What is Cyclesite and how does it work?

Cyclesite is a UK marketplace for buying and selling used bikes. Sellers photograph the bike's serial number when listing, and we check it against stolen bike databases before it goes live. Buyers browse for free, message sellers, and pay through Stripe with escrow protection. Listing fees start from £10.99.

Is it safe to buy a second-hand bike on Cyclesite?

Yes. The serial number photo that sellers provide when listing does two things: it proves the seller physically has the bike, and it lets us check the serial against stolen bike databases. If the bike comes back as reported stolen, the listing is blocked. Payments go through Stripe with escrow, so your money is held until you confirm you're happy. If something goes wrong, our dispute team can step in. You can also check any bike yourself for free at cyclesite.co.uk/stolen-bikes.

How much does it cost to sell a bike?

Listing fees start from £10.99 for a standard listing. Auction listings may include additional fees. There are no hidden charges, and you can see the full pricing breakdown on our pricing page before you list.

What bikes can I find on Cyclesite?

Everything from road bikes and mountain bikes to electric bikes, gravel bikes, hybrids, kids' bikes, and folding bikes. You'll find popular brands like Specialized, Trek, Giant, Canyon, Cannondale, and Brompton, plus smaller and boutique brands. Listings cover the whole of the UK, with bikes available in London, Manchester, Birmingham, Edinburgh, Bristol, and hundreds of other towns and cities.

How are payments handled?

Secure payments are available through Stripe. When you choose to pay through the platform, your money can be held in escrow until you've confirmed the bike matches the listing. Buyers and sellers can also arrange payment directly if they prefer.

Retailer Privacy Notice

This notice explains what personal data Cyclesite holds on retailer accounts and the individuals associated with them (directors, employees, and contacts), why we hold it, how long we keep it, and who we share it with. It supplements the main Privacy Policy, which applies to every user of the platform.

1. Who This Notice Covers

This notice covers personal data processed about individuals acting on behalf of a business that uses Cyclesite as a retailer. That includes the primary contact who opens the account, additional users given access to the dashboard, and named directors or officers we verify during onboarding.

Personal data on private buyers and private sellers is handled under the main Privacy Policy.

2. Data Controller

TPSTORES LIMITED (trading as Cyclesite) is the data controller for this notice.

Registered office: 128 City Road, London, EC1V 2NX, United Kingdom.

Company Registration: 13238473. Data protection queries: support@cyclesite.co.uk.

3. What We Hold

On a retailer account we hold:

Business identity. Trading name, legal entity name, Companies House number (where applicable), trading address, website.
Contact details. Names, work email addresses and phone numbers of the primary contact and any additional users.
Identity verification. Evidence used to confirm the business is a genuine retailer, which may include a director’s name, date of birth, and a copy of a proof of address, supplied through Stripe Identity.
Payout details. Bank account and payout information held by Stripe Payments UK Ltd through Stripe Connect. Cyclesite does not store full bank details; we receive a Stripe account reference only.
Account activity. Login timestamps, IP addresses, actions taken in the dashboard, and audit logs of listing changes.
Commercial performance. Listings published, views, enquiries, offers, and sales attributed to the account.
Subscription data. Package tier, billing history, and Stripe subscription identifiers.
Integration data. If the retailer enables a feed or API integration, the associated feed URL, API key metadata, and synchronisation logs.
Correspondence. Messages exchanged with Cyclesite support, including any complaints.

4. Why We Hold It (Lawful Bases)

Contract. Operating the retailer account, billing the Package, publishing listings, and paying out sale proceeds.
Legal obligation. Anti-money-laundering, fraud prevention, tax, and record-keeping obligations, and requirements under the UK Online Safety Act 2023 and the Digital Markets, Competition and Consumers Act 2024.
Legitimate interests. Fraud detection, platform safety, service improvement, internal analytics, and the security of the retailer dashboard. Where we rely on legitimate interests, we have assessed that our interests do not override the rights of the individuals concerned.

5. Who We Share It With

Stripe Payments UK Ltd. For payment processing, payout, identity verification and billing.
Companies House and credit-reference sources. For verification of business identity and directorships.
Our hosting and infrastructure providers. Railway, Cloudflare, and sub-processors listed in our Data Processing Agreement.
Email and messaging providers. For transactional email and in-platform messaging.
Law enforcement and regulators. Where we receive a lawful request and must respond.
Professional advisers. Auditors and lawyers under professional confidentiality.

We do not sell retailer personal data. We do not use it for third-party advertising.

6. International Transfers

Some of our sub-processors are based outside the UK. Where data is transferred outside the UK, we rely on the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses, or an adequacy decision, as appropriate. Details are in the Data Processing Agreement.

7. Retention

Active account data is held for as long as the account is active.
After closure, identity verification records are held for 5 years in line with AML retention requirements.
Billing and tax records are held for 6 years in line with HMRC requirements.
Listing activity and audit logs are held for up to 2 years after closure for fraud investigation and dispute resolution.
Marketing and analytics data are held only for as long as needed for the stated purpose, or until the individual objects.

8. Your Rights

Individuals whose personal data is held on a retailer account have the rights set out in UK GDPR: access, rectification, erasure, restriction, objection, portability, and the right to withdraw consent where we rely on it. To exercise any of these rights, use the GDPR Request route, or email support@cyclesite.co.uk. We respond within one calendar month, extendable to three months for complex requests.

You also have the right to complain to the UK Information Commissioner’s Office (ICO) at ico.org.uk. We would rather hear from you first.

9. Changes to this Notice

We may update this notice. Material changes will be reflected in the “Last updated” date at the bottom of this page and, where appropriate, notified by email to the primary contact on the account.

10. Contact

TPSTORES LIMITED (trading as Cyclesite)

Email: support@cyclesite.co.uk

Was this page helpful?

Retailer Privacy Notice