Data Stored by Bidlogix Software
Below is a list of the Customer personal data that is stored on behalf of Clients by bidlogix, along with why we store it and how it is used.
Users are required to enter a uniquely identifiable username when creating a live bidding account that can then be used for log in credentials. The username acts as a unique reference for this user and depending on their account preferences, may contain personal information, such as full first and surname.
Usernames are used as identification when navigating the administration system, meaning that administrators can search for users by username in order to offer support to them. Admin users with specific access may also utilise a username to apply a specific users’ data to invoices and accountancy reports.
For data integrity and security reasons we ensure that usernames must always be unique per Bidlogix customer application and cannot be edited once created, either by the user or an admin.
In order for a bidding account to be created, a user must enter a valid email address that is unique per Bidlogix customer application. For security and validation purposes once a bidding account is created an email with an activation link will be sent to the entered email address.
For data integrity and security if the activation email is not actioned a bidding account can not be used to log into a Bidlogix application without the assistance of a user with specific internal administration access. An automated email will also be sent to a user upon manually requesting a password re-set link.
Automatic emails may be sent from the Bidlogix system to users who have registered for an auction or Marketplace and need to be contacted where there is a legitimate reason to do so, such as confirming their registration status, bidding status and/or for invoicing information.
The system may also send automated emails to those users who have specifically opted into receiving outbid notifications for timed auctions or configured a Lot Alerts notification. These emails can be opted out of by a user at any point by navigating to their My Settings page for outbid notifications and their My Bids page for Lot Alerts.
All email marketing contact requires the user to give explicit consent to be contacted, and consent can be withdrawn at any time by de-selecting the marketing consent options within My Settings. Auctioneer users with specific administrative access to the Bidlogix system can see if a user has opted in to receive marketing emails by navigating to the user screen and exporting the pertinent user records. In column Q of the export users who have opted in will have their preferred categories of interest listed and, If they have opted in to receiving marketing from the auctioneer’s selected partners this will be represented by an ‘x’ in column S.
see which users have opted in receive marketing emails by exporting the user data to a CSV file and to An audit of emails sent by the system is available within Bidlogix.
We require and securely store a user's bidding account password to enable users to identify themselves to a Bidlogix Bidlogix customer application securely when logging in and to prevent others from impersonating the user. The password is set at the point of creating a live bidding account and can be changed later if forgotten, once the user verifies their identity by requesting an email to be sent to the email address applied in the live bidding account containing a link to securely change the password.
In order to maintain a user’s account security we encrypt all passwords using a hashing algorithm that we do not share with any third parties. No user with specific internal administration access has access to this data.
Full Name and Title
We require users to enter their full name and title for data integrity and security purposes. It may also be used where any contact of legitimate interest is required so that all correspondences are accurate and, in cases such as invoices being sent, legally accurate.
Users with specific internal administration access may use this data to search for particular users in relation to support queries.
We require users to input their preferred language at the point of creating their live bidding account so that, where Bidlogix customer applications have translations enabled, users who have logged in will see the content of the website in the correct language.
We require users to input their full contact address during account creation. This may be used by an auctioneer where there is a legitimate interest to do so, such as verifying the validity of data for registration purposes as well as sending purchased items and/or invoices to. It may also be used to send marketing information where explicit consent has been given by the user to do so.
We require users to input their pertinent time zone when creating a live bidding account in order to display the most accurate end times of any auction or items to the user once logged in to a Bidlogix application.
Daytime Telephone Contact
When creating a live bidding account we require users to enter their preferred telephone contact for data integrity and security reasons. This may be used for auctioneers to contact users where there is a legitimate interest to do so, such as to verify their identity when registering for an auction or to respond to a support issue. It may also be used to send marketing information where explicit consent has been given by the user to do so.
Mobile and Fax Numbers
Should a user choose to do so they can input their preferred mobile and/or fax number to their live bidding account, though this is not a required data field. These details may be used by auctioneers to contact users where there is a legitimate interest to do so, such as to verify their identity when registering for an auction or to respond to a support issue. It may also be used to send marketing information where explicit consent has been given by the user to do so.
Company Name and VAT number
A user can enter their company/business name and/or VAT number at the point of creating their account though it is not required to successfully complete a live bidding account. This data could become necessary for contact in situations where an auctioneer requires this data in order to correctly identify or invoice a particular customer.
Opting-in to data analytics
An auction company may, at times, choose to do data analysis on user behaviour, auctioning strategies and the effectiveness of their marketing campaigns by analysing their user base, which may include leveraging their users’ personal data. From the 25th May 2018 auctioneers, or any other Data Controller, cannot use a user’s personal data for analytical purposes without the user's explicit consent. GDPR now clearly defines automated data processing with the term “profiling” in Article 4. Profiling is defined in the following way:
- It consists of an automated form of data processing.
- It uses personal data.
- Its purpose is to evaluate personal aspects about an individual.
Users can opt in to giving their consent for data analytics selecting the consent option at the point of creating a live bidding account. This consent can be given or removed at a later date by the user within My Settings.
If a user has provided consent for their personal details to be used for data analysis it will be recorded as an ‘x’ in column T of the user export from the bidlogix admin.
Information we collect automatically
When someone uses a Bidlogix application either by actively logging in, or browses one of our Bidlogix Client applications without logging in we may collect information on a user on how they are interacting with our applications for security, data analytics and monitoring purposes. For all logged in users this information will include storing a user’s cookie in way of an auth token, so that when a user visits the same Bidlogix Client application again within the same session, opens the application in another tab, or when a page is refreshed, we don’t need to request login credentials again. We may also store some users’ cookies in order to provide a good user experience so that, for example, when a user goes back to a previous page they will be taken to the area of the application they were prior.
We may also keep a record users’ IP addresses, operating system, internet browser type and browsing activity, limited to the activity on Bidlogix application pages only, in our log files or other tracking technologies.
Some of our applications may use third party tracking tools in order to provide additional support assistance to users as well as to track information such as customer demographics, bidding activity and behaviours.
Customers’ Right to be Forgotten
Under Article 17 of the GDPR individuals have the right to have personal data erased, also known as the ‘right to be forgotten’. From the point an individual requests their data to be erased the Data Controller must respond and action the request within one calendar month. As the right only applies in certain circumstances, and is not absolute, we would recommend consulting legal advice if you feel there is a legitimate reason not to comply with the any request received from an individual.
How we erase data upon request
Due to the need for the auctioneer to be able to investigate any request for user data to be erased, such as in a situation of payment dispute, we do not provide public users with the ability to erase their own data in an automated way. Rather we recommend auctioneers should clearly display how to request personal data removal and who to contact.
Once a request has been received and authorised by the data controller, i.e. the auctioneer, they should in turn contact us (Bidlogix) at email@example.com as soon as possible and provide the following details:
• Username of requester.
• Email address of requester.
• Date request was made by the requester.
• Confirmation that you (the auctioneer) have performed your due diligence and that you no longer need to access this user's information (i.e. no outstanding invoices, etc.)
Any verbal requests for Bidlogix to erase a user’s data must always be immediately followed up with a written request that includes the details listed above to firstname.lastname@example.org. In addition to this auctioneers should ensure a request of this nature should be made from a user with specific admin access to the Bidlogix system. Bidlogix will assume that authorisation is in place for these requests having checked the admin status of the reporter.
We will then action the request, which will involve anonymising all records that could personally identify an individual, lock the specific account so it cannot be used to log into the system and confirm when completed. When removing the details an audit trail will be retained against the user record, showing a time stamp of when the personally identifiable data was erased.
Please note, we will not physically delete data associated with users as this could cause data integrity and accuracy issues within our data base and adversely affect sales history and other financial records. However, all personally identifiable data will be removed, as per GDPR requirements. For instance all bidding data (e.g. number of bids received, highest bid etc.) will still be available to auctioneers but, should a user’s account have been anonymised it will no longer be possible to link the data back to the specific individual.
How we anonymise live data into our staging (testing) environments
In order to comply with GDPR around live user’s data being accessed by our internal development team, we ensure that all personally identifiable information is anonymised prior to being loaded into any local or staging test environment.
The diagram below shows how this process is performed: