Last updated: 12 June 2026
BidWright ("BidWright", "we", "us", or "our") respects your privacy and is committed to protecting your personal information. This policy explains what we collect, how we use it, and the choices and rights you have. It is aligned with the Protection of Personal Information Act, 2013 (POPIA) of South Africa and, where applicable, the EU/UK General Data Protection Regulation (GDPR).
This website and our auction software services are operated by [Registered company name] (registration number [reg. number]) ("the Responsible Party"). For the purposes of POPIA we act as the Responsible Party, and under GDPR as the data controller, for personal information processed through this website.
This policy applies to personal information we process about visitors to this website and prospective and current clients who contact us, request a demo or quote, or otherwise engage with us. It does not cover the separate, branded auction platforms we build and operate for clients, which are governed by each client's own privacy policy.
We process personal information where: you have consented; it is necessary to take steps at your request or to perform a contract; it is necessary for our legitimate interests (such as running and improving our business) balanced against your rights; or to comply with a legal obligation.
We use cookies and similar technologies to operate the website and understand how it is used. This site uses [analytics provider, e.g. Google Analytics 4] to collect aggregated usage statistics. You can control cookies through your browser settings, and where required we will request your consent before setting non-essential cookies.
We do not sell your personal information. We share it only with trusted service providers ("operators" under POPIA / "processors" under GDPR) who help us run our business — such as hosting, analytics, email, and payment providers — under appropriate confidentiality and data-protection terms, and with authorities where required by law.
We keep personal information only for as long as necessary for the purposes described here, to meet legal and accounting requirements, and to resolve disputes. When no longer needed, it is securely deleted or anonymised.
We maintain appropriate technical and organisational measures — including encryption in transit, access controls, activity logging, and regular reviews — to safeguard personal information against loss, misuse, and unauthorised access. No system is perfectly secure, but we work to protect your data and to notify you and the regulator of any breach as required by law.
Where personal information is transferred outside South Africa or the EEA, we take steps to ensure it receives an adequate level of protection through appropriate safeguards, consistent with POPIA and GDPR.
Subject to applicable law, you have the right to: access the personal information we hold about you; request correction or deletion; object to or restrict certain processing; withdraw consent; request data portability; and lodge a complaint with a supervisory authority. In South Africa this is the Information Regulator; in the EU/UK, your local data-protection authority. To exercise any right, contact us using the details below.
Our website and services are intended for businesses and are not directed at children. We do not knowingly collect personal information from children.
We may update this policy from time to time. The "last updated" date above shows when it was last revised; material changes will be highlighted on this page.
For privacy questions or to exercise your rights, contact our Information Officer on WhatsApp at +27 63 578 1337. See our contact page for more ways to reach us.