Last updated: 16 May 2026

Privacy Policy

This Privacy Policy explains how UniMarket ("we", "us", "our") collects, uses, and protects your personal information when you use the UniMarket mobile app and website at unimarket.uk.

1. Who We Are

UniMarket is a student marketplace platform for University of Kent students. We are not affiliated with or operated by the University of Kent. For questions about this policy, contact us at hello@unimarket.uk.

2. Information We Collect

Information you provide

• Account information: Your University of Kent email address, display name, and profile photo (optional).
• Listings: Photos, descriptions, prices, category, location (campus area), and other details you enter when posting items, services, or events.
• Messages: Content of messages you send to other users within the app.
• Reports: Information you provide when reporting a listing or user.

Information collected automatically

• Device information: Device type, operating system version, unique device identifiers, and crash reports.
• Usage data: Features you interact with, listings you view or save, and session timestamps.
• Location: General campus location if you choose to tag a listing with a location. We do not track your precise GPS location in the background.
• Push notification tokens: To deliver app notifications (listing expiry, messages, etc.).

Advertising data (AdMob)

UniMarket uses Google AdMob to display ads. AdMob may collect your Advertising Identifier (IDFA on iOS) to serve personalised ads. On iOS, we request your permission through Apple's App Tracking Transparency (ATT) prompt before any cross-app tracking occurs. If you decline, you will still see ads but they will not be personalised. For more information see Google's Privacy Policy.

3. How We Use Your Information

• To create and manage your account.
• To display your listings to other users on the platform.
• To enable messaging between buyers and sellers.
• To send push notifications about your listings (expiry warnings, new messages).
• To moderate content and enforce our Terms of Service.
• To improve the app through aggregated, anonymised analytics.
• To display advertisements through Google AdMob.

4. How We Share Your Information

We do not sell your personal data. We share information only in the following circumstances:

• Other users: Your display name, profile photo, and listing content are visible to other UniMarket users.
• Firebase (Google): We use Firebase Authentication, Firestore, Firebase Storage, and Firebase Cloud Messaging. Data is processed by Google in accordance with their data processing terms.
• Google AdMob: Advertising identifiers and usage signals as described in section 2 above.
• Legal requirements: If required by law or to protect the safety of our users.

5. Data Retention

• Your account and associated data are retained while your account is active.
• Listings are automatically removed 30 days after posting (items) or after their event date (events).
• Messages are retained until you or the other party deletes them.
• If you delete your account, your personal data is deleted within 30 days, except where we are required to retain it by law.

6. Your Rights

Under UK GDPR you have the right to:

• Access the personal data we hold about you.
• Rectify inaccurate data.
• Erase your data ("right to be forgotten") — you can delete your account from the app settings.
• Restrict processing of your data in certain circumstances.
• Object to processing based on legitimate interests.
• Portability — receive a copy of your data in a machine-readable format.

To exercise any of these rights, email us at hello@unimarket.uk.

7. Cookies and Tracking

The UniMarket website (unimarket.uk) does not use cookies for tracking or advertising. The mobile app does not use browser cookies. AdMob uses the iOS Advertising Identifier (IDFA) as described above.

8. Children's Privacy

UniMarket is intended for university students aged 18 and over. We do not knowingly collect data from anyone under 18. If you believe a person under 18 has registered, please contact us at hello@unimarket.uk and we will delete the account.

9. Security

We use Firebase's built-in security features including encrypted data in transit (TLS) and at rest. Access to Firestore is controlled by security rules that ensure users can only access their own data. Despite these measures, no internet transmission is completely secure and we cannot guarantee absolute security.

10. Third-Party Links

Listings may contain links to third-party websites or services. We are not responsible for the privacy practices of those sites.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via a push notification or in-app banner. The "Last updated" date at the top of this page will always reflect the most recent version.

12. Contact

If you have any questions about this Privacy Policy or how we handle your data, please contact us at hello@unimarket.uk.