Privacy Policy
How Exitly handles personal data
This policy explains how Exitly collects, uses, stores, and protects personal data in line with UK GDPR and the Data Protection Act 2018.
Who we are
Exitly is a marketplace for buying and selling UK businesses. We act as the data controller for the account and enquiry information processed through this website.
What we collect
We collect the minimum personal data needed to provide marketplace accounts: your name, email address, account type, encrypted password, and your marketing preference if you opt in. We also store security logs and enquiry activity when you use the platform.
Why we use it
We use your data to create and secure your account, send verification or password reset emails, support buyer and seller enquiries, and improve the service. Marketing updates are only sent when you actively opt in.
Lawful bases
We process account and transaction data because it is necessary to perform our contract with you and to protect the platform from fraud or misuse. Marketing communications rely on consent and can be withdrawn at any time.
Google sign-in
If you choose Google sign-in, we receive your name, email address, and Google account identifier so we can create or link your Exitly account. We do not receive your Google password.
Retention
We keep account information while your account remains active and for a limited period afterwards where required for legal, tax, dispute, or fraud-prevention purposes.
Your rights
You can request access, correction, deletion, restriction, or portability of your personal data. To request account deletion, contact hello@exitly.com. We will respond in line with UK GDPR requirements.
Cookies
Essential cookies are used for sign-in and account security. Analytics cookies are optional and only load after you give consent through our cookie banner.