HomeCommunityEventsJobsAccommodationNetwork
Theme
Sign inGet started
Draft — placeholder content pending review by a qualified solicitor. This is not legal advice.

Privacy Policy

Last updated: 6 July 2026

This policy explains how uniTAD (“we”, “us”) collects and uses your personal data when you use our website and services. We are the data controller. We comply with the UK GDPR and the Data Protection Act 2018.

Who can use uniTAD

The paid features of uniTAD are intended for users aged 18 or over. By creating an account you confirm you are at least 18.

What we collect

  • Account data — email, name, your home country and current UK city, and a password (stored only as a secure hash) or a Google sign-in identifier.
  • Content you add — profile details, listings and photos you upload, enquiries, job applications and cover notes, and budget entries you record in the money tools.
  • Usage data — pages viewed, listings and events you interact with, and basic device/log information.
  • Payment data — handled by Stripe. We never see or store your card details; we hold only Stripe identifiers and your subscription status.

Lawful basis

  • Contract — to provide the account, listings, events and subscription you sign up for.
  • Legitimate interests — to keep the service secure, prevent abuse, and improve it.
  • Consent — for non-essential cookies/analytics (see our Cookie Policy).
  • Legal obligation — to meet accounting, tax and fraud-prevention duties.

Who we share data with (processors)

  • Stripe — payment processing.
  • Supabase — our managed database and infrastructure provider (data hosted under a data-processing agreement).
  • Google — only if you choose “Sign in with Google” (we receive your verified email, name and avatar).
  • Adzuna & Reed — aggregated job listings; you are linked out to the source site to apply. We do not send your personal data to either.
  • Email delivery — a transactional email provider sends account and notification emails (e.g. password resets, enquiry alerts) on our behalf.
  • Listing recipients — when you enquire about a listing or apply to a job, we share your message and email address with that lister/employer so they can respond.
  • Public-data lookups — area scores query postcodes.io, data.police.uk, findthatpostcode (IMD), OpenStreetMap and ONS rent statistics using only the postcode, never your identity. Currency tools query public exchange-rate APIs with amounts only.

Your rights

Under UK GDPR you can request to:

  • access a copy of your data, or have it corrected;
  • have your data erased (we offer in-app account deletion);
  • export your data in a machine-readable format;
  • restrict or object to certain processing, and withdraw consent at any time.

To exercise any of these, contact us (below). You can also complain to the ICO (ico.org.uk).

Retention

We keep your account data while your account is active. On deletion we soft-delete and then purge personal data after a short window, except where we must retain limited billing and audit records to meet legal obligations.

Security

Data is encrypted in transit (TLS) and at rest via our managed database. Passwords are hashed. Access to systems is restricted and logged.

Contact

Privacy questions: privacy@tadorg.com.