Privacy Policy

1. Information We Collect

We collect the following categories of information when you use EximNext:

Registration Information: Name, email address, phone number, company name, country, and business type when you create an account.

Verification Documents: Business registration documents, identity documents, and certifications submitted for KYC verification. These are stored securely and used only for verification purposes.

Transaction Data: Details of requirements posted, inquiries sent and received, quotes exchanged, and transactions completed through the Platform.

Usage Data: Pages visited, search queries, products viewed, click behaviour, session duration, IP address, device type, and browser information.

Communications: Messages sent through the EximNext messaging system between buyers and suppliers.

2. How We Use Your Information

We use your information to:

•Operate and improve the Platform and its features•Verify your identity and business registration•Calculate your Trust Score and assign membership tiers•Match buyers and suppliers based on requirements and product categories•Send transactional emails (inquiry notifications, quote alerts, Trust Score reports)•Send marketing communications if you have opted in (you may opt out at any time)•Detect and prevent fraud, abuse, and policy violations•Comply with legal obligations and respond to lawful requests from authorities•Provide customer support

3. Information Sharing

We do not sell your personal data to third parties.

We share your information in the following circumstances:

With other users: Your public profile information (company name, country, verified status, Trust Score, product listings) is visible to other registered users. Contact details are only shared after you initiate or respond to an inquiry.

With service providers: We work with third-party service providers for payment processing, identity verification, email delivery, cloud hosting, and analytics. These providers process data only on our instructions.

For legal compliance: We may disclose information to law enforcement or regulatory authorities in response to lawful requests, court orders, or to protect the rights and safety of our users and the public.

In business transfers: If EximNext is acquired or merges with another company, user data may be transferred as part of that transaction.

4. Data Security

We implement industry-standard security measures to protect your data including:

•SSL/TLS encryption for all data in transit•AES-256 encryption for sensitive data at rest•Two-factor authentication for account access•Regular security audits and penetration testing•Access controls limiting employee access to personal data on a need-to-know basis

Verification documents (KYC, business registration) are stored in an isolated, access-controlled environment separate from general platform data.

Despite these measures, no system is completely secure. We encourage users to use strong passwords and enable two-factor authentication.

5. Data Retention

We retain your account data for as long as your account is active and for a period of 5 years after account closure to comply with legal and financial record-keeping obligations.

Verification documents are retained for 7 years in accordance with anti-money laundering regulations.

If you request account deletion, we will delete or anonymise your personal data within 30 days, except where retention is required by law.

6. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

•Access: Request a copy of the personal data we hold about you•Correction: Request correction of inaccurate or incomplete data•Deletion: Request deletion of your personal data (subject to legal retention requirements)•Portability: Request your data in a machine-readable format•Objection: Object to certain types of processing including direct marketing•Restriction: Request restriction of processing in certain circumstances

To exercise any of these rights, contact [email protected]. We will respond within 30 days.

7. Cookies

We use cookies and similar technologies to operate the Platform, remember your preferences, analyse usage patterns, and deliver relevant advertising.

Essential cookies: Required for the Platform to function. Cannot be disabled.Analytics cookies: Help us understand how users interact with the Platform (e.g. Google Analytics).Preference cookies: Remember your settings and preferences.Marketing cookies: Used to show relevant advertisements on third-party platforms.

You can manage your cookie preferences through your browser settings. Disabling certain cookies may affect Platform functionality.

8. International Transfers

EximNext operates globally and your data may be transferred to and processed in countries other than your country of residence. We ensure that all international transfers are made in compliance with applicable data protection laws, using Standard Contractual Clauses or other approved transfer mechanisms where required.

9. Contact

For privacy-related queries or to exercise your data rights:

Data Protection Contact: [email protected]EximNext Mumbai, Maharashtra, India