Skip to content
No Broker Biz Deals

Legal

Privacy policy

Summary. We collect account, usage, and messaging data to run the marketplace. We use Supabase for auth and database and may use PostHog for product analytics. This policy describes those practices at a high level—have counsel align it with your entity, jurisdictions, and ad tech choices.

We help you advertise your business to buyers. We are not your broker and we do not give tax or legal advice. Talk to your own lawyer and accountant for your situation.

1. Who we are

This policy covers the NoBrokerBizDeals web application (the “Service”). The data controller name and address should be inserted here for your legal entity.

2. Information we collect

  • Account data: email address, password (stored by our auth provider), profile fields you provide, and role (buyer, seller, etc.).
  • Listing and content: teasers, creative finance fields, optional images, and messages you send through the Service.
  • Technical data: IP address, device and browser type, pages viewed, and approximate location derived from IP (via analytics tools).
  • Cookies and similar technologies: session cookies for authentication; analytics cookies if you enable PostHog or similar vendors.

3. How we use information

We use data to provide and secure the Service, authenticate users, display listings, enable buyer–seller messaging, improve product experience, comply with law, and enforce our Terms. We do not sell your personal information as a commodity; if we introduce advertising or data partnerships, we will update this policy and any required consents.

4. Supabase

Authentication and primary application data are processed by Supabase (hosted Postgres). Supabase’s privacy policy and DPA govern their processing. Database rows are protected by row-level security policies; never share service-role keys in client-side code.

5. PostHog (product analytics)

When NEXT_PUBLIC_POSTHOG_KEY is configured, the app may load PostHog’s JavaScript SDK to collect page views, feature usage, and diagnostic events. PostHog may set cookies or use local storage. Review PostHog’s documentation and your region’s consent requirements (e.g. EU/UK). You can disable PostHog by removing the key from your environment.

6. Payments

Paid features may be processed by Stripe. We do not store full card numbers on our servers; Stripe handles payment data under its own terms and privacy policy.

7. Retention

We retain data while your account is active and as needed for legal, tax, or fraud prevention. Listings and messages may be retained according to backup and moderation policies. You may request deletion where applicable law requires, subject to legitimate business or legal holds.

8. Your rights

Depending on your location, you may have rights to access, correct, delete, or export personal data, and to object to certain processing. Contact us to exercise these rights. We may verify your identity before responding.

9. Children

The Service is not directed at children under 16. We do not knowingly collect personal information from children.

10. International transfers

Data may be processed in the United States or other countries where our subprocessors operate. Use appropriate safeguards (e.g. Standard Contractual Clauses) if you serve EU/UK users—your counsel should document this.

11. Changes

We may update this policy from time to time. Material changes will be posted on this page with an updated effective date.

12. Contact

Privacy inquiries: add your operational privacy contact or Data Protection Officer details here.

Privacy policy · NoBrokerBizDeals