Tor encrypts traffic between you and Exit Relay.
After Exit Relay the traffic travels as-is, without any additional security.
So every Exit Relay can (and many of them actually do) view and even modify everything that comes between you and target server. Everything.
Fortunately we have simply answer for that: Always use SSL!
As far as you access your site via https:// not http://
, Exit Node have no access to your data. The only way to decrypt transit SSL traffic is to replace end-point SSL Certificate with the one generated by hacker, but this will cause your browser to throw a warning message about "potentially dangerous connection".