Legal

Privacy Policy

How we collect, use, and protect your information

Table of Contents
1. Overview 2. Information We Collect 3. How We Use Information 4. Information Sharing 5. Data Security 6. Data Retention 7. Your Rights 8. Cookies & Tracking 9. International Transfers 10. Children's Privacy 11. Policy Changes 12. Contact Us
Last Updated: February 15, 2026
GDPR Compliant CCPA Compliant SOC 2 Type II

At BidX, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.

1. Overview

BidX, Inc. ("BidX," "we," "us," or "our") operates the BidX platform, an AI-powered RFP response solution. This policy applies to all information collected through our website, application, and services.

By using BidX, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Information You Provide

Data Type Examples Purpose
Account Information Name, email, password, company Account creation & management
Billing Information Payment details, billing address Payment processing
Content RFP documents, proposals, knowledge base Service delivery
Communications Support tickets, emails, feedback Customer support

2.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, time spent
  • Device Information: Browser type, operating system, device ID
  • Log Data: IP address, access times, referring URLs
  • Cookies: Session identifiers, preferences

3. How We Use Information

We use your information to:

  • Provide and maintain our services
  • Process your transactions and send related information
  • Send service updates and security alerts
  • Respond to your inquiries and provide customer support
  • Improve our AI models and platform features
  • Analyze usage patterns to enhance user experience
  • Detect, prevent, and address technical issues
  • Comply with legal obligations

3.1 AI Training

We may use anonymized and aggregated data to improve our AI models. Your specific content is never shared with other customers. You can opt out of AI training data usage in your account settings.

4. Information Sharing

We do not sell your personal information. We may share information with:

  • Service Providers: Companies that help us operate our platform (hosting, analytics, payment processing)
  • Business Partners: With your consent, for integrations you enable
  • Legal Requirements: When required by law or to protect rights
  • Business Transfers: In connection with mergers, acquisitions, or asset sales

4.1 Sub-processors

We use the following third-party sub-processors:

Provider Service Location
Amazon Web Services Cloud Infrastructure United States
Stripe Payment Processing United States
Anthropic AI Services United States
SendGrid Email Delivery United States

5. Data Security

We implement comprehensive security measures:

  • Encryption: All data encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Access Controls: Role-based access, multi-factor authentication
  • Monitoring: 24/7 security monitoring and intrusion detection
  • Audits: Regular security audits and penetration testing
  • Compliance: SOC 2 Type II certified

6. Data Retention

We retain your data as follows:

  • Active Accounts: Data retained while account is active
  • Cancelled Accounts: Data deleted within 90 days of cancellation
  • Legal Requirements: Some data retained for legal compliance (7 years for financial records)

You can request data export or deletion at any time through your account settings or by contacting us.

7. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data
  • Portability: Export your data in a machine-readable format
  • Objection: Object to certain processing activities
  • Restriction: Request limited processing of your data

To exercise these rights, contact us at privacy@bidx.ai.

8. Cookies & Tracking

We use cookies and similar technologies for:

  • Essential Cookies: Required for platform functionality
  • Analytics Cookies: Help us understand usage patterns
  • Preference Cookies: Remember your settings

You can manage cookie preferences through your browser settings or our cookie consent tool.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards through:

  • Standard Contractual Clauses (SCCs)
  • Data Processing Agreements
  • Privacy Shield certification (where applicable)

10. Children's Privacy

BidX is not intended for users under 16 years of age. We do not knowingly collect information from children. If you believe we have collected information from a child, please contact us immediately.

11. Policy Changes

We may update this Privacy Policy periodically. We will notify you of significant changes via email or platform notification. Continued use after changes constitutes acceptance.

12. Contact Us

For privacy-related inquiries:

  • Email: privacy@bidx.ai
  • Data Protection Officer: dpo@bidx.ai
  • Address: BidX, Inc., 548 Market Street, Suite 12345, San Francisco, CA 94104
California Residents (CCPA)

California residents have additional rights under the CCPA, including the right to know what personal information is collected, request deletion, and opt out of the sale of personal information. We do not sell personal information. For CCPA requests, contact privacy@bidx.ai.