DirectList
Sign in

Privacy policy

Last updated 13 June 2026

Our privacy promise

Your name, email and phone number are never shown publicly. They're disclosed to another person only after a qualifying interaction — for example when you accept an offer or a legal vendor is assigned to your deal. Every time someone gains access to your personal details, we record an immutable audit log of who accessed what and when.

1. Data we collect

Account details (name, email, phone), verification data (proof-of-funds or mortgage-in-principle documents), listing content you create, offers and messages you send, and technical data such as device and usage information needed to run the service.

2. How we use it

To operate the marketplace: showing listings, enabling member-gated offers and messaging, verifying identity and funds, preventing fraud and abuse, processing memberships, and referring accepted deals to a legal vendor. We use the lawful bases of contract, legitimate interests and, where required, consent.

3. When contact details are shared

We do not publish contact details on listings or profiles. They become visible to a counterparty only on a qualifying interaction (such as an accepted offer or an assigned vendor), and only to the people who need them for that transaction. Verification documents are never published — they only produce a badge.

4. Access logging

Access to personal data by buyers, sellers, vendors and staff is logged in an append-only audit trail. This lets us detect misuse and, on request, tell you who has accessed your information.

5. Sharing with third parties

We share data only with service providers needed to run DirectList (such as payment, email, SMS and object-storage providers) and with the legal vendor assigned to your deal. We don't sell your personal data.

6. Your rights

You can access, correct, export or request deletion of your personal data, and object to certain processing. Contact us to exercise these rights. We retain data only as long as needed for the service and our legal obligations.

7. Security

Documents are stored via signed, time-limited links and are not publicly browsable. Sensitive actions are rate-limited and access-controlled. No system is perfectly secure, but we work to protect your data in transit and at rest.

For how verification and safety work in practice, see our trust & safety page, and our terms of service.