BidX1 Privacy Policy

This Data Protection Privacy Notice provides information about the ways in which BidX1 collects, stores and uses personal data relating to individuals (i.e., data subjects). BidX1 fully respects your right to privacy, and your data protection rights. BidX1 is fully committed to compliance with the General Data Protection Regulation (“GDPR”), the Data Protection Acts and Anti-Money Laundering/Combatting the Financing of Terrorism (AML/CFT) legislation relevant to each of the countries we provide services in (the “Law’).


1.  Who are BidX1?

BidX1 is a digital property company that provides a digital platform where users across the globe can buy or sell property in the different markets we operate in - BidX1 has currently operations in Ireland, the United Kingdom, South Africa, Spain, and Cyprus. See for information regarding the property investment services we offer.


2.  What information will you collect? Why do you collect information about me?

Under GDPR, Personal Data is defined as: “any information relating to an identified or identifiable natural person (‘data subject’).” Such data may include, but is not limited to, a person’s name and address; Date of Birth or records relating to a person’s employment relationship.

“Processing” means any action performed on personal data, including collection, recording, storage, erasure or destruction. BidX1 is the ‘Data Controller’ in respect of the Personal Data processed.

BIDX1 has introduced a range of policies and procedures, which it reviews regularly, in order to ensure it complies with the requirements as defined by the law to ensure that Personal Data we process is:


2.1 The type of information that BidX1 may collect from you includes:


2.2 There are a number of reasons why BidX1 collects information. We need to know how to contact you, we need to be certain of your identity and we need to understand your circumstance and digital experience so that we can offer you the best possible customer experience. We also need to ensure compliance with the Law.


3. How do you collect information about me? And when do you do so?

We collect information about you in a number of different ways. Some examples include:


4. How do you use my information?

FullStory will capture data of your interaction with our website, the following information may be recorded:






Mouse movements



(except sensitive information1)

Usage patterns illuminate areas of a website that are confusing or underused, allowing web designers to improve their customer experience and build better features.


Device type

Operating system

Viewfinder size

Script errors

IP address2

Bugs and errors are often particular to a specific web browser or device type. This information helps developers build and ship fixes faster

Pages visited


URL parameters

Session duration

Knowing the most popular pages and sources of referral traffic help product managers and marketers improve the quality of content and advertising.

Data controllers may only send this data with consent or legal basis.

• Display name

• Email address

• App-specific data3

Account information helps web teams understand your unique experience and troubleshoot any problems you may be having.


Please take note that FullStory will not record passwords, payment information, and Social Security numbers. Furthermore, FullStory does not use collected information for their own purposes and BidX1 have sole ownership of and access to recorded data.

Should you have any specific queries regarding FullStory and our website, please contact us directly.


5. Does BidX1 use automated processing or analytics? What is the legal basis?

We do not use automated processing in relation to the information we collect from you as part of our business.

BidX1 uses analytics for statistical purposes only. This enables us to make more informed business decisions, including improving the quality of services we can offer. 


6. Do you share my information with anyone else?

We only share your information with a certain number of other parties and only as necessary. Examples of information sharing here include:


7. What about links on your website to other sites and social media?

Our Site may, from time to time, contain links to and from other websites and web platforms. In addition, third parties’ websites may also provide links to our Site. If you follow a link to any of those websites or web platforms, please note that those websites and web platforms have their own privacy policies and that we do not accept any responsibility or liability for those policies. Please check those policies before you submit any personal data to those websites. We do not accept, and we disclaim, any responsibility for the privacy statements and information protection practices of any third-party website (whether or not such websites are linked on or to the Site). These links are provided to you for convenience purposes only, and you access them at your own risk. It is your responsibility to check the third-party website’s privacy statements before you submit any personal data to their websites.

Our Site may also have “plugins” (such as the Facebook “share” or “like” button) to third-party sites or offer login (such as login with Facebook) through a third-party account. Third-party plugins and login features, including their loading, operation, and use, are governed by the privacy policy and terms of the third party providing them.


8. How long does BidX1 hold onto my information?

The length of time we hold your data depends on a number of factors, such as regulatory and statutory requirements. Other considerations are the type of data we hold about you, whether the data is required for a legal dispute and whether you or a regulatory authority ask us to keep it for a valid reason.

As a general rule, the retention period is 8 years. However, if you request that BidX1 delete your data (prior to this 8-year period elapsing) we shall process your request unless there is a valid reason not to delete the data (such as a requirement to hold onto your data as we have a legal obligation to do so).


9. What happens if I do not provide the requested information to BidX1?

Sharing information with us is in both your interest and ours. We need your information in order to provide our services to you, fulfil any legal contracts we have with you, to manage our business for our legitimate interests and to comply with our legal obligations.

You can choose not to share information with us but must understand that this may limit the services we are able to provide to you. We may not be able to provide you with certain services that you request. For example, if you do not provide us with all requested information when registering for an auction, we may not be able to approve you to bid on a property.


10. What is the legal basis for BidX1 using my information?

The legal basis for the processing of personal data by BidX1 is dependent on the purpose for which the processing is being carried out i.e necessary for the performance of a contract; necessary for legitimate interests and where you have given consent. We will use your data and may share that data where:


11. Does BidX1 process my information outside the jurisdictions we are operating in?

Where services are provided in the European Economic Area (EEA) BidX1 does not generally transfer information about you outside this jurisdiction. Your information is stored on secure systems within the premises of BidX1 and with providers of secure information storage.

In certain circumstances, we may allow the transfer of information about you outside the EEA by our service providers, but only if they agree to act solely on our instructions and to protect your information to the same standard that applies in the EEA. Where we authorise the processing/transfer of your personal information outside of the EEA, we require your personal information to be protected as per GDPR requirements.


BidX1 South Africa

BidX1 operates globally including South Africa and provides services to users across different jurisdictions. As part of our operations, it may be necessary to transfer your personal data to locations outside of South Africa.

By using our services, you acknowledge and agree that your personal data may be transferred outside of South Africa. BidX1 takes steps to ensure that any such transfers comply with applicable data protection laws, including the Protection of Personal Information Act (POPIA), and that appropriate safeguards are in place to protect your personal data.


12. What rights do I have under GDPR?

You have several rights in relation to how we use your information, and we have significant obligations in this regard.

You have the right to:


13. How do I contact BidX1 and/or your Data Protection Officer?

The data controller responsible for your information is BidX1. If you have any questions about how your personal data is gathered, stored, shared or used or if you wish to exercise any of your data rights or wish to contact our Data Protection Officer - please note the following contact details:

If you are not satisfied with how BidX1 is dealing with your complaint, you have the right to lodge a complaint with BidX1’s lead supervisory authority, the Irish Data Protection Commissioner or your local supervisory authority. Please refer to Annex 1 for jurisdiction specific data protection authorities’ details.


15. Will there be any changes to your Privacy Policy?

We will update this Data Protection Privacy Policy from time to time. Any changes will be made available on this page.




Jurisdiction specific data protection authorities


Republic of Ireland

Data Protection Commission

Canal House

Station Road 


R32 AP23

Co. Laois. 12

Tel: +353 (0)761 104 800

Fax: +353 57 868 4757



United Kingdom

Information Commissioner’s Office (ICO)

Wycliffe House 

Water Lane 




Telephone: 0303 123 1113

Fax: 01625 524510




Office of the Commissioner for Personal Data Protection

Iasonos 1

1082 Nicosia 


Tel: +357 22818456

Fax: +357 22304565




Agencia Española de Protección de Datos (AEPD)

C/ Jorge Juan, 6 


Tel: 901 100 099 - 912 663 517



Republic of South Africa

The Information Regulator (South Africa)

SALU Building

316 Thabo Sehume Street 


Tel: 012 406 4818

Fax: 086 500 3351