Secure Verified Winners
Sign In
Live Auctions How It Works Pricing Winners FAQ
Sign In

Privacy Policy

How we collect, use, and protect your data

GDPR Compliant · 256-bit SSL Encryption

Last updated: March 1, 2025

1. What We Collect

Account Information

Name, email, password (encrypted), date of birth, phone number, shipping address

Payment Information

Processed by CrystalPAY — we never store credit card details on our servers

Bidding Activity

Bid history, auctions viewed, wins, IP addresses, device type, browser info

Verification Data

Government ID (when required for high-value wins), proof of address

2. How We Use Your Data

  • To provide services: Process bids, payments, and shipping
  • To prevent fraud: Monitor for bots, suspicious activity, and policy violations
  • To improve: Analyze usage patterns to enhance our platform
  • To communicate: Send auction updates, winner notifications, and support responses
  • To comply with law: Meet legal and regulatory requirements

3. Cookies & Tracking

We use cookies and similar technologies to:

  • Keep you logged in
  • Remember your preferences
  • Analyze site traffic and usage
  • Prevent fraud and detect bots

You can disable cookies in your browser settings, but some features may not work properly. We do not use cookies for targeted advertising.

4. When We Share Data

We share your data only when necessary and only with trusted partners:

  • Payment processors: CrystalPAY (for payment processing)
  • Shipping partners: PostNord, DHL, FedEx, UPS (for delivery)
  • Fraud prevention: Fraud detection services
  • Legal authorities: When required by law or to protect our rights

We never sell your personal data to third parties.

5. Your Rights (GDPR)

If you're in the EU/EEA, you have the following rights:

  • Access: Request a copy of your data
  • Rectification: Correct inaccurate data
  • Erasure: Delete your data ("right to be forgotten")
  • Restriction: Limit how we use your data
  • Portability: Receive your data in a machine-readable format
  • Objection: Object to certain processing

To exercise these rights, email privacy@scandibid.com. We respond within 30 days.

6. Security Measures

  • 256-bit SSL encryption for all data in transit
  • Encrypted password storage (bcrypt)
  • Regular security audits and penetration testing
  • Access controls and employee training
  • Two-factor authentication (coming soon)

7. Data Retention

We keep your data as long as your account is active. After account deletion:

  • Personal data is deleted within 30 days
  • Financial records are kept for 5 years (tax/legal requirements)
  • Anonymized bidding data may be kept for analysis

8. Children's Privacy

Scandibid is not intended for users under 18. We do not knowingly collect data from children. If we become aware of underage users, we delete their accounts immediately.

9. International Data Transfers

We are based in Sweden. Your data may be processed in the EU/EEA. For users outside Europe, data may be transferred to the EU. We use Standard Contractual Clauses for such transfers.

10. Changes to This Policy

We may update this policy occasionally. We'll notify you of material changes via email or site notice. Continued use means you accept the updated policy.

11. Contact Our Data Protection Officer

For privacy questions or to exercise your rights:

Data Protection Officer
Nordic Bid AB
Kungsgatan 15
111 43 Stockholm, Sweden
Email: dpo@scandibid.com

You also have the right to lodge a complaint with your local data protection authority.

Live Account