UniDit waitlist full privacy notice

Last updated: 14 March 2026

1. Scope

This privacy notice applies to the UniDit waitlist website at unidit.app and the current closed University of Exeter beta waitlist only.

It does not yet cover the full UniDit dating app product. Before the app launches, UniDit intends to publish an updated notice covering app accounts, profile data, matching, messaging, moderation, safety features, age assurance, and any special category data processing that may arise.

2. Controller and contact

For the current waitlist, the controller is UniDit, operated at this stage by Samuel Moffatt.

Privacy contact: sam@mail.unidit.app

A Data Protection Officer has not been appointed for the current waitlist stage.

3. Personal data collected

When you submit the waitlist form, UniDit may collect and store:

• First name;
• University of Exeter email address;
• Study level;
• Course or subject;
• Expected graduation year;
• Any optional message you submit in the free-text box;
• Your confirmation that you are 18 or over;
• Your consent record for waitlist contact;
• Technical and security information linked to the submission, including source, IP address, and user agent.

The waitlist is not intended to collect special category personal data. Please do not submit information about sexual orientation, sex life, health, religion, political opinions, trade union membership, race or ethnicity, biometric data, or government identification documents through the waitlist form.

4. Purposes of processing

UniDit processes waitlist data for the following purposes:

• To run and manage the closed Exeter beta waitlist;
• To contact you about beta access, invitations, onboarding, and essential waitlist updates;
• To understand likely onboarding demand and organise the beta rollout;
• To maintain the security of the website and reduce spam, abuse, fraud, or misuse;
• To keep records of consent, opt-outs, and related compliance activity.

5. Lawful bases

Waitlist administration and waitlist contact: UniDit relies on your consent.

Security, abuse prevention, and limited service administration: UniDit relies on legitimate interests, namely operating, protecting, and defending the waitlist service appropriately.

6. Whether providing the information is required

Some fields are required to join the waitlist. If you do not provide the required information, UniDit may be unable to add you to the waitlist or contact you about beta access.

7. Direct marketing and withdrawal of consent

Messages about beta access and UniDit waitlist updates may amount to direct marketing under UK rules because they promote a service.

UniDit only intends to send those messages where you have opted in. You may withdraw consent at any time by emailing sam@mail.unidit.app.

If you withdraw consent or ask not to be contacted, UniDit may keep a minimal suppression record, such as your email address and opt-out status, to reduce the risk of contacting you again by mistake.

8. Recipients and processors

Access to waitlist submissions is limited. At this stage, access is mainly restricted to UniDit / Sam Moffatt for waitlist administration.

UniDit does not sell personal data and does not share waitlist data for third-party advertising.

UniDit uses service providers to operate the waitlist, including:

• Cloudflare, for hosting, CDN, DNS-related infrastructure, and serverless form handling;
• Cloudflare D1, for storing waitlist submissions in the configured D1 database;
• The UniDit email provider, for handling privacy, deletion, and rights requests sent to the contact address.

9. International transfers

The waitlist database is configured with EU jurisdiction in Cloudflare D1. However, some provider operations or support functions may still involve processing outside the UK or EEA.

Where a restricted transfer takes place under UK data protection law, UniDit intends to rely on an applicable UK adequacy regulation or another valid transfer mechanism, such as the UK International Data Transfer Agreement (IDTA) or the UK Addendum, as appropriate.

More information about relevant safeguards can be requested by emailing sam@mail.unidit.app.

10. Retention

UniDit reviews waitlist data periodically and aims to delete or anonymise entries when they are no longer needed for the beta process.

In normal circumstances, UniDit aims not to keep active waitlist submissions for longer than 12 months after the relevant beta cycle or the last meaningful interaction, whichever is later, unless a longer period is reasonably required for security, legal compliance, dispute handling, or maintaining a suppression list.

11. Your rights

Depending on the circumstances, you may have the right to request:

• access to your personal data;
• rectification of inaccurate data;
• erasure of your data;
• restriction of processing;
• objection to processing carried out on legitimate interests grounds;
• data portability, where applicable;
• withdrawal of consent at any time, without affecting processing already carried out before withdrawal.

To exercise any of these rights, email sam@mail.unidit.app.

12. Complaints

If you have a concern about how UniDit handles personal data, please contact UniDit first at sam@mail.unidit.app.

You also have the right to complain to the UK Information Commissioner’s Office (ICO).

13. Automated decision-making

The current waitlist does not use solely automated decision-making or profiling that produces legal or similarly significant effects.

14. Changes to this notice

UniDit may update this notice from time to time as the beta and product develop. The latest version will be published on this website.