This page is included in a free SaaS Website Kit.

View the complete kit

Privacy Policy

Privacy Policy

Last Updated: December 2025

Last Updated: December 2025

Last Updated: December 2025

1. Introduction

1.1 Buyience Limited ("we", "us", "our", "Buyience") is committed to safeguarding the privacy of our website visitors, platform users, and service customers.

1.2 This Privacy Policy applies where we act as a data controller with respect to the personal data of our website visitors, platform users, and service customers. In other words, where we determine the purposes and means of processing that personal data.

1.3 We use cookies on our website and platform. Insofar as those cookies are not strictly necessary for the provision of our services, we will ask you to consent to our use of cookies when you first visit our website or platform.

1.4 Our platform and services are designed for business-to-business (B2B) customers and commercial use.

1.5 We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Company Details:
Buyience Limited

Company No: 14871419.

Registered Address - 128 City Road, London, United Kingdom, EC1V 2NX

1.1 Buyience Limited ("we", "us", "our", "Buyience") is committed to safeguarding the privacy of our website visitors, platform users, and service customers.

1.2 This Privacy Policy applies where we act as a data controller with respect to the personal data of our website visitors, platform users, and service customers. In other words, where we determine the purposes and means of processing that personal data.

1.3 We use cookies on our website and platform. Insofar as those cookies are not strictly necessary for the provision of our services, we will ask you to consent to our use of cookies when you first visit our website or platform.

1.4 Our platform and services are designed for business-to-business (B2B) customers and commercial use.

1.5 We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Company Details:
Buyience Limited

Company No: 14871419.

Registered Address - 128 City Road, London, United Kingdom, EC1V 2NX

2. How We Use Your Personal Data

2.1 In this section, we outline:

  • The general categories of personal data we may process

  • The purposes for which we may process personal data

  • The legal bases for processing

2.2 Usage Data

We may process data about your use of our website, platform, and services ("usage data"). Usage data may include:

  • IP address

  • Geographical location

  • Browser type and version

  • Operating system

  • Referral source

  • Length of visit and page views

  • Website navigation paths

  • Information about timing, frequency, and pattern of service use


This data is processed for analyzing platform usage and improving our services. The legal basis is our legitimate interests in monitoring and improving our platform and services.

2.3 Account Data

We may process your account data, which may include:

  • Name and email address

  • Company name and business details

  • Contact information

  • Job title and role


Account data is processed for operating our platform, providing services, ensuring security, maintaining database backups, and communicating with you. The legal basis is our legitimate interests in proper platform administration and contract performance.

2.4 Profile Data

We may process information included in your user profile on our platform ("profile data"), including:

  • Name and contact details

  • Company information

  • Role and permissions within the platform

  • Business preferences and settings

Profile data enables and monitors platform usage. The legal basis is our legitimate interests and contract performance.

2.5 Service Data

We process personal data provided during platform use ("service data"), including:

  • Quote requests and responses

  • Product catalog information

  • Order and transaction data

  • Customer and supplier information you input

  • Communication records within the platform


Service data is processed for operating the platform, providing services, ensuring security, and maintaining backups. The legal basis is contract performance and our legitimate interests.

2.6 Transaction Data

We may process information relating to transactions conducted through our platform ("transaction data"), including:

  • Contact details

  • Quote details and pricing

  • Order information

  • Payment processing data (where applicable)


Transaction data is processed for supplying purchased services and maintaining proper records. The legal basis is contract performance.

2.7 Enquiry and Communication Data

We process information in enquiries you submit regarding our services ("enquiry data") and correspondence you send to us. This is processed for:

  • Responding to your enquiries

  • Marketing relevant services to you

  • Record-keeping

  • Customer relationship management


The legal basis is our legitimate interests in proper business administration and customer communication. You can opt out of marketing communications at any time.

2.8 Marketing and Newsletter Data

If you subscribe to our newsletters or marketing communications, we process your contact information and preferences. We will only send marketing communications with your explicit consent, and you can unsubscribe at any time using the link in our emails or by contacting us.

2.9 Legal Compliance

We may process any personal data where necessary for:

  • Establishing, exercising, or defending legal claims

  • Obtaining or maintaining insurance coverage

  • Managing risks or obtaining professional advice

  • Complying with legal obligations

  • Protecting vital interests of you or another person


2.1 In this section, we outline:

  • The general categories of personal data we may process

  • The purposes for which we may process personal data

  • The legal bases for processing

2.2 Usage Data

We may process data about your use of our website, platform, and services ("usage data"). Usage data may include:

  • IP address

  • Geographical location

  • Browser type and version

  • Operating system

  • Referral source

  • Length of visit and page views

  • Website navigation paths

  • Information about timing, frequency, and pattern of service use


This data is processed for analyzing platform usage and improving our services. The legal basis is our legitimate interests in monitoring and improving our platform and services.

2.3 Account Data

We may process your account data, which may include:

  • Name and email address

  • Company name and business details

  • Contact information

  • Job title and role


Account data is processed for operating our platform, providing services, ensuring security, maintaining database backups, and communicating with you. The legal basis is our legitimate interests in proper platform administration and contract performance.

2.4 Profile Data

We may process information included in your user profile on our platform ("profile data"), including:

  • Name and contact details

  • Company information

  • Role and permissions within the platform

  • Business preferences and settings

Profile data enables and monitors platform usage. The legal basis is our legitimate interests and contract performance.

2.5 Service Data

We process personal data provided during platform use ("service data"), including:

  • Quote requests and responses

  • Product catalog information

  • Order and transaction data

  • Customer and supplier information you input

  • Communication records within the platform


Service data is processed for operating the platform, providing services, ensuring security, and maintaining backups. The legal basis is contract performance and our legitimate interests.

2.6 Transaction Data

We may process information relating to transactions conducted through our platform ("transaction data"), including:

  • Contact details

  • Quote details and pricing

  • Order information

  • Payment processing data (where applicable)


Transaction data is processed for supplying purchased services and maintaining proper records. The legal basis is contract performance.

2.7 Enquiry and Communication Data

We process information in enquiries you submit regarding our services ("enquiry data") and correspondence you send to us. This is processed for:

  • Responding to your enquiries

  • Marketing relevant services to you

  • Record-keeping

  • Customer relationship management


The legal basis is our legitimate interests in proper business administration and customer communication. You can opt out of marketing communications at any time.

2.8 Marketing and Newsletter Data

If you subscribe to our newsletters or marketing communications, we process your contact information and preferences. We will only send marketing communications with your explicit consent, and you can unsubscribe at any time using the link in our emails or by contacting us.

2.9 Legal Compliance

We may process any personal data where necessary for:

  • Establishing, exercising, or defending legal claims

  • Obtaining or maintaining insurance coverage

  • Managing risks or obtaining professional advice

  • Complying with legal obligations

  • Protecting vital interests of you or another person


3. Providing Your Personal Data to Others

3.1 We may disclose your personal data to members of our group of companies insofar as reasonably necessary for the purposes set out in this policy.

3.2 We may disclose personal data to:

  • Our insurers and professional advisers

  • Suppliers and subcontractors necessary for service delivery

  • IT service providers and hosting providers

  • Payment service providers (where applicable)

  • Analytics providers


3.3 We only allow service providers to handle personal data when we have confirmed they apply appropriate data protection and security controls. We impose contractual obligations ensuring they can only use data to provide services to us and you.

3.4 We may share data with:

  • Credit reference agencies (where necessary)

  • Governmental bodies, regulators, law enforcement agencies, courts, and insurers where required by law or for legal proceedings


3.5 We will never sell or rent customer data to other organizations for marketing purposes.

3.1 We may disclose your personal data to members of our group of companies insofar as reasonably necessary for the purposes set out in this policy.

3.2 We may disclose personal data to:

  • Our insurers and professional advisers

  • Suppliers and subcontractors necessary for service delivery

  • IT service providers and hosting providers

  • Payment service providers (where applicable)

  • Analytics providers


3.3 We only allow service providers to handle personal data when we have confirmed they apply appropriate data protection and security controls. We impose contractual obligations ensuring they can only use data to provide services to us and you.

3.4 We may share data with:

  • Credit reference agencies (where necessary)

  • Governmental bodies, regulators, law enforcement agencies, courts, and insurers where required by law or for legal proceedings


3.5 We will never sell or rent customer data to other organizations for marketing purposes.

4. International Transfers of Personal Data

4.1 Our primary hosting facilities and data processing occur within the United Kingdom and European Economic Area (EEA).

4.2 Where we transfer personal data outside the UK or EEA, we ensure appropriate safeguards are in place, including:

  • Standard contractual clauses approved by the UK Information Commissioner's Office

  • Adequacy decisions recognizing equivalent data protection standards

  • Other legally approved transfer mechanisms


4.3 You may request information about specific safeguards we have in place by contacting us.

4.1 Our primary hosting facilities and data processing occur within the United Kingdom and European Economic Area (EEA).

4.2 Where we transfer personal data outside the UK or EEA, we ensure appropriate safeguards are in place, including:

  • Standard contractual clauses approved by the UK Information Commissioner's Office

  • Adequacy decisions recognizing equivalent data protection standards

  • Other legally approved transfer mechanisms


4.3 You may request information about specific safeguards we have in place by contacting us.

5. Data Retention and Deletion

5.1 Personal data processed for any purpose shall not be kept longer than necessary for that purpose.

5.2 Retention periods are determined based on:

  • The duration of our relationship with you

  • Legal and regulatory requirements

  • Business needs for record-keeping


5.3 Generally, we will retain personal data for the duration of your account plus:

  • Active customer data: Duration of subscription plus 6 years

  • Marketing communications data: Until you unsubscribe or opt out

  • Transaction records: 6 years for tax and accounting purposes

  • Support and correspondence: 3 years from last interaction


5.4 We may retain data beyond these periods where required by law or to protect legal rights.

5.5 When you cancel your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law.

5.1 Personal data processed for any purpose shall not be kept longer than necessary for that purpose.

5.2 Retention periods are determined based on:

  • The duration of our relationship with you

  • Legal and regulatory requirements

  • Business needs for record-keeping


5.3 Generally, we will retain personal data for the duration of your account plus:

  • Active customer data: Duration of subscription plus 6 years

  • Marketing communications data: Until you unsubscribe or opt out

  • Transaction records: 6 years for tax and accounting purposes

  • Support and correspondence: 3 years from last interaction


5.4 We may retain data beyond these periods where required by law or to protect legal rights.

5.5 When you cancel your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law.

6. Security of Personal Data

6.1 We implement appropriate technical and organizational measures to secure personal data and prevent loss, misuse, or alteration.

6.2 Our security measures include:

  • Encryption of data in transit and at rest

  • Secure servers with firewall protection

  • Regular security assessments and penetration testing

  • Access controls and authentication requirements

  • Regular backup procedures with encrypted storage

  • Employee training on data protection

  • Incident response procedures


6.3 All passwords are encrypted, and we never store plain-text passwords. You are responsible for keeping your password confidential.

6.4 We use TLS/SSL encryption (HTTPS) for all data transmission between your browser and our platform.

Security Best Practices:

  • Use strong, unique passwords

  • Enable two-factor authentication when available

  • Never share your login credentials

  • Log out when using shared devices

  • Report any suspected security breaches immediately

6.1 We implement appropriate technical and organizational measures to secure personal data and prevent loss, misuse, or alteration.

6.2 Our security measures include:

  • Encryption of data in transit and at rest

  • Secure servers with firewall protection

  • Regular security assessments and penetration testing

  • Access controls and authentication requirements

  • Regular backup procedures with encrypted storage

  • Employee training on data protection

  • Incident response procedures


6.3 All passwords are encrypted, and we never store plain-text passwords. You are responsible for keeping your password confidential.

6.4 We use TLS/SSL encryption (HTTPS) for all data transmission between your browser and our platform.

Security Best Practices:

  • Use strong, unique passwords

  • Enable two-factor authentication when available

  • Never share your login credentials

  • Log out when using shared devices

  • Report any suspected security breaches immediately

7. Your Rights Under UK GDPR

7.1 Under data protection law, you have the following rights:

Right to Access

You have the right to confirmation of whether we process your personal data and access to that data, together with information about the processing. We will provide the first copy free of charge; additional copies may incur a reasonable fee.

Right to Rectification

You have the right to have inaccurate personal data corrected and incomplete data completed.

Right to Erasure ("Right to be Forgotten")

In certain circumstances, you have the right to erasure of your personal data, including when:

  • The data is no longer necessary for the purposes collected

  • You withdraw consent (where consent was the legal basis)

  • You object to processing based on legitimate interests

  • The data has been unlawfully processed

Right to Restrict Processing

You have the right to restrict processing in certain circumstances, such as when you contest data accuracy or object to processing.

Right to Data Portability

Where processing is based on consent or contract performance and carried out by automated means, you have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller.

Right to Object

You have the right to object to processing based on legitimate interests or for direct marketing purposes. We will cease processing unless we can demonstrate compelling legitimate grounds.

Right to Withdraw Consent

Where processing is based on consent, you may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.

Right to Lodge a Complaint

You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe our processing infringes data protection laws.

7.2 To exercise any of these rights, please contact us using the details in Section 14.

7.3 We will respond to requests within one month, which may be extended by two additional months for complex requests.

7.1 Under data protection law, you have the following rights:

Right to Access

You have the right to confirmation of whether we process your personal data and access to that data, together with information about the processing. We will provide the first copy free of charge; additional copies may incur a reasonable fee.

Right to Rectification

You have the right to have inaccurate personal data corrected and incomplete data completed.

Right to Erasure ("Right to be Forgotten")

In certain circumstances, you have the right to erasure of your personal data, including when:

  • The data is no longer necessary for the purposes collected

  • You withdraw consent (where consent was the legal basis)

  • You object to processing based on legitimate interests

  • The data has been unlawfully processed

Right to Restrict Processing

You have the right to restrict processing in certain circumstances, such as when you contest data accuracy or object to processing.

Right to Data Portability

Where processing is based on consent or contract performance and carried out by automated means, you have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller.

Right to Object

You have the right to object to processing based on legitimate interests or for direct marketing purposes. We will cease processing unless we can demonstrate compelling legitimate grounds.

Right to Withdraw Consent

Where processing is based on consent, you may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.

Right to Lodge a Complaint

You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe our processing infringes data protection laws.

7.2 To exercise any of these rights, please contact us using the details in Section 14.

7.3 We will respond to requests within one month, which may be extended by two additional months for complex requests.

8. Data Controller and Data Processor

8.1 For data you input into the Buyience platform (such as your customer data, quote information, and business records), you are the "data controller" and Buyience is the "data processor."

8.2 As a data processor, we:

  • Process data only on your instructions

  • Implement appropriate security measures

  • Assist with data subject rights requests

  • Delete or return data upon termination as instructed

  • Notify you of any data breaches

8.3 You warrant that you have the legal right to disclose all personal data you input into our platform and that you comply with data protection laws in your use of our services.

8.1 For data you input into the Buyience platform (such as your customer data, quote information, and business records), you are the "data controller" and Buyience is the "data processor."

8.2 As a data processor, we:

  • Process data only on your instructions

  • Implement appropriate security measures

  • Assist with data subject rights requests

  • Delete or return data upon termination as instructed

  • Notify you of any data breaches

8.3 You warrant that you have the legal right to disclose all personal data you input into our platform and that you comply with data protection laws in your use of our services.

9. Cookies and Tracking Technologies

9.1 What Are Cookies?

A cookie is a small file containing an identifier that is sent by a web server to a web browser and stored by the browser. The identifier is sent back to the server each time the browser requests a page.

9.2 Types of Cookies

We use both session cookies (deleted when you close your browser) and persistent cookies (remain until deleted or expired).

9.3 How We Use Cookies

We use cookies for:

  • Essential cookies: Required for platform operation, authentication, and security

  • Functional cookies: Remember your preferences and settings

  • Analytics cookies: Understand how users interact with our platform (Google Analytics)

  • Marketing cookies: Track campaign effectiveness (only with consent)


9.4 Third-Party Cookies

Our service providers may also set cookies:

  • Google Analytics: Analyzes website usage - Privacy Policy

  • Other analytics and monitoring tools as necessary for service operation


9.5 Managing Cookies

Most browsers allow you to refuse or delete cookies. Methods vary by browser:


Note: Blocking essential cookies will prevent platform functionality. Blocking other cookies may limit your experience.

9.1 What Are Cookies?

A cookie is a small file containing an identifier that is sent by a web server to a web browser and stored by the browser. The identifier is sent back to the server each time the browser requests a page.

9.2 Types of Cookies

We use both session cookies (deleted when you close your browser) and persistent cookies (remain until deleted or expired).

9.3 How We Use Cookies

We use cookies for:

  • Essential cookies: Required for platform operation, authentication, and security

  • Functional cookies: Remember your preferences and settings

  • Analytics cookies: Understand how users interact with our platform (Google Analytics)

  • Marketing cookies: Track campaign effectiveness (only with consent)


9.4 Third-Party Cookies

Our service providers may also set cookies:

  • Google Analytics: Analyzes website usage - Privacy Policy

  • Other analytics and monitoring tools as necessary for service operation


9.5 Managing Cookies

Most browsers allow you to refuse or delete cookies. Methods vary by browser:


Note: Blocking essential cookies will prevent platform functionality. Blocking other cookies may limit your experience.

10. Children's Privacy

10.1 Our services are designed for business users and are not intended for persons under 18 years of age.

10.2 We do not knowingly collect data from children. If we become aware we have collected data from someone under 18, we will delete it promptly.

10.1 Our services are designed for business users and are not intended for persons under 18 years of age.

10.2 We do not knowingly collect data from children. If we become aware we have collected data from someone under 18, we will delete it promptly.

11. Third-Party Websites and Integrations

11.1 Our platform may contain links to third-party websites or integrate with third-party services.

11.2 We have no control over and are not responsible for the privacy policies and practices of third parties.

11.3 When you integrate third-party services (such as accounting software or payment gateways) with our platform, those services' privacy policies will also apply to data shared with them.

11.1 Our platform may contain links to third-party websites or integrate with third-party services.

11.2 We have no control over and are not responsible for the privacy policies and practices of third parties.

11.3 When you integrate third-party services (such as accounting software or payment gateways) with our platform, those services' privacy policies will also apply to data shared with them.

12. Data Breach Notification

12.1 In the event of a personal data breach, we will:

  • Notify the ICO within 72 hours where required by law

  • Notify affected individuals where the breach poses a high risk to their rights and freedoms

  • Document all breaches and our response measures


12.2 Our incident response procedures include immediate containment, investigation, remediation, and communication.

12.1 In the event of a personal data breach, we will:

  • Notify the ICO within 72 hours where required by law

  • Notify affected individuals where the breach poses a high risk to their rights and freedoms

  • Document all breaches and our response measures


12.2 Our incident response procedures include immediate containment, investigation, remediation, and communication.

13. Changes to This Privacy Policy

13.1 We may update this Privacy Policy from time to time by publishing a new version on our website.

13.2 You should check this page periodically to ensure you are satisfied with any changes.

13.3 We may notify you of significant changes by email or through the platform.

13.1 We may update this Privacy Policy from time to time by publishing a new version on our website.

13.2 You should check this page periodically to ensure you are satisfied with any changes.

13.3 We may notify you of significant changes by email or through the platform.

14. Contact Information

If you have any questions about this Privacy Policy, wish to exercise your data protection rights, or have concerns about how we handle your personal data, please contact us:

Data Protection Officer
Buyience Limited
[Address to be inserted]
Email: privacy@buyience.com
Telephone: [To be inserted]

Supervisory Authority:
You have the right to lodge a complaint with the Information Commissioner's Office:
Website: https://ico.org.uk
Helpline: 0303 123 1113

If you have any questions about this Privacy Policy, wish to exercise your data protection rights, or have concerns about how we handle your personal data, please contact us:

Data Protection Officer
Buyience Limited
[Address to be inserted]
Email: privacy@buyience.com
Telephone: [To be inserted]

Supervisory Authority:
You have the right to lodge a complaint with the Information Commissioner's Office:
Website: https://ico.org.uk
Helpline: 0303 123 1113

15. Legal Basis Summary

We process personal data under the following legal bases:

  • Contract Performance: Processing necessary to provide services you have subscribed to

  • Legitimate Interests: Processing necessary for our legitimate business interests (e.g., platform improvement, security, customer service)

  • Consent: Where you have given explicit consent (e.g., marketing communications)

  • Legal Obligations: Processing required to comply with legal requirements

We process personal data under the following legal bases:

  • Contract Performance: Processing necessary to provide services you have subscribed to

  • Legitimate Interests: Processing necessary for our legitimate business interests (e.g., platform improvement, security, customer service)

  • Consent: Where you have given explicit consent (e.g., marketing communications)

  • Legal Obligations: Processing required to comply with legal requirements

Create a free website with Framer, the website builder loved by startups, designers and agencies.