Last Updated: 4 September 2025
Hello and welcome to Bidnday. We are a small company based in Estonia, and we value your trust. This Privacy Statement explains what personal data we collect, how we use it, and your rights over that data. We are committed to protecting your privacy in line with the General Data Protection Regulation (GDPR).
We only collect data that is necessary to provide our service to you. This typically happens when you:
The table below outlines the types of data we collect and our reasons for doing so.
| Type of Data | Why We Collect It (Purpose) | Our Legal Basis (Under GDPR) |
|---|---|---|
| Account Data (name, email address, username) | To create and manage your account, authenticate you, and communicate with you. | Performance of a contract with you. |
| Bidding & Transaction Data (bid history, items you're interested in) | To facilitate the bidding process, notify you if you win, and process payments. | Performance of a contract with you. |
| Communication Data (emails, chat transcripts) | To respond to your questions and provide customer support. | Our legitimate interest in providing good service. |
| Technical Data (IP address, browser type, device info) | To run our platform securely, analyze trends, and prevent fraud. | Our legitimate interest in operating and securing our website. |
| Marketing Data (your marketing preferences) | To send you promotional offers and news (only with your explicit consent). | Your consent (which you can withdraw anytime). |
We are a small team and we do not sell your personal data. We only share it with third parties when absolutely necessary for the following reasons:
Under GDPR, you have important rights regarding your personal data. These include the right to:
You can manage your communication preferences in your account settings. To unsubscribe from marketing emails, simply click the 'unsubscribe' link at the bottom of any email we send you.
To exercise any of your other rights, please contact us at:privacy@bidnday.com. We will respond to your request within one month.
We take the security of your data seriously. We implement appropriate technical and organizational measures to protect it from unauthorized access, loss, or misuse.
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including to satisfy any legal, accounting, or reporting requirements. After this period, your data will be securely deleted or anonymized.
As our company is headquartered in Estonia (a member of the European Economic Area - EEA), your data is stored and processed within the EEA. If we ever need to transfer your data outside the EEA to a country not deemed to have adequate data protection laws, we will ensure appropriate safeguards (like Standard Contractual Clauses) are in place to protect it.
If you have any questions about this Privacy Statement or how we handle your data, you can reach our data protection contact at:
If you are not satisfied with our response, you have the right to lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon).
We may update this Privacy Statement from time to time. If we make significant changes, we will notify you through our platform or by email. The "Last Updated" date at the top of this page will indicate when the latest changes were made.