Legal

Privacy Policy

Last updated: March 2026

UNICONNECT PRIVACY POLICY

Last Updated: 03/07/2026

This Privacy Policy explains how Musicbox IV LLC (“UniConnect,” “we,” “us”) collects, uses, discloses, sells (as defined by California law), and retains information when you use the UniConnect mobile app and web app (collectively, the “Service”).

This policy is incorporated by reference into the UniConnect Terms of Service and should be read together with our Community Guidelines, Content Moderation Policy, Intellectual Property / DMCA Policy, and Data Retention & Deletion Policy.

1) Who We Are and Scope

UniConnect is a student event discovery and posting platform intended for the UCSB and SBCC communities. The Service is currently intended for users located in California.

Age requirement: The Service is intended for users 16 years of age or older. We do not knowingly collect personal information from anyone under 16. If we learn a user is under 16, we may suspend/terminate the account and delete or de-identify associated information consistent with our policies.

2) Information We Collect

We collect information in the following categories.

A) Information you provide

Account and profile information

  • Email address
  • Authentication method(s) (e.g., email/password, Google, Instagram-linked login)
  • Name / display name (including “real name” if you choose to use it)
  • Profile photo and bio
  • School affiliation (UCSB/SBCC) and related profile details you choose to provide (e.g., class year, major, interests, clubs/associations, gender if you choose to provide it)

Content you submit

  • Event posts (text, images, links, and event location details you enter)
  • Reports you submit (e.g., reporting content or accounts)
  • Content you submit through support channels (e.g., in-app “Contact Us” form or support website)

B) Information collected automatically

Log and security data (for security, abuse prevention, and reliability)

  • IP address
  • Device and app information (e.g., device type, operating system version, app version, browser type)
  • Timestamps and system activity logs (e.g., authentication events, error logs)

Analytics data

  • In-app activity events (e.g., screens viewed, features used, buttons clicked), generally in aggregated and/or pseudonymous form

C) Location information

  • No device GPS tracking: We do not request or store your device’s GPS location (no foreground or background location tracking).
  • User-entered event locations: Event “location” is the location information you enter when creating an event (e.g., venue name or address).
  • Event/location interaction logs (limited): We may maintain limited logs related to Service usage (e.g., event views, clicks, saves, redemptions) which can include event/location identifiers. These are not device GPS location history.

D) Contacts / Camera / Microphone / Calendar / Biometrics

  • Contacts: If the Service offers sharing, contacts are read locally on your device for sharing only and are not uploaded to our servers.
  • Camera: No camera access; users may select images from the photo library.
  • Microphone / audio: Not accessed.
  • Calendar: Not accessed.
  • Biometrics / Face ID: Not accessed by UniConnect.

E) Information we do not collect (based on the current product)

  • Government ID verification
  • Health or biometric data
  • Payment card/bank information from end users (business payments may be processed separately—see below)
  • Student records (e.g., transcripts)

3) How We Use Information

We use information to:

  • Provide the Service (create accounts, authenticate users, display profiles/events)
  • Operate community safety features (handle reports, enforce guidelines, prevent spam/fraud/ban evasion)
  • Maintain reliability and performance (debugging, crash diagnostics, service monitoring)
  • Understand and improve usage (analytics and product improvement)
  • Communicate with you (transactional emails like password resets/OTPs; responding to support requests)
  • Offer optional AI flyer generation (if you use the feature; see Section 4)
  • Support Sponsored Pins and Business Offers (including measuring engagement and providing aggregated/segmented reporting to businesses as described below)

4) AI Flyer Generation (Pollinations)

If you use AI flyer generation, we send your text prompt and optional short profile hints (only if the feature is configured to include them) to Pollinations’ AI image generation service to generate an image for your event.

Avoid including sensitive personal information in prompts. Generated images may be stored with the event if you post them.

5) Cookies and Similar Technologies (Web App)

The web version of the Service and certain analytics tools may use cookies or similar technologies to help operate the Service, remember preferences, and measure usage (for example, analytics identifiers set by PostHog).

Do Not Track: Some browsers offer a “Do Not Track” (DNT) signal. The Service does not currently respond to DNT signals as a uniform standard, because browser DNT mechanisms vary and are not consistently implemented across platforms.

6) How We Disclose and Share Information

We disclose information in the following ways.

A) Service providers (processors)

We use vendors to operate and support the Service. These vendors may process information on our behalf, subject to contractual obligations consistent with this policy:

  • Supabase (authentication and data storage)
  • PostHog (product analytics)
  • Sentry (crash/error monitoring)
  • Mapbox (address autocomplete and mapping-related services)
  • Pollinations (only for AI flyer generation)

B) With other UniConnect users (in-app visibility)

Your profile and the events you post may be visible to other verified UniConnect users. The Service is not intended to be indexed by the public internet, but content posted in the Service may be copied or shared by other users.

C) With local businesses for Sponsored Pins and Deal Insights

UniConnect may offer local businesses the ability to place a Sponsored Pin on the map and/or provide Business Offers. In connection with these features, we may provide businesses with aggregated and/or segmented insights about users who view, click, save, or redeem that business’s pin or offer.

These insights may include high-level categories only where provided by users, such as:

  • gender
  • student year / class year
  • major
  • clubs/associations

We do not provide businesses your name, email address, phone number, or other direct identifiers through these insights. Businesses receive summary analytics intended to help understand performance, not to identify individual users. We also restrict business use of Insights through contractual terms intended to prohibit re-identification and off-platform targeting.

Businesses may share Insights with their service providers solely for internal analytics under contractual restrictions.

We may use safeguards (for example, minimum reporting thresholds) to reduce re-identification risk.

D) Legal, safety, and security

We may disclose information if we believe it is reasonably necessary to:

  • comply with law, legal process, or governmental requests
  • protect the rights, property, and safety of UniConnect, our users, or the public
  • prevent fraud, abuse, or security incidents
  • investigate and enforce violations of our Terms and policies

E) Business payments (Stripe)

If businesses purchase Sponsored Pins or other business products, payments may be processed by Stripe or another payment processor. End-user payment card data is not collected by UniConnect for typical consumer use of the Service.

7) “Sale” of Personal Information (California)

California law defines “sell” broadly and can include making personal information available to a third party for monetary or other valuable consideration.

A) What UniConnect does

UniConnect may sell (as defined by California law) limited personal information by providing businesses with aggregated or segmented demographic insights related to Sponsored Pins and Business Offers in exchange for payment.

UniConnect does not use third-party ad networks and does not collect mobile advertising IDs (e.g., IDFA/GAID) for cross-app tracking. Our advertising is limited to in-app local business placements and related performance analytics.

B) Categories of personal information involved

Depending on what you provide and how you use the Service, categories that may be sold can include:

  • user-provided profile characteristics (e.g., gender, class year, major, clubs/associations)
  • activity data related to pins/offers (e.g., viewed/clicked/saved/redeemed)

We do not sell direct identifiers (such as your name or email address) to businesses as part of these analytics.

C) Recipients

Recipients of this information are local businesses participating in Sponsored Pins / Business Offers programs and receiving Insights.

D) Your right to opt out (“Do Not Sell or Share”)

If you are a California resident, you can opt out of the sale of your personal information.

Opt-out methods:

  • Email us at help@uniconnect.social with the subject line: “Do Not Sell My Personal Information” from the email associated with your UniConnect account.
  • Where available, use an in-app or website “Do Not Sell or Share My Personal Information” control.

Effect of opt-out: If you opt out, we will exclude your personal information from data sold to businesses for Sponsored Pin / Business Offer insights to the extent applicable. You may still see Sponsored Pins (they are in-app advertising placements), but your opt-out affects whether your information is included in sold insights.

E) Users under 16

UniConnect does not permit users under 16 on the Service and therefore does not knowingly sell the personal information of users under 16. If we learn a user is under 16, we will take action consistent with this policy and our Terms.

8) Sensitive Personal Information

California law defines a subset of “sensitive personal information” (e.g., precise geolocation, government IDs, financial credentials, health information, and certain other categories). UniConnect does not intend to collect these categories as part of the current product. If we introduce features that collect sensitive personal information, we will update this policy and provide any rights and controls required by applicable law.

9) Data Retention

We retain personal information for as long as reasonably necessary to:

  • provide and operate the Service
  • maintain safety and enforce our rules
  • comply with legal obligations
  • resolve disputes and investigate incidents

Baseline retention (current):

  • most account and content data: up to 3 years after last activity, unless you delete earlier
  • event/location interaction logs (if maintained separately): up to 1 month
  • security logs: retained for a limited period appropriate for security, auditing, and incident response

See our Data Retention & Deletion Policy for more detail.

10) Deletion, Anonymization, and Account Controls

You can delete your account via self-serve tools in the Service (where available). You can delete certain content you post via your profile tools (where available).

When you delete your account, we generally remove or anonymize identifiers and may retain limited de-identified or pseudonymous records for safety, fraud prevention, legal compliance, and dispute resolution, as described in our Data Retention & Deletion Policy.

11) Your California Privacy Rights (CPRA)

If you are a California resident, you may have rights to:

  • Know/access the personal information we collected, used, disclosed, or sold
  • Delete personal information (subject to legal and operational exceptions)
  • Correct inaccurate personal information
  • Opt out of the sale of personal information
  • Non-discrimination for exercising your rights

How to submit a request: Email help@uniconnect.social from your account email and include:

  • request type (Access / Delete / Correct / Opt Out), and
  • your name and the email associated with your UniConnect account

We will take reasonable steps to verify your request before responding.

12) Security

We use reasonable administrative, technical, and organizational safeguards to protect information, including TLS/HTTPS encryption in transit, role-based access controls and least privilege, MFA where available, access logging, and periodic reviews, and documented incident response procedures.

No system is 100% secure, and we cannot guarantee absolute security.

13) International Processing

The Service is intended for California users, but vendors may process data on infrastructure located in the United States or other jurisdictions.

14) Changes to This Policy

We may update this policy from time to time. If changes are material, we will provide notice in the Service or via email.

15) Contact

UniConnect (Musicbox IV LLC)Support / Privacy / Legal: help@uniconnect.socialMailing Address: P.O. Box 2218, Santa Barbara, CA 93120Phone: (805) 451-4960

—-------------------

1.2 Contact Information for privacy inquiries

  • Help@Uniconnect.social