Privacy policy

Thank you for visiting our website. This privacy policy also applies to our other services and online presences, such as our social media presences. Below, we inform you in detail about the type, scope and purpose of the personal data we collect, use and process and inform you about your rights as a data subject.

We reserve the right to change the privacy policy at any time with effect for the future. When you visit our website again, the updated and published privacy policy will apply. The current version of the privacy policy can be accessed, saved and printed out on our website at any time.

With regard to the terms used (e.g. personal data, person responsible), we refer to the definitions of the General Data Protection Regulation (GDPR).

I. Name and address of the controller

The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the Member States as well as other data protection provisions is:

BidX GmbH
Gräfenhäuser Straße 85B
64293 Darmstadt
E-Mail: privacy@bidx.io
Phone: +49 6151 1524060

II. Name and address of the data protection officer

The data protection officer of the controller is:

IITR Datenschutz GmbH

Dr. Sebastian Kraska
Marienplatz 2
80331 München
E-Mail: email@iitr.de
Phone: +49 89 18917360

III. General information on data processing

Scope of processing

As a matter of principle, we collect and use personal data only insofar as this is necessary for the provision of a functional website and our content and services, you have given your consent or the processing of the data is permitted by a statutory regulation.

The basis for the processing of personal data

Insofar as we obtain your consent for the processing of personal data, Art. 6 (1) sentence 1 lit. a GDPR serves as the basis for the processing of personal data.

When processing personal data that is necessary for the performance of a contract to which you are a party, Article 6 (1) sentence 1 lit. b GDPR serves as the basis. This also applies to processing operations that are necessary for the implementation of pre-contractual measures.

Insofar as the processing of personal data is necessary for the fulfilment of a legal obligation to which our company is subject, Art. 6 (1) sentence 1 lit. c GDPR serves as the basis.

If the processing is necessary to protect a legitimate interest of our company or a third party and your interests, basic rights and fundamental freedoms do not outweigh the first-mentioned interest, Art. 6 (1) sentence 1 lit. f GDPR serves as the basis for the processing.

Legitimate interests in the processing

If the processing of your personal data is based on Art. 6 (1) sentence 1 lit. f GDPR, our legitimate interest, unless otherwise stated, is the performance of our business activities. In addition, we have indicated our purposes and interests in the context of the above list of processing in each case.

Data deletion and storage period

Your personal data will be erased or made unavailable as soon as the purpose of the storage no longer applies or you withdraw your consent. In addition, storage may take place if this has been provided for by the European or national legislator in union regulations, laws or other provisions to which the controller is subject. If the purpose of storage ceases to apply, if you withdraw your consent or if a storage period prescribed by the European Directive and Regulation Maker or another competent legislator expires, the personal data will be routinely made unavailable or deleted in accordance with the statutory provisions, unless there is a necessity for further storage of the data for the conclusion or performance of a contract.

Recipients of the collected data / data transmission

The recipients of the data collected via our website are primarily us as the responsible company. In addition, processors (web hoster, IT service provider, etc.) may have access to the data collected via our website. In this respect, however, compliance with the legal regulations is guaranteed by a data processing agreement that we conclude with our processors based in the EU. Data is only transferred to so-called third countries outside the EU if and insofar as this has been pointed out below.

Data transfer and processing to third countries

We only transfer data to a third country, i.e. a country outside the European Union (EU) and the European Economic Area (EEA), or have data processed via the use of third-party services in a third country, if this is a third country with a recognized level of data protection, we have concluded a so-called standard contractual clause or there are certifications or binding corporate rules.

Necessity of the disclosure of personal data

You can visit our website without personal data being collected. However, if you wish to make use of our services, the provision of personal data is mandatory contract execution

Existence of automated decision making

We do not carry out automatic decision-making or profiling within the meaning of Art. 22 GDPR.

Data security

We secure our website and other systems through comprehensive technical and organizational measures against loss, destruction, access, modification or distribution of your data by unauthorized persons. These measures are subject to constant review and improvement in order to ensure state-of-the-art technology.

IV. Data processing when using our website and making use of our services

Hosting via Amazon Web Services

We host our website on servers operated by Amazon Web Services Inc, 410 Terry Avenue North Seattle WA 981009, USA ("AWS").

Through AWS, we provide a technical infrastructure to offer our products and services to customers, prospects and business partners.

When you use our website, your (anonymized) IP and the duration of your visit to our website are transmitted to AWS.

AWS also automatically stores access data in so-called server log files each time you call up our website. This includes date and time of access, browser used and its version, IP address, referrer URL (URL you visited immediately before).

The temporary storage of the IP address by the system is necessary to enable delivery of the website to your terminal device. For this purpose, your IP address must remain stored for the duration of the session. We only use servers located in the EU, so your data is only hosted and processed within the EU.

The basis for the temporary storage of your data and the log files is our legitimate interest Art. 6 (1) sentence 1 lit. f GDPR.

The aforementioned data is evaluated exclusively to ensure the permanent and trouble-free operation of our website and the security of our information technology systems. For this purpose, the above-mentioned data is stored for a maximum of 7 days.

The collection of data for the provision of the website and the storage of the data in log files is mandatory for the operation of our website. Therefore, there is no possibility to object.

Further information on data protection can be found in the privacy policy of AWS https://aws.amazon.com/de/compliance/data-privacy/.

Use of Cookies

In order to make visiting our website more attractive and to enable the use of certain functions, we use so-called "cookies" on our website. These are small text files that are stored on your end device via a browser.

Many cookies contain a so-called cookie ID. It consists of a string of characters by which websites and servers can be assigned to a specific browser in which the respective cookie was stored.

We set the following cookies:

Name of the cookie	Function of the cookie	Data collected	Storage period	Technically necessary cookie
Hubspot:_hssc	Statistics	This cookie tracks sessions. It is used to determine if the Hubspot software needs to increase the session count and timestamps in the_hstc cookie. It contains the domain, the number of page views (viewCount), increases with each page view [pageView] in a session) and the session start timestamp	30 minutes	No
Hubspot:__hssrc	Statistics	Whenever the HubSpot software changes the session cookie, this cookie is also set. This determines whether the visitor has restarted the browser. If this cookieis not present when HubSpot manages cookies, it is considered a new session. It contains the value "1" if present.	End of the session	No
Hubspot: __hstc	Statistics	The main cookie for visitor tracking. It contains the domain, the user token (utk), the first timestamp (of the first visit), the last timestamp (of the last visit), the current timestamp (for this visit), and the session count (increases with each subsequent session).	13 months	No
Hubspot: Hubspotutk	Statistics	This cookie tracks the identity of a visitor. This cookie is passed to HubSpot software when a form is submitted and is used when de-duplicating contacts. It contains an opaque GUID to represent the current visitor.	13 months	No
Hubspot: __cf_bm		Defense against bot attacks.	30 minutes	Yes
Hubspot: messagesUtk		This cookie is used to recognize visitors who chat with you via the Chatflows tool. If visitors leave your website before they have been added as a contact, this cookie remains associated with their browser.		Yes
Facebook: _fbp	Statistics	Used by Facebook to create a series of Display advertising products, for example, real-time bids from third-party advertisers.	3 months	No
Google Analytics: _gat_gtag_UA_<id>	Statistics	Server request management from Google Analytics	1 hour	No
Google Analytics: _gat_UA-<id>	Statistics	Contains information about the user's marketing campaigns. These are shared with Google AdWords / Google Ads when the Google Ads and Google Analytics accounts are linked together.	1 minute	No
Google Analytics: _gat	Statistics	Server request management from Google Analytics	1 day	No
Google Analytics: _ga	Statistics	Registers a unique ID that is used to generate statistical data about how the visitor uses the website	2 years	No
Google Analytics: _gid	Statistics	Counting website visits	1 day	No
Google Analytics: _gcl_au	Marketing	ID for Google Adsense	3 months	No
HotJar _hjAbsoluteSessionInProgress	Statistics	This cookie is used to recognize the first page view session of a user.	30 minutes	No
HotJar _hjFirstSeen	Statistics	This is set to identify the first session of a new user. It stores a truth value indicating whether Hotjar has seen this user for the first time. It is used by record filters to identify new user sessions.	30 minutes	No
HotJar _hjid	Statistics	Identification of the user for Hotjar.	1 year	No
HotJar _hjIncludedInPageviewSample	Statistics	Request management from Hotjar.	30 minutes	No
cookieconsent_status		Saves whether cookies were accepted	1 year	Yes
laravel_session		Recognition of the user during login to our application.	2 hours	Yes
XSRF-TOKEN		Communication with other websites	2 hours	Yes

Technically necessary cookies are required to operate our website. In addition, there are also cookies that analyze user behavior so that we can constantly improve our website

The purpose of using technically necessary cookies is to enable you to use our website (e.g. your log-in data is stored). Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that your browser is recognized even after a page change. If technically necessary cookies are deactivated, the functionality of our website may be limited.

The basis for the processing of personal data using necessary cookies is Art. 6 (1) sentence 1 lit. f GDPR. The basis for the processing of personal data using cookies, which are not necessary for the operation of our website, is Art. 6 (1) sentence 1 lit. a GDPR in the presence of your consent in this regard.

When you access our website, you will be informed about the use of cookies. You can declare your consent to the processing of personal data used in this context within the framework of the so-called cookie banner. In this context, there is also a reference to this privacy policy. You can withdraw your consent at any time with effect for the future.

To analyze your surfing behavior (so-called tracking), the third-party services we integrate also use cookies (so-called third-party cookies). Please refer to the websites of the respective providers for information on the respective mode of operation and data processing. The third-party services used by us can be found in this privacy policy.

Cookies are stored on your terminal device and transmitted to our website. You therefore have control over the use of cookies. You can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or exclude the acceptance of cookies for certain cases or in general or set it so that the setting of cookies is prevented and thus permanently object to the setting of cookies. In addition, you can delete cookies that have already been set at any time via your browser. A comprehensive objection to online marketing cookies can also be declared via http://www.youronlinechoices.com/, among other places. This also applies to all third-party cookies listed below.

Data collection and use during registration and use of our services/utilization of our services

You have the option to register on our website. When you create an account or register, you must provide certain mandatory information to access and manage your account ("mandatory information"). Mandatory information within the scope of registration is marked with an asterisk and are required for the conclusion of the user agreement. Which data is collected can be seen from the respective input form. In the context of registration these are: Your e-mail address. In addition, you must create a password. If you do not provide this data, you will not be able to create an account.

If you sign up for a paid subscription, we also need your name, (company) address, VAT ID and company name. If you want to use our services by linking your Amazon account to our service, we also collect your Amazon ID.

We use the information you provide to authenticate you when you log in and to follow up on password reset requests, to verify your eligibility to manage the account, to enforce the Website Terms of Use and all related rights and obligations, and to contact you to send you technical or legal notices, updates, security alerts, or other messages, such as those related to the management of the account.

We also use your information to bill you for our services. Accordingly, we use the data you provide only to process the contract and provide our services to you under the contract. We may also pass on your data to one or more processors (e.g. payment service providers), who will also use your data exclusively for internal use on our behalf.

The basis for the processing of your data is the performance of our contract with you according to Art. 6 (1) sentence 1 lit. b GDPR .

We also store your IP address and the date and time of registration to prevent misuse of our website and the services offered on it and to clarify any criminal offences that may have been committed. The storage of this data is therefore necessary for our own protection. The basis for this processing of personal data is Art. 6 (1) sentence 1 lit. f GDPR. In the aforementioned purposes also lies our legitimate interest in the data processing.

After complete processing of the contract or deletion of your account, your data will initially be made unavailable for further use and deleted after expiry of the statutory retention periods, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you below.

You have the option to object to the processing at any time and to delete your account. In such a case, the contractual relationship with you cannot be continued.

Order via Amazon

You also have the option to order our services via Amazon.co.uk, a service of Amazon Europe Core SARL, Société à, responsabilité limitée, 38 avenue John F. Kennedy, L-1855 Luxembourg ("Amazon").

In this case, we process your data as described in the section "Data collection and use when registering and using our services/using our services".

The Privacy Policy https://www.amazon.de/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=201909010 and the Terms of Use https://www.amazon.de/gp/help/customer/display.html/ref=hp_left_v4_sib?ie=UTF8&nodeId=GLSBYFE9MGKKQXXM of Amazon apply in addition.

Login via Google Single Sign-On

You can also sign up for our services via Google Single Sign-On. Google Single Sign-On is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). If you use Google Single Sign-On, there is no need for additional registration.

You can only use Google Single Sign-On if you have set up an user account at Google. During registration, you enter the existing login details for your Google user account or, if you are already logged in, confirm the sign up with a click.

By signing up, your profile on Google and our services will be linked. The link will result in authentication in the course of which we will automatically receive a user ID from Google that confirms that you are logged in to Google. We will also receive your email address and username and, depending on your Google settings, other information such as profile pictures.

The authentication information is required to register and identify you. The legal basis for the processing of your personal data is therefore the fulfillment of our contract with you Art. 6 para. 1 sentence 1 lit. b GDPR. In addition, we process your data based on our and your interest in a fast and secure registration process Art. 6 para. 1 sentence 1 lit. f GDPR.

You can delete the link between Google Single Sign-On and our service at any time in your Google account. In this case, you will need another sign-in method to continue using our services. You must set up the alternative sign-in method in your account before deleting the link to Google Single Sign-On, otherwise we will no longer be able to assign you to your account.

For more information about Google Single Sign-On, please refer to Google's privacy policy at https://policies.google.com/privacy.

In all other respects, the same provisions on withdrawal and deletion periods apply as for registration via our website, as explained above under “Data collection and use when registering and using our services/using our services”.

Use of Facebook Remarketing

We use a "Custom Audience" remarketing function on our website provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland ("Facebook").

To implement the "Custom Audience" functions, we have implemented Facebook's remarketing pixel on our website. This pixel establishes a direct connection to the Facebook servers when you visit our website. This transmits to the Facebook server which sub-page of our website you have visited. Facebook assigns this information to your personal Facebook user account.

This feature allows us to target you with advertising by displaying personalized, interest-based Facebook ads when you visit the social network Facebook (accessible at www.facebook.com). The purpose of remarketing is to be able to show you targeted products in advertisements that are of interest to you.

We are jointly responsible with Facebook for collecting or receiving data that Facebook collects through the Pixel. We are also jointly responsible for submitting data to display content and advertising information that matches your presumed interests, to deliver commercial and transactional messages, and to improve ad delivery and personalization of features and content.

For this purpose, we have reached the following agreement with Facebook on joint cooperation as responsible parties: https://www.facebook.com/legal/controller_addendum.

Since Facebook has agreed to fulfill your data subject rights, you can contact Facebook directly for inquiries and information.

In all other instances, Facebook will only act as our processor.

The basis for the processing of personal data is Art. 6 (1) sentence 1 lit. a GDPR if you have given your consent.

You can give your consent via our cookie banner and withdraw it in the settings at any time with effect for the future.

For more information on the collection and use of data by Facebook, your rights in this regard and options for protecting your privacy, please refer to Facebook's privacy policy at https://www.facebook.com/about/privacy/. If you do not want Facebook to assign the collected information directly to your Facebook user account, you can deactivate the remarketing function "Custom Audience" here https://www.facebook.com/settings/?tab=fcebokads#_=_. To do this, you must be logged in to Facebook.

LinkedIn Insight-Tag

We use the conversion tracking technology and the retargeting function of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn") on our website.

The LinkedIn Insight Tag is integrated on our website, and a cookie is also set on your end device by LinkedIn. This informs LinkedIn that you have visited our website. In this process, your IP address, the time of the call of the respective subpage and so-called events, such as page views, are collected. This allows us to recognize via which LinkedIn display or interaction on LinkedIn you came to our website. With the help of this data, we can statistically evaluate the use of our website and continuously optimize our website and better play our advertising.

LinkedIn assigns the named data to your personal LinkedIn user account. If you are logged in to LinkedIn, you can deactivate the data collection at any time using the following link: https://www.linkedin.com/psettings/enhanced-advertising.

For more information on data protection, please refer to LinkedIn's privacy policy https://de.linkedin.com/legal/privacy-policy.

Google Tag Manager

We use the Google Tag Manager, of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"), a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Tag Manager aggregates most tracking pixels and scripts to help you, the user, load our website faster. The Google Tag Manager is a solution with which we can manage so-called website tags via an interface and thus integrate, for example, Google Analytics and other Google marketing services into our online offer. Which data is processed within the scope of the other Google services can be found in the information in this privacy policy. Google only learns your IP address, which is necessary to run the Google Tag Manager. However, no personal data of yours will be processed.

For more information on the Google Tag Manager, please refer to the Terms of Use of the Tag Manager https://www.google.com/intl/de/tagmanager/use-policy.html.

Google Analytics

We used Google Analytics on our website, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"), a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses methods that enable an analysis of your use of the website, in particular from which internet page you came to our website (so-called referrer), which sub-page you access or how often and for how long you view a sub-page. Google Analytics uses cookies for this purpose. Each time you call up a page of our website on which Google Analytics has been integrated, your browser on your end device is automatically caused to transmit data to Google Analytics for the purpose of analysis.

By activating IP anonymization on our website, the IP address is shortened before transmission within the Member States of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The anonymized IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.

Google will use this information on our behalf for the purpose of evaluating your use of our website and that of our other users, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage.

The basis for the processing of personal data in the presence of your consent in this regard is Art. 6 (1) sentence 1 lit. a GDPR.

You can give your consent via our cookie banner and revoke it in the settings at any time with effect for the future.

The terms of use and privacy policy of Google and Google Analytics can be found here https://policies.google.com/privacy and here http://www.google.com/analytics/terms/de.html.

Google Ads with Remarketing Pixel

We used Google Ads on our website, an online service that enables the placement of advertisements on third-party sites, which is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"), a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Ads is based on an algorithm that selects the advertisements displayed on our website to match our content. Google Ads allows an interest-based targeting of all visitors, which is done by creating individual user profiles. Google uses cookies for this purpose. By each individual call of a page of our website on which a component of Google Ads has been integrated, your browser on your end device is automatically caused to transmit data to Google Ads for the purpose of online advertising and the settlement of commissions. In this way, Google obtains knowledge of personal data that Google uses to determine the type of advertising to be played and to be able to track the clicks on this advertising. Among other things, Google can recognize that you have clicked on the advertising on this website.

Google also uses tracking pixels, a miniature graphic that is embedded in websites, to enable log file recording and log file analysis, whereby a statistical evaluation can be performed. Based on the embedded tracking pixel, Google can see if and when a website was opened and which links were clicked. We only learn the total number of users who clicked on our ad and were redirected to a page tagged with a conversion tracking tag. However, we do not receive any information with which users can be personally identified.

The basis for the processing of personal data is Art. 6 (1) sentence 1 lit. a GDPR if you have given your consent in this regard.

You can give your consent via our cookie banner and revoke it in the settings at any time with effect for the future.

For more information on data protection, please refer to the privacy policy of Google https://policies.google.com/privacy.

Indeed Conversion Tracking

We use Indeed conversion tracking on our website, a service provided by Indeed Ireland Operations Limited at 124 St. Stephen's Green, Dublin 2, Ireland ("Indeed").

For conversion tracking, a cookie is set on your terminal device when you click on a job ad placed by us at https://de.indeed.com/. The cookie is used to send information to Indeed when you complete your application. Via the cookie, information is transmitted to the conversion tracker when the application is completed, which counts the number of applications received. The information obtained using the conversion cookie is used to create conversion statistics for us. We learn the total number of users who clicked on our ad and completed an application. However, we do not receive any information that can be used to personally identify users.

The basis for the processing of personal data is Art. 6 (1) sentence 1 lit. a GDPR if you have given your consent in this regard.

You can give your consent via our cookie banner and revoke it in the settings at any time with effect for the future.

The cookies set lose their validity after 30 days and are not used for personal identification.

Further information on data protection can be found in the privacy policy of Indeed https://hrtechprivacy.com/de/brands/about-indeed#privacypolicy.

Hotjar

We used the analytics and user feedback collection service Hotjar, of Hotjar Ltd, Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian's STJ 3141, Malta ("Hotjar") on our website.

With the help of Hotjar, we can better understand your user behavior and get your feedback through tools such as heatmaps, session recordings, and surveys. To do this, Hotjar collects your usage data (e.g. web pages visited, interest in content, access times) and meta/communication data (e.g. device information, IP addresses). Hotjar uses cookies for this purpose. Each time you call up a page of our website on which Hotjar has been integrated, your browser on your terminal device is automatically caused to transmit data to Hotjar for the purpose of analysis.

Hotjar will use this information on our behalf to evaluate the use of our website by you and our other users, for reach measurement (e.g. access statistics, recognition of returning visitors), for tracking (e.g. interest/behavior-based profiling, use of cookies), for visit action evaluation, profiling, click tracking, for A/B testing, to collect feedback e.g. via online form, to create heat maps and to create surveys and questionnaires. This data is stored by Hotjar in a pseudonymized user profile.

The basis for the processing of personal data is Art. 6 (1) sentence 1 lit. a GDPR if you have given your consent in this regard.

You can give your consent via our cookie banner and revoke it in the settings at any time with effect for the future.

Please note that the deactivation of Hotjar must be done separately for each browser or end device.

The data will be deleted by Hotjar after one year at the latest.

Further information on data protection can be found in the privacy policy of Hotjar https://www.hotjar.com/legal/policies/privacy/.

LeadRebel

We analyze the data of visitors to our website and pass on the data obtained in the course of this IP research to leadREBEL, a service of Pulserio AG, Schellenrainstrasse 13, 6210 Sursee, Switzerland ("leadREBEL").

In this context, we process your contact data for lead generation.

The basis for the processing of personal data is Art. 6 (1) sentence 1 lit. a GDPR if you have given your consent in this regard.

Otherwise, the data is processed on the basis of our legitimate interest Art. (1) sentence 1 lit. f GDPR. Our legitimate interest here is lead generation through analysis of the data obtained with the help of the IP search.

Via the following link, leadREBEL offers you an opt-out option: https://leadrebel.io/optout. In the event of an opt-out, your data will no longer be collected by leadREBEL.

For further information on data protection, please refer to leadREBEL's privacy policy https://leadrebel.io/de/privacy.

Expandi

We use the Expandi tool, which is operated by ProfitSoft B.V., Meerenakkerplein 51, Eindhoven, 5652BJ, the Netherlands ("Expandi.io"), to automate our lead generation via the LinkedIn.com platform.

Through Expandi.io, we can automate lead generation processes on LinkedIn.com. In this course, we process the data published by you on the LinkedIn platform as well as the data exchanged by you within the communication with us.

The basis for the processing of personal data is our legitimate interest Art. 6 (1) sentence 1 lit. GDPR. Our legitimate interest is the expansion of our business model and the generation of new business contacts.

For further information on data protection, please refer to Expandi.io's privacy policy https://expandi.io/privacy-notice/.

HubSpot

We use Hubspot on our websites, a service of Hubspot Inc, a software company from the USA with a European branch under HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland ("Hubspot").

We use HubSpot to contact users of our website and to determine which of our company's services are of interest to you. We therefore use HubSpot for analysis purposes as well as for marketing purposes.

The basis for the processing of personal data is Art. 6 (1) sentence 1 lit. a GDPR if you have given your consent.

You can give your consent via our cookie banner and withdraw it in the settings at any time with effect for the future.

For more information, please see Hubspot's privacy policy https://legal.hubspot.com/de/privacy-policy.

Aircall

We use the service of the provider Aircall SAS, 11 Rue Saint-Georges 75009 Paris, France, (“Aircall”) for an efficient and fast handling of service requests.

Aircall is a telephone system for processing customer requests. Through Aircall, we process your customer data stored with us, as well as the data of your call, such as call time and number at which you contact us, as well as the data you provide to us during your call. We use the personal data you provide exclusively for processing your specific request.

The basis for processing the data is Art. 6 (1) sentence 1 lit. f GDPR. If the purpose of contacting you is to conclude a contract, the additional basis for processing is Art. 6 (1) sentence 1 lit. b GDPR.

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. This is the case when the respective conversation with you has ended. The conversation is ended when the circumstances indicate that the matter in question has been conclusively clarified. If you are a customer of ours, we will store your data during the entire contractual relationship with you until the expiry of any claim periods.

If you contact us, you can object to the storage of your personal data at any time. In such a case, the conversation cannot be continued.

Further information can be found in the privacy policy of Aircall https://aircall.io/privacy/.

ClickUp

We use for internal organization and structuring the CRM management tool ClickUp, of Mango Technologies Inc, 363 Fifth Ave. Suite 300, San Diego, CA 92101 ("ClickUp").

As part of ClickUp, we process your contact and master data, as well as data relating to your orders and the contractual relationship with you, as well as data relating to communication with us.

The basis for the processing of your data is the fulfillment of our contract with you pursuant to Art. 6 (1) sentence 1 lit. b GDPR. Otherwise, the basis for the processing of the data is Art. 6 (1) sentence 1 lit. f GDPR. Our legitimate interest lies in the effective processing of our contract with you.

Further information on data protection can be found in the privacy policy of ClickUp https://clickup.com/privacy.

Social Media

In addition to this website, we also maintain presences in various social networks. If you visit such a presence, personal data may be transmitted to the provider of the social network. It is possible that in addition to the storage of the specific data entered by you in this social network, further information will also be processed by the provider of the social network. For example, your data will usually be processed for market research and advertising purposes, including to create corresponding usage profiles and to display personalized advertising to you. For this purpose, the provider of the social network usually stores cookies on your terminal device in which your usage behaviour and interests are saved. In addition, the provider of the social network may process the most important data of the computer system from which you visit it - for example, your IP address, the processor type and browser version used, including plugins.

If you are logged in with your personal user account of the respective network while visiting such a network, this network can assign the visit to your account. If you do not wish such an assignment, you must log out of your account and delete the cookies before visiting our social media presence.

The basis for the processing of personal data is Art. 6 (1) sentence 1 lit. f GDPR. If you have given your consent to the processing to the respective provider of the social network, the basis for the processing of your data is Art. 6 (1) sentence 1 lit. a GDPR

We maintain presences in the respective social networks to be able to communicate with you there and to inform you about our services. These purposes are also our legitimate interest in processing the personal data in accordance with Art. 6 (1) sentence 1 lit. f GDPR.

For further information on the purpose and scope of data collection as well as on the further processing and use of your data and the possibility of opting out, please refer to the data protection provisions of the respective network:

Facebook

Facebook is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. We have concluded a data sharing agreement with Facebook in accordance with Art. 26 GDPR. We are jointly responsible with Facebook for collecting the data of visitors to our Facebook page (so-called "fan page"). However, Facebook is the sole controller for processing data. Further information on joint data processing can be found in Facebook's terms and conditions under "Things you and others do and provide" in Facebook's privacy policy.

Opt-Out: https://www.facebook.com/settings?tab=ads

Instagram

Instagram is operated by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA.

X is operated by X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.

Opt-Out: https://twitter.com/personalization

Google / YouTube

Google and Youtube are operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"), a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Opt-Out: https://adssettings.google.com/authenticated

LinkedIn

LinkedIn is operated by LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland.

Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

Integration of Youtube

We embed videos from the social network youtube.com on our website, which is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"), a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

When you visit our website, a direct connection to the YouTube servers is established via your browser. Your browser is automatically prompted by the respective video embedded on our website to download a representation of the corresponding component from YouTube. As part of this technical process, YouTube receives information about which specific sub-page of our website you are visiting.

If you use the videos, the corresponding information - e.g. pressing the play button - is transmitted from your browser to YouTube, possibly linked to your user account and stored.

The basis for the use of your data is Art. 6 (1) sentence 1 lit. f GDPR.

Our legitimate interest in data processing pursuant to Art. 6 (1) sentence 1 lit. f GDPR lies in the optimization and economic operation of our website.

If you are logged in with your personal Google account while visiting our website, YouTube can associate your visit and the specific sub-pages of our website you visit with your account.

If you do not have a Google account, there is still a possibility that YouTube will store your IP address.

If you do not wish such processing, you must log out of your Google account and delete your cookies before visiting our website.

You can object to the use of your data by Google at any time by clicking on the following link: https://adssettings.google.com/authenticated

For further information on data protection, please refer to YouTube's privacy policy https://policies.google.com/privacy.

E-Mail

Due to legal regulations, we provide information on our website that enables a quick electronic contact to us as well as direct communication with us. This includes, in particular, our e-mail address. If you contact us by e-mail, the personal data you send us will be stored automatically.

The basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 (1) sentence 1 lit. f GDPR. If the purpose of the contact is to conclude a contract, the additional the basis for the processing is Art. 6 (1) sentence 1 lit. b GDPR.

However, we use the personal data you provide exclusively for processing your specific enquiry. The data provided will always be treated confidentially.

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For personal data sent by e-mail, this is the case when the respective conversation with you has ended. The conversation is ended when the circumstances indicate that the matter in question has been conclusively clarified. If you are a customer of ours, we will store your data throughout the contractual relationship with you until the expiry of any claim periods.

If you contact us, you can object to the storage of your personal data at any time. In such a case, the conversation cannot be continued.

Payment service provider

We use the payment service providers PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg ("PayPal") and Stripe Payments Europe Ltd, Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Ireland ("Stripe") to process payments.

You transmit to the respective payment service provider via the input form your inventory data, such as first name, last name, address, date of birth, e-mail address, IP address, telephone number, cell phone number, as well as your bank data, insofar as they are necessary for payment processing, such as account numbers, credit card numbers, passwords, TANs, verification numbers, validity date and CVC code. In order to process the payment, data related to your respective order, such as prices and tax charges or information on previous ordering behavior, will also be transmitted to the respective payment service provider.

The transmission of the data is solely for the purpose of processing the payment. The basis for the transmission of data to the respective payment service provider is therefore Art. (1) sentence 1 lit. b GDPR, insofar as the payment serves to fulfill a contract. Furthermore, we use external payment service providers on the basis of our legitimate interests pursuant to Art. 6 (1) sentence 1 lit. f. GDPR in order to offer you effective and secure payment options. If you already have a separate contractual relationship with the payment service provider, the payment service provider acts as the responsible party and not as our processor.

We do not receive access to the data entered, these are processed and stored exclusively by the payment service provider. We only receive information about whether the payment was successful or not. The payment service providers may transmit your data to credit agencies for identity and credit checks as well as for fraud prevention.

The terms and conditions of the respective payment service provider apply to payment transactions. For further information on data protection, please refer to the respective privacy policy of PayPal https://www.paypal.com/de/webapps/mpp/ua/privacy-full and Stripe https://stripe.com/de/privacy#translation.

Billing via FastBill

We use FastBill GmbH, Wildunger Str. 6, 60487 Frankfurt am Main ("FastBill"), to bill our services.

For the billing of our services, we collect your name and billing data such as address, amount and term as well as a transaction number. Based on this data, our services are billed via FastBill.

The basis is Art. 6 (1) sentence 1 lit. b. GDPR, insofar as the payment serves to fulfill a contract. Furthermore, we use external payment service providers on the basis of our legitimate interests pursuant to Art. 6 (1) sentence 1 lit. f. GDPR in order to offer you effective and secure billing for our services.

Your data will be stored by us until the expiry of statutory retention periods and then deleted.

For more information on data protection, please refer to Fastbill's privacy policy https://www.fastbill.com/datenschutz.

Internal organization

For our internal organization and provision of our services, in particular for our communication and for the storage of files and documents, we use the following services

Google Drive, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"), a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, ("Google"),

Slack Messenger, a service of Slack Technologies Limited, One Park Place, Upper Hatch Street, Dublin 2, Ireland, ("Slack"),

Confluence, Jira and Trello, services of Atlassian, Level 6, 341 George Street, Sydney, NSW. 2000, Australia ("Atlassian").

In the course of using the aforementioned services, your personal data may be processed and stored on the servers of the aforementioned providers. This includes, in particular, your master data and contact data, data relating to internal processes, data relating to our contract with you, data relating to our communication with you and other internal processes.

The basis for the processing of your data is the fulfillment of our contract with you Art. 6 (1) sentence 1 lit. b GDPR. The basis is also our legitimate interest in the internal administration and provision of our services to you Art. 6 (1) sentence 1 lit. f GDPR.

The providers may also process your data and the collected metadata for their own security purposes, for service optimization or for marketing purposes.

You can find further information in the privacy policy

of Google www.google.com/policies/privacy/,

of Slack https://slack.com/intl/de-de/trust/privacy/privacy-policy and

from Atlassian https://www.atlassian.com/de/legal/privacy-policy.

Application process / Recruitment with Personio

You have the option of applying to us by mail, e-mail or via our online form.

We can only carry out the application process if you provide us with the necessary applicant data. The necessary applicant data is either marked or results from the respective job description. The necessary applicant data basically includes personal details, postal and contact addresses as well as the documents belonging to the application, such as cover letter, curriculum vitae and certificates. You may also voluntarily provide us with additional information.

By submitting your application to us, you consent to the processing of your data for the purposes of the application process.

The basis for the processing of personal data is the fulfillment of our (pre)contractual obligations in the context of the application process within the meaning of Art. 6 (1) sentence 1 lit. b. GDPR. Furthermore, the basis is our legitimate interest Art. 6 (1) lit. f. GDPR insofar as the data processing becomes necessary for us, e.g. in the context of legal proceedings. If you voluntarily provide us with special categories of personal data within the meaning of Art. 9 (1) GDPR as part of the application process (e.g. health data, severely disabled status or ethnic origin), the basis for processing is Art. 9 (2) lit. GDPR. If we request special categories of personal data from you within the meaning of Art. 9 (1) GDPR as part of the application process (e.g. health data), the basis for processing is Art. 9 (2) a GDPR.

If you send us applications by e-mail, we would like to expressly point out that e-mails are generally not sent encrypted and ask you to encrypt your e-mails yourself. Otherwise, we recommend that you use an online form or send your application by post.

We use the software of Personio GmbH, Rundfunkplatz 4, 80335 Munich ("Personio") to transmit applications via our online form. If you send us your application via our online form, we collect the above-mentioned data.

For further information on data protection, please refer to the Personio privacy policy https://www.personio.de/datenschutzerklaerung/.

The data provided by you as part of the application process may, in the event of a successful application, be further processed by us for the purposes of the employment relationship.

If your application is not successful, your data will be deleted after six months so that we can answer any follow-up questions about the application and meet our obligations to provide evidence under the Equal Treatment Act. Your data will also be deleted if you withdraw your application. Invoices for any reimbursement of travel expenses will be archived in accordance with tax law requirements.

V. Data subjetcs‘ rights

If your personal data are processed, you have the following rights as a data subject within the meaning of the GDPR:

Right of access (Art. 15 GDPR)

You have the right to request confirmation as to whether we are processing data relating to you. You also have the right to obtain from us, at any time and free of charge, information about the personal data stored about you and a copy of this data in accordance with the legal requirements.

Right to rectification (Art. 16 GDPR)

You have the right to request the immediate rectification and/or completion of inaccurate or incomplete personal data concerning you. We shall carry out the correction without delay.

Right to restriction of processing (Art. 18 GDPR)

You have the right to demand that we restrict processing if one of the legal requirements is met.

Right to erasure (Art. 17 GDPR)

You have the right to request that we delete the personal data concerning you without delay, provided that one of the legal grounds applies and insofar as the processing is not necessary.

Right to information

If you have asserted the right to rectification, erasure or restriction of processing against us, we are obliged to notify all recipients to whom the personal data relating to you has been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.

You have the right to be informed about these recipients.

Right to data portability (Art. 20 GDPR)

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, common and machine-readable format in accordance with the legal requirements. You also have the right to transfer this data to another data controller without hindrance from us in accordance with the legal requirements. You also have the right, in accordance with the law, to have the personal data transferred directly from us to another data controller, insofar as this is technically feasible and insofar as this does not affect the rights and freedoms of other persons.

Right to object (Art. 21 GDPR)

You have the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data relating to you which is carried out on the basis of Article 6 (1) sentence 1 lit. e or f GDPR. This also applies to profiling based on these provisions.

We will no longer process the personal data in the event of objection, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If we process your personal data for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such marketing. This also applies to profiling, insofar as it is connected with such direct marketing. If you object to us processing your personal data for direct marketing purposes, we will no longer process your personal data for these purposes.

You can contact us at any time to exercise your right to object.

Right of withdrawal in case of consent

You have the right to withdraw your consent to the processing of personal data at any time. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the withdrawal.

Right to automated decisions in individual cases including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, provided that the decision is

is not necessary for the conclusion or performance of a contract between you and us, or
is permitted under Union or Member State legislation to which we are subject and that legislation contains appropriate measures to safeguard your rights and freedoms and your legitimate interests; or
is done with your express consent.

Is the decision

necessary for the conclusion or performance of a contract between you and us or
it is done with your express consent,

we take reasonable steps to safeguard your rights and freedoms and your legitimate interests, including at least the right to obtain the intervention of a person on our part, to express our own point of view and to contest the decision.

Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR.

STAND: October 2023

Introduction

Last modified: January 11, 2022

We respect your privacy and are committed to protecting it through our compliance with this policy.

This policy describes the types of information we may collect from you or that you may provide when you visit the website available at www.bidx-tool.com (our "Website") and our practices for collecting, using, maintaining, protecting, and disclosing that information.

This policy applies to information we collect:

On this Website.
In email, text, and other electronic messages between you and this Website.
When you interact with our advertising and applications on third-party websites and services, if those applications or advertising include links to this policy.

It does not apply to information collected by:

Us offline or through any other means, including on any other website operated by Company or any third party (including our affiliates and subsidiaries); or
Any third party (including our affiliates and subsidiaries), including through any application or content (including advertising) that may link to or be accessible from or on the Website.

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Website. By accessing or using this Website, you agree to this privacy policy. This policy may change from time to time (see Changes to Our Privacy Policy). Your continued use of this Website after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

Changes to Our Privacy Policy

It is our policy to post any changes we make to our privacy policy on this page with a notice that the privacy policy has been updated on the Website home page. If we make material changes to how we treat our users' personal information, we will notify you by email to the primary email address specified in your account and/or through a notice on the Website home page. The date the privacy policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Website and this privacy policy to check for any changes.

Children Under the Age of 18

Our Website is not intended for children under 18 years of age. No one under age 18 may provide any information to or on the Website. We do not knowingly collect personal information from children under 18. If you are under 18, do not use or provide any information on this Website or through any of its features, register on the Website, make any purchases through the Website or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 18 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us at privacy@bidx.io or by using the information in the “Contact Information” section below.

Information We Collect About You and How We Collect It

We collect several types of information from and about users of our Website, including information:

By which you may be personally identified, such as name, postal address, e-mail address, telephone number, or any other identifier by which you may be contacted online or offline ("personal information");
About your internet connection, the equipment you use to access our Website, and usage details.
Internet or other electronic network activity information (such as log information, IP address, access times, operating system, browser type and language, internet service provider, and Website interactions and browser history).
Any other information you choose to provide to us.
Deidentified or aggregated consumer information, which cannot be used to identify you individually.

We collect this information:

Directly from you when you provide it to us.
Automatically as you navigate through the site. Information collected automatically may include usage details, IP addresses, and information collected through cookies, web beacons, and other tracking technologies.
From third parties, for example, our business partners.

Where information is received from a third party, such data collection is subject to that third party’s privacy policy. The terms of our privacy policy do not apply on any third-party website or with respect to their information collection practices. Except as otherwise required under the relevant laws and regulations, we are not responsible for the privacy practices of these third parties and their websites. We encourage you to read their respective terms of service and privacy policies if you wish to utilize these websites so that you are informed of their practices.

Information You Provide to Us

The information we collect on or through our Website may include:

Information that you provide by filling in forms on our Website. This includes information provided at the time of registering to use our Website, subscribing to our service, or requesting further services. We may also ask you for information when you report a problem with our Website.
Records and copies of your correspondence (including email addresses), if you contact us, including when you chat with us.
Your responses to surveys that we might ask you to complete for research purposes.
Details of transactions you carry out through our Website and of the fulfillment of your orders. You may be required to provide financial information before placing an order through our Website.
Your search queries on the Website.

Information We Collect Through Automatic Data Collection Technologies

As you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

Details of your visits to our Website, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Website.
Information about your computer and internet connection, including your IP address, operating system, and browser type.

We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). For information on how you can opt out of behavioral tracking on this Website and how we respond to web browser signals and other mechanisms that enable consumers to exercise choice about behavioral tracking, please see the “Choices About How We Use and Disclose Your Information” section below.

The information we collect automatically may include limited personal information, such as an IP address or location information or any personal information you opt to save, such as your name and email address. It helps us to improve our Website and to deliver a better and more personalized service, including by enabling us to:

Estimate our audience size and usage patterns.
Store information about your preferences, allowing us to customize our Website according to your individual interests.
Speed up your searches.
Recognize you when you return to our Website.

The technologies we use for this automatic data collection may include cookies (or browser cookies), local stored objects (or Flash cookies), web beacons (also referred to as a clear gif, pixel tags, and single-pixel gifs).

A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.

Certain features of our Website may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies. For information about managing your privacy and security settings for Flash cookies, see “Choices About How We Use and Disclose Your Information.”

Pages of our the Website and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

Third-Party Use of Cookies and Other Tracking Technologies

Some content or applications, including advertisements, on the Website are served by third parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our website. The information they collect may be associated with your personal information or they may collect information, including personal information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.

We do not control these third parties' tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.

Facebook Pixel

Our Website use the Facebook Pixel, a web analytics service provided by Meta Platforms Inc. (previously, “Facebook Inc.”) (referred to, for convenience, as “Facebook”). The Facebook Pixel functions in the way described in the section labelled “Personal Information Collected Via Technology” above. You may refuse the use of technologies like the Facebook Pixel by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use the full functionality of the Website. By using our Website, you consent to the processing of data about you by Facebook in the manner and for the purposes set out above. To find out more information about how Facebook may use your information, we encourage you to visit https://www.facebook.com/business/m/privacy-and-data.

LinkedIn Insight Tag

Our Website uses the LinkedIn Insight Tag, a conversion tracking technology and retargeting function provided by LinkedIn Corporation (“LinkedIn”). The LinkedIn Insight Tag is integrated on our Website, and a cookie is also set on your end device by LinkedIn. This informs LinkedIn that you have visited our Website. In this process, your IP address, the time of the call of the respective subpage and so-called events, such as page views, are collected. This allows us to recognize via which LinkedIn display or interaction on LinkedIn you came to our Website. With the help of this data, we can statistically evaluate the use of our Website and continuously optimize our Website and better play our advertising. LinkedIn assigns the named data to your personal LinkedIn user account. If you are logged in to LinkedIn, you can deactivate the data collection at any time using the following link https://www.linkedin.com/psettings/enhanced-advertising. By using our Website, you consent to the processing of data about you by LinkedIn in the manner and for the purposes set out above. To find out more information about how LinkedIn may use your information, we encourage you to visit https://www.linkedin.com/legal/privacy-policy.

Google Analytics

Our Website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the Website analyze how users use the site. The information generated by the cookie about your use of the Website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the Website, compiling reports on activity on our Website, and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use the full functionality of the Website. By using our Website, you consent to the processing of data about you by Google in the manner and for the purposes set out above. To find out more information about how Google may use your information, we encourage you to visit https://www.google.com/policies/privacy/partners/.

Google Ads with Remarketing Pixel

Our Website uses the Google Ads Remarketing Pixel, an interest-based targeted advertisement service provided by Google. Google Ads is based on an algorithm that selects the advertisements displayed on our Website to match our content. Google Ads allows an interest-based targeting of all visitors, which is done by creating individual user profiles. Google uses cookies for this purpose. By each individual call of a page of our Website on which a component of Google Ads has been integrated, your browser on your end device is automatically caused to transmit data to Google Ads for the purpose of online advertising and the settlement of commissions. In this way, Google obtains knowledge of personal data that Google uses to determine the type of advertising to be played and to be able to track the clicks on this advertising. Among other things, Google can recognize that you have clicked on the advertising on this Website. Google also uses tracking pixels, a miniature graphic that is embedded in websites, to enable log file recording and log file analysis, whereby a statistical evaluation can be performed. You may refuse the use of cookies and pixels by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use the full functionality of the Website. By using our Website, you consent to the processing of data about you by Google in the manner and for the purposes set out above. To find out more information about how Google may use your information, we encourage you to visit https://www.google.com/policies/privacy/partners/.

For more information about how you can opt out of receiving targeted advertising from many providers, see “Choices About How We Use and Disclose Your Information.”

How We Use Your Information

We use information that we collect about you or that you provide to us, including any personal information:

To present our Website and its contents to you.
To provide you with information, products, or services that you request from us.
To fulfill any other purpose for which you provide it.
To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
To notify you about changes to our Website or any products or services we offer or provide though it.
To allow you to participate in interactive features on our Website.
To maintain the safety, security, and integrity of the Website, as well as our databases and other technology assets and our business.
To notify you about changes to our Website, our Terms of Use, our General Terms and Conditions of Service, or this Privacy Policy and to send you security alerts, confirmations, and other administrative messages (to the extent we possess your email address or other contact information).
To respond to law enforcement requests and as required by applicable laws, rules, court orders, or governmental regulations, as well as to comply with our legal and regulatory obligations and to defend legal claims.
To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets as described in this policy.
In any other way we may describe when you provide the information.
For any other purpose with your consent.

We may also use your information to contact you about our own and third-parties' goods and services that may be of interest to you. If you do not want us to use your information in this way, you should not opt-in to that collection when you register to create your account. If you do opt-in but change your mind in the future, you are able to opt-out of this type of use of your information at any time by using the “Unsubscribe” link at the bottom of our marketing and promotional emails or by using one of the other opt-out options made available to you. For more information, see “Choices About How We Use and Disclose Your Information.”

We may use the information we have collected from you to enable us to display advertisements to our advertisers' target audiences. Even though we do not disclose your personal information for these purposes without your consent, if you click on or otherwise interact with an advertisement, the advertiser may assume that you meet its target criteria.

Disclosure of Your Information

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.

We may disclose personal information that we collect or you provide as described in this privacy policy:

To our subsidiaries and affiliates.
To contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them. The tools from above have “access“ to the information. In addition we are working with a marketing agency who supports us scaling our ads.
To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of BidX's assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by BidX about our Website users is among the assets transferred.
To third parties to market their products or services to you if you have consented to these disclosures. We contractually require these third parties to keep personal information confidential and use it only for the purposes for which we disclose it to them. For more information, see “Choices About How We Use and Disclose Your Information.”
To fulfill the purpose for which you provide it.
For any other purpose disclosed by us when you provide the information.
With your consent.

We may also disclose your personal information:

To comply with any court order, law, or legal process, including to respond to any government or regulatory request, and to meet any other legal requirement.
To enforce or apply our Terms of Use, our General Terms and Conditions of Service, this Privacy Policy, and other agreements, including for billing and collection purposes.
To provide information to our representatives and advisors, including our attorneys and accountants, to help us comply with legal, accounting, and security requirements.
If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of BidX, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

Choices About How We Use and Disclose Your Information

We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information

Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly.
Disclosure of Your Information for Third-Party Advertising. If you do not want us to share your personal information with unaffiliated or non-agent third parties for promotional purposes, you should not opt-in to such activities when you register to create your account. By default, we require users to opt-in to the sharing of personal information for promotional purposes. You can also always opt-out by sending us an email with your request to hello@bidx.io.
Promotional Offers from the Company. If you do not wish to have your email address used by the Company to promote our own or third parties' products or services, you can opt-out by sending us an email stating your request to hello@bidx.io In addition we offer to opt-out in every mail which is sent out. --> If we have sent you a promotional email, you may send us a return email asking to be omitted from future email distributions. This opt out does not apply to information provided to the Company as a result of a product purchase, warranty registration, product service experience, or other transactions.
Targeted Advertising. If you do not want us to use information that we collect or that you provide to us to deliver advertisements according to our advertisers' target-audience preferences, you can opt-out by sending us an email with your request to hello@bidx.io.

We do not control third parties' collection or use of your information to serve interest-based advertising. However these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative ("NAI") on the NAI's website.

Please note that our Website is not configured to accept and respond to web browser Do Not Track (DNT) signals. As such, if you would like to opt-out of certain specific cookies or automatic tracking technologies, you will need to do so by exercising one of the other methods described in this Privacy Policy.

California residents may have additional personal information rights and choices. Please see “Your California Privacy Rights” for more information.

Nevada residents who wish to exercise their sale opt-out rights under Nevada Revised Statutes Chapter 603A may submit a request to us using the contact information provided in the “Contact Us” section below, indicating that you are requesting to opt-out of the sale of your personal information under Nevada law. However, please know we do not currently sell data triggering that statute's opt-out requirements.

Accessing and Correcting Your Information

You can review and change your personal information by logging into the Website and visiting your account profile page.

You can request that we update, correct, or delete any information we possess about you by contacting us using the information in the Contact Us section below and informing us of what action you would like to take with respect to your information. We cannot delete your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

Your California Privacy Rights

California's Shine the Light law (Civil Code Section § 1798.83) permits users of our App that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us using the contact information provided in the “Contact Us” section below, indicating that you are submitting a request under the California “Shine the Light” law.

Non-U.S. Visitor’s Rights

The owner of the Website is based in the State of New Jersey in the United States. We provide this Website for use only by persons located in the United States. Non-U.S. persons visiting from other countries should be aware that, by visiting the Website, you are agreeing to be subject to U.S. privacy laws rather than the laws of your home country. If you access the Website from outside the United States, you do so on your own initiative, consent to the transfer of your personal information to the United States, consent to the use of your personal information as in this privacy policy, and are responsible for compliance with local laws.

Non-U.S. persons shall have the same rights as U.S. persons as described in this privacy policy. Exercising those rights is free of charge. Should you have any issues or complaints, we hope you will contact us directly using the information provided in the “Contact Us” section below, although you may have the right to also contact the data protection supervisory authority where you reside if you wish to do so.

Data Security

We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.

Data Retention

We will only keep your information, including any personal information, for as long as necessary to fulfill the purposes for which we collected it, to comply with our legal obligations, or to enforce our legal rights (or as required so others may enforce their legal rights).

Generally, the length of time we keep your information will depend on the type of information and the purpose for which we are processing it. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure, the purposes for which we are processing it and whether we can achieve those purposes through other means, and any applicable legal requirements.

At the end of the appropriate retention period, we will either delete your information from our systems completely or anonymize it so it can be used without identifying you and so we no longer have the ability to re-associate the anonymized information with you in the future, such as by aggregating the information.

If you would like more information about our retention practices, please contact us using the contact information provided in the “Contact Us” section below.

Contact Information

To ask questions or comment about this privacy policy and our privacy practices, or to register a complaint or concern, contact us at:

BidX Inc
ATTN Nadine Schöpper
101 Avenue of the Americas, 8th Floor
New York, NY 10013
USA

Email. hello@bidx.io

Privacy policy

I. Name and address of the controller

II. Name and address of the data protection officer

III. General information on data processing

Scope of processing

The basis for the processing of personal data

Legitimate interests in the processing

Data deletion and storage period

Recipients of the collected data / data transmission

Data transfer and processing to third countries

Necessity of the disclosure of personal data

Existence of automated decision making

Data security

IV. Data processing when using our website and making use of our services

Hosting via Amazon Web Services

Use of Cookies

Data collection and use during registration and use of our services/utilization of our services

Login via Google Single Sign-On

Use of Facebook Remarketing

LinkedIn Insight-Tag

Google Tag Manager

Google Analytics

Google Ads with Remarketing Pixel

Indeed Conversion Tracking

Hotjar

LeadRebel

Expandi

HubSpot

Aircall

ClickUp

Social Media

Integration of Youtube

E-Mail

Payment service provider

Billing via FastBill

Internal organization

V. Data subjetcs‘ rights

Right of access (Art. 15 GDPR)

Right to rectification (Art. 16 GDPR)

Right to restriction of processing (Art. 18 GDPR)

Right to erasure (Art. 17 GDPR)

Right to information

Right to data portability (Art. 20 GDPR)

Right to object (Art. 21 GDPR)

Right of withdrawal in case of consent

Right to automated decisions in individual cases including profiling

Right to complain to a supervisory authority

Introduction

Changes to Our Privacy Policy

Children Under the Age of 18

Information We Collect About You and How We Collect It

Information You Provide to Us

Information We Collect Through Automatic Data Collection Technologies

Third-Party Use of Cookies and Other Tracking Technologies

Facebook Pixel

LinkedIn Insight Tag

Google Analytics

Google Ads with Remarketing Pixel

How We Use Your Information

Disclosure of Your Information

Choices About How We Use and Disclose Your Information

Accessing and Correcting Your Information

Your California Privacy Rights

Non-U.S. Visitor’s Rights

Data Security

Data Retention

Contact Information

Join our Newsletter for the latest updates now

BidX

About us

Legal

Contact

BidX App