Privacy Policy

Effective date: 26 April 2026

Exit Broker (“we”, “us”, “our”) is committed to protecting your privacy and handling personal information responsibly. This Privacy Policy explains how we collect, hold, use and disclose personal information, and how you can access or correct your information or make a complaint.

We aim to handle personal information in line with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

This Privacy Policy applies to personal information collected through our website, enquiry forms, telephone calls, emails, meeting bookings, CRM systems, business sale enquiries, exit assessments, buyer pathway discussions and related communications.

Contents

1. What is personal information?

2. The personal information we collect

3. How we collect personal information

4. Why we collect, hold and use personal information

5. Exit assessments, saleability reviews and valuation-related enquiries

6. Disclosure of personal information

7. Brokerage-related disclosure and seller confidentiality

8. Overseas disclosure

9. Direct marketing and opting out

10. Cookies and tracking technologies

11. Data security and retention

12. Access and correction

13. Complaints

14. Notifiable data breaches

15. Changes to this Privacy Policy

16. Contact us

17. Helpful references

1) What is personal information?

“Personal information” means information or an opinion about an identified individual, or an individual who is reasonably identifiable.

Personal information may include your name, contact details, business-related information connected to you, enquiry details, communications with us, and information submitted through website forms or booking systems.

2) The personal information we collect

We may collect personal information such as:

• your name, email address, phone number and other contact details;

• business name, industry, location, size, revenue range, profit range or other business information you choose to provide;

• information about your business sale objectives, preferred timeframe, buyer pathway interest or exit planning needs;

• information you submit through website forms, call-back forms, exit assessment forms or meeting booking tools;

• records of our communications with you, including emails, calls, meeting notes and correspondence;

• website and device information, including IP address, browser type, pages viewed, referral source and approximate location collected through analytics tools;

• information from professional advisers, referral partners, service providers or publicly available sources, where relevant to your enquiry; and

• any other information you voluntarily provide to us.

We do not seek to collect sensitive information unless it is necessary for a lawful purpose and you have consented, or we are otherwise permitted or required by law to collect it.

3) How we collect personal information

We may collect personal information:

• directly from you when you submit a form, request an exit assessment, book a meeting, call us, email us or otherwise contact us;

• through website forms, enquiry forms, landing pages, call-back requests and appointment booking systems;

• through our CRM, email systems, analytics tools, call tracking tools or website security tools;

• from referral partners, professional advisers or other representatives authorised by you;

• from publicly available sources, where relevant to a business sale, buyer pathway or advisory enquiry; and

• automatically through cookies and similar technologies when you use our website.

4) Why we collect, hold and use personal information

We collect, hold and use personal information to:

• respond to enquiries and provide requested services;

• conduct confidential exit assessments, saleability reviews, buyer pathway discussions and advisory support;

• understand your business objectives, preferred timeframe and potential next steps;

• manage communications, appointments, CRM records and client service delivery;

• assess whether your business may suit a confidential buyer pathway, broker-led sale process or further preparation;

• provide information about our services where relevant to your enquiry;

• manage referrals, professional introductions and supplier relationships;

• improve our website, services, marketing, reporting and customer experience;

• maintain website security and prevent misuse, fraud or unauthorised access;

• conduct analytics, reporting and internal administration; and

• comply with legal, regulatory, insurance and professional obligations.

5) Exit assessments, saleability reviews and valuation-related enquiries

Where you request an exit assessment, saleability review, buyer pathway discussion or similar service, we may use the information you provide to consider your business profile, indicative value drivers, readiness for sale, potential buyer pathway and possible next steps.

Unless expressly agreed in writing, any initial exit assessment, saleability review or buyer pathway discussion is general and preliminary in nature. It is not a formal valuation report, financial advice, legal advice or taxation advice.

Formal valuation reports, detailed appraisals, written advisory reports or transaction mandates may require a separate scope, further information, financial review, supporting documentation and professional engagement terms.

6) Disclosure of personal information

We do not sell or rent personal information.

We may disclose personal information to:

• service providers who help us operate our business, website, CRM, forms, analytics, email systems, appointment bookings, IT support and communications;

• professional advisers, including accountants, lawyers, consultants or compliance advisers, where reasonably necessary;

• referral partners or representatives where you have authorised or reasonably expected the disclosure;

• regulators, courts, law enforcement agencies or government authorities where required or authorised by law;

• purchasers or successors of our business or assets, where relevant to a business restructure, merger, sale or transfer; and

• other parties with your consent or where otherwise permitted by law.

7) Brokerage-related disclosure and seller confidentiality

If you engage with us in relation to a business sale, exit assessment, buyer pathway, saleability review or related advisory process, we may use the information you provide to assess your enquiry, discuss possible next steps and provide the services you request.

We do not contact buyers, competitors, staff, customers, suppliers, landlords, professional advisers or other third parties about your business without your authority, except where required or authorised by law.

Where appropriate, and only with suitable authority or instruction, this may include staged disclosure of business information to qualified parties after confidentiality arrangements have been considered or agreed.

Sensitive business information may be handled through controlled disclosure processes, confidentiality agreements, buyer qualification steps, staged information release and other reasonable safeguards depending on the circumstances.

8) Overseas disclosure

Some of our service providers may store or process information outside Australia, including providers of website hosting, CRM systems, email systems, analytics tools, appointment booking systems, cloud storage, security tools and IT support.

Where personal information is disclosed or processed overseas, we take reasonable steps to ensure that information is handled consistently with applicable privacy obligations.

9) Direct marketing and opting out

We may use your contact details to follow up on your enquiry, provide information about our services, or share relevant business sale, exit planning, buyer pathway or saleability information.

You can opt out of marketing communications at any time by using the unsubscribe option where provided or by contacting us directly. We will process opt-out requests within a reasonable period.

Even if you opt out of marketing communications, we may still contact you about an existing enquiry, service request, appointment, transaction process, compliance matter or administrative issue.

10) Cookies and tracking technologies

We use cookies and similar technologies to operate our website, understand how visitors use the site, improve performance, support security and measure the effectiveness of our marketing.

Cookies and similar technologies may be used to:

• enable website functionality;

• remember preferences;

• analyse traffic and website performance;

• understand how visitors interact with our pages;

• measure enquiry form performance and marketing effectiveness; and

• support website security and spam prevention.

You can control cookies through your browser settings. Disabling cookies may affect website functionality.

11) Data security and retention

We take reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification or disclosure. These steps may include access controls, secure systems, CRM permissions, website security tools, secure hosting, staff procedures and data handling controls.

No method of transmission over the internet or electronic storage is completely secure. While we take reasonable steps to protect information, we cannot guarantee absolute security.

We retain personal information only for as long as needed for the purposes described in this Privacy Policy, including to respond to enquiries, provide services, maintain records, comply with legal obligations, resolve disputes, enforce agreements and manage our business.

Where we no longer require personal information, we will take reasonable steps to destroy or de-identify it, subject to legal, regulatory, insurance, accounting and legitimate business record-keeping requirements.

12) Access and correction

You may request access to personal information we hold about you or ask us to correct information you believe is inaccurate, out of date, incomplete, irrelevant or misleading.

To make a request, contact us using the details below. We may need to verify your identity before responding.

In some circumstances, we may refuse access or correction where permitted by law. If we refuse a request, we will provide reasons where it is reasonable and lawful to do so.

13) Complaints

If you believe we have mishandled your personal information or breached this Privacy Policy, you can contact us using the details below. Please provide details of your complaint and any supporting information.

We will:

• acknowledge your complaint within a reasonable timeframe;

• investigate and respond in writing where appropriate; and

• take reasonable steps to address any issue where required.

If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC).

14) Notifiable data breaches

Where required under the Notifiable Data Breaches scheme, we will take reasonable steps to assess suspected eligible data breaches and notify affected individuals and the OAIC where required by law.

A data breach may occur where personal information is lost, accessed without authorisation or disclosed without authorisation. An eligible data breach generally involves a data breach that is likely to result in serious harm to an individual and where remedial action has not prevented that risk.

15) Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The effective date will be revised, and the latest version will be published on our website.

We recommend reviewing this Privacy Policy periodically so you remain aware of how we handle personal information.

16) Contact us

If you have questions about this Privacy Policy, wish to access or correct personal information, opt out of marketing communications, or make a privacy complaint, please contact us:

Exit Broker
Email: contact@exitbroker.com.au
Phone: 02 5662 0007

Helpful references

• OAIC — The Privacy Act

• OAIC — Australian Privacy Principles

• OAIC — Australian Privacy Principles quick reference

• OAIC — Guide to developing an APP privacy policy

• OAIC — Notifiable Data Breaches