Privacy Policy

Expertly is a curated professional network for verified finance and legal professionals. We collect personal data to operate and improve our Platform, verify member credentials, facilitate professional connections, and comply with our legal obligations. We are committed to handling your data transparently, lawfully, and securely.

Expertly Global Ltd is the data controller responsible for your personal data. Our registered contact for data protection matters is:

We collect the following categories of personal data:

3.1 Information you provide directly

• Identity data: full name, profile photo, professional title, firm name.
• Contact data: email address, phone number, LinkedIn profile URL, website.
• Professional data: years of experience, qualifications, credentials, work history, education, services offered, areas of expertise, membership tier.
• Application data: information submitted as part of your membership application, including identity documents provided for verification.
• Content data: articles, profile bio, key engagements, testimonials, and other content you publish on the Platform.
• Communications: messages you send to us or through the Platform, support requests, and consultation requests.

3.2 Information collected automatically

• Usage data: pages visited, features used, search queries, clicks, and session duration.
• Device data: IP address, browser type and version, operating system, device identifiers.
• Log data: server logs, error reports, and performance data.
• Cookies and similar technologies: see Section 11 (Cookies) for full details.

3.3 Information from third parties

• LinkedIn: if you connect your LinkedIn account, we may receive publicly available professional profile data.
• Identity verification providers: verification status and flags from our authorised verification partners.
• Referrals: limited information from members who refer you to the Platform.

We use your personal data for the following purposes:

• Platform operation: to create and manage your account, process your membership application, display your public profile, and deliver our services.
• Verification: to verify your professional identity, qualifications, and credentials.
• Communications: to send service notifications, membership updates, event invitations, the weekly digest, and responses to your enquiries.
• Personalisation: to surface relevant members, articles, and events based on your expertise and activity.
• Platform improvement: to analyse usage patterns, fix bugs, and develop new features.
• Safety and compliance: to detect fraud, enforce our Terms of Service, and comply with legal obligations.
• Marketing: to send you information about Expertly features or services where you have given consent or where we have a legitimate interest (you may opt out at any time).

We process your personal data on the following legal bases under UK/EU GDPR:

• Contract performance: processing necessary to fulfil our agreement with you, including operating your account and membership.
• Legitimate interests: improving our Platform, preventing fraud, and ensuring network security — balanced against your privacy rights.
• Consent: where you have given clear consent (e.g., marketing emails, LinkedIn data import). You may withdraw consent at any time without affecting the lawfulness of prior processing.
• Legal obligation: where processing is required by applicable law or regulation.

We do not sell your personal data. We share it only in the following circumstances:

• Other users: your public profile information (name, designation, expertise, location, and published content) is visible to authenticated Platform members.
• Service providers: we share data with trusted third-party processors who help us operate the Platform (e.g., cloud hosting, email delivery, identity verification). These providers are contractually bound to process data only on our instructions.
• Professional verification: limited data is shared with accreditation and verification bodies as part of the credentialing process.
• Legal requirements: we may disclose data to law enforcement, regulators, or courts where required by law or to protect the rights, property, or safety of Expertly, our members, or the public.
• Business transfers: in the event of a merger, acquisition, or sale of all or part of our business, your data may be transferred to the successor entity, subject to the same privacy protections.

Your data may be processed in countries outside the UK and European Economic Area (EEA) where our service providers operate. Where we transfer data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the relevant supervisory authority, or we rely on adequacy decisions. You may request details of these safeguards by contacting us.

We retain your personal data for as long as necessary to fulfil the purposes described in this Policy, unless a longer retention period is required or permitted by law. Specifically:

• Account data: retained for the duration of your membership and for up to 7 years after account closure for legal and audit purposes.
• Application data: retained for up to 7 years from the date of your application, regardless of outcome.
• Content data (articles, profile): retained until you delete the content or close your account, subject to legal holds.
• Usage and log data: typically retained for 12 months.

When data is no longer required, we securely delete or anonymise it.

Depending on your location, you may have the following rights regarding your personal data:

• Access: request a copy of the personal data we hold about you.
• Rectification: request correction of inaccurate or incomplete data.
• Erasure: request deletion of your data (the “right to be forgotten”), subject to legal retention obligations.
• Restriction: request that we limit processing of your data in certain circumstances.
• Portability: receive your data in a structured, machine-readable format.
• Objection: object to processing based on legitimate interests or for direct marketing purposes.
• Withdraw consent: where processing is based on consent, withdraw it at any time.

To exercise any of these rights, contact us at privacy@expertly.global. We will respond within 30 days. You also have the right to lodge a complaint with your local supervisory authority (e.g., the UK Information Commissioner's Office at ico.org.uk).

We use cookies and similar technologies to operate and improve the Platform. Cookies are small text files stored on your device. We use:

• Essential cookies: required for the Platform to function (e.g., session authentication). These cannot be disabled.
• Analytics cookies: help us understand how users interact with the Platform (e.g., page views, session duration). We use anonymised analytics where possible.
• Preference cookies: remember your settings and preferences.

You can control non-essential cookies via your browser settings. Disabling certain cookies may affect the functionality of the Platform.

We implement industry-standard technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. These include:

• Encryption of data in transit (TLS) and at rest (AES-256).
• Role-based access controls limiting staff access to personal data.
• Regular security assessments and penetration testing.
• Secure credential management with no plaintext password storage.

While we take reasonable steps to protect your data, no internet transmission is 100% secure. We cannot guarantee absolute security and encourage you to use a strong, unique password and to notify us immediately if you suspect any unauthorised access.

The Platform is not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a person under 18 without parental consent, we will delete that data promptly. If you believe we have collected such data, please contact us at privacy@expertly.global.

We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top of this page and notify you of material changes via email or a prominent notice on the Platform. We encourage you to review this Policy periodically. Your continued use of the Platform after changes are posted constitutes acceptance of the updated Policy.

For any questions, concerns, or requests relating to this Privacy Policy or our data practices, please contact: