booker or Union representative 
  • To manage accommodation, transport, security, and group logistics 
  • To respond to emergencies and ensure your safety 
  • To process payments, refunds, and damage deposits 

If your trip is organised jointly between multiple groups or Unions, we may share limited non-sensitive data (e.g., name, university, meeting point) with relevant group leaders and Union staff for operational and safety purposes. 

b. Marketing & Promotions 

  • To send updates about UniLife trips, events, or offers (with your consent) 
  • To invite you to surveys, competitions, and promotions 
  • To personalise your experience and recommend products 
  • To use anonymised data for business development and analytics. We may share anonymised and aggregated data (such as booking trends or purchasing patterns) with our partners for the purpose of partnership reporting and service development. This data cannot be used to identify you as an individual. 
  • To display images or videos of your trip for promotional purposes 

If you do not wish to be included in promotional photos or videos, you can opt out before the event by contacting us in writing (via email, post, or DM). 

c. Legal & Operational Obligations 

  • To meet legal requirements such as border security or visa documentation 
  • To cooperate with insurers, legal advisors, or law enforcement if required 
  • To fulfil our duty of care to universities or Student Unions 
  • To report accidents, manage health issues or complaints 

 

5. Lawful Bases for Processing Your Data 

We process your personal data using one or more of the following lawful bases:  

  • Consent: where you have given your permission to do so: for your marketing preferences, rooming preferences and any other data that is not obligatory that you have provided to us. 
  • Contract: where processing is necessary to provide your trip or booking: for you name and contact information, passport information and payment information. 
  • Vital interests: where processing is necessary to protect life or health: for your emergency contact information and your medical information that you disclosed to us. 
  • Legitimate interests: where it is in yours, ours or a third party’s (such as one of our suppliers or partners) legitimate interest to do so: for providing you with customer service, improving our services, promoting relevant offerings, or using videos and images taken by us that contain your image. (Your rights in all these areas will not be overridden) 
  • Legal obligation: where we must comply with legal requirements: For validating you are over 18 and allowed to attend our trips or partake in certain activities. 

 

6. Sharing Your Data 

To deliver our services, we may share relevant data with: 

  • Hotels, transport companies, and accommodation providers 
  • Event staff, reps, or third-party tour operators 
  • Unions and SU staff for welfare or safeguarding purposes 
  • Payment processors and IT service providers 
  • Legal advisors or authorities (when required by law) 

All third parties are contractually bound to handle your data securely and only for the purposes we specify. Only the minimum necessary information will be shared. 

Where data is shared with Unions and SU staff, you have the right to object. You can do this by emailing us at contact@unilifeuk.com. All objections must be provided in writing as soon as you can after making a booking with us. In this instance, we may still need to share basic, non-sensitive information such as your name, to verify your membership of the University or Society/Club and for trip security.  

 

7. International Transfers of Data 

Some of our service providers or partners may be located outside the UK or EEA. Where personal data is transferred internationally, we ensure adequate safeguards are in place, such as UK-approved Standard Contractual Clauses (SCCs), adequacy decisions, or data processing agreements. 

 

8. Marketing Preferences 

You can opt in or out of marketing communications at any time: 

  • Click “Unsubscribe” in any marketing email 
  • If you opt out, you will still receive service-related communications related to your bookings 

We may use third-party providers to send marketing messages, but they will not use your data for their own purposes. 

 

9. Your Rights 

Under data protection law, you have the right to: 

  • Access your personal data 
  • Request correction or deletion of inaccurate data 
  • Object to or restrict certain processing 
  • Withdraw consent at any time (where consent was the lawful basis) 
  • Request a copy of your data in a portable format 
  • Lodge a complaint with the Information Commissioner’s Office (ICO) 

To exercise these rights, contact us by email or in writing using the contact details below. We aim to respond to these requests within 30 days of receiving notice.  

 

10. How We Protect Your Data 

We implement appropriate technical and organisational measures to: 

  • Prevent unauthorised access, loss, or alteration of your data 
  • Limit access to staff and partners on a “need to know” basis 
  • Secure physical and digital systems with up-to-date safeguards 

You are responsible for maintaining the security of your own account credentials and devices used to access our services. 

 

11. Data Retention 

We retain your data for a period of 6 years after receiving it, in line with our legal obligations and the standard limitation period for contractual claims. During this time, we may still utilise it to: 

  • Fulfil any current or future bookings or enquiries 
  • Comply with legal, regulatory, and accounting requirements 
  • Conduct internal analysis (anonymised where possible) 

After the retention period, your personal data will either be securely deleted or anonymised for future research and reporting. 

 

12. Cookies & External Links 

We use cookies on our website to improve functionality and personalise your experience. See our Cookies Policy for more information. 

Our site may contain links to third-party websites. We are not responsible for their privacy practices – please review their privacy policies separately. 

 

13. Changes to This Policy 

We may update this Privacy Policy from time to time. If changes are made, we’ll notify you via email if you have an active booking with us. 

 

14. Contacting Us 

If you have questions about this Privacy Policy or want to exercise your rights, please contact us at: 

Email: Contact@unilifeuk.com
Post: UniLife Experiences Ltd, Ingenuity Lab, Triumph Road, Nottingham, NG7 2TU
Phone: +44 115 850 0441 

If you’re not satisfied with our response, you can contact the Information Commissioner’s Office (ICO) at www.ico.org.uk.