About us

Privacy policy

By using our platform, you entrust us with your data. We are aware of our responsibility and do our utmost to ensure the protection of your personal data and the privacy of users. In this privacy policy, we outline the information we collect, how we use this information and what choices are available to you.

1 Basic information

In this privacy policy, we outline the nature, scope and purpose of the processing of personal data on the platform biddr.com (hereinafter referred to as "platform").

Platform operator:
skayo AG, Luzernerstrasse 9, 6037 Root, Switzerland

For the exact definitions of the terms used, such as "personal data" or their "processing", see Art. 4 of the EU General Data Protection Regulation (hereinafter referred to as "GDPR").

2 Safety

We place great value on the protection of personal data and the privacy of users. All personal data is therefore kept strictly confidential and not disclosed to third parties, with the exception of the cases described in this privacy policy.

We take organizational, contractual and technical safety measures to ensure that the regulations of data protection laws are complied with, and to protect the data processed by us against accidental or intentional manipulation, damage, destruction or against access by unauthorized persons.

When appointing subcontractors to provide our services, we take appropriate legal precautions and suitable technical and organizational measures to protect all personal data in accordance with the law.

When the content, tools or additional resources of other providers (hereinafter referred to as "third party") are deployed in the context of this privacy policy and their registered office is located in a third state, it is to be assumed that a transfer of data to the host state of the third party provider will take place. Third states include states in which the GDPR is not an applicable law i.e. states outside of the EU or the European Economic Area. The transfer of data to third states occurs in the presence of either an adequate level of data protection, consent by the user, or another form of legal permission.

3 Opening a user account

When opening a user account, personal identification data will be collected such as first name, last name, company name, address, zip code, city, country, email address, phone number and references.

In the case of explicit consent (e.g. by ticking a box when opening a user account or by explicitly using a feature of our platform), this data will be used by us to send notifications, reminders and newsletters, and for further similar purposes.

When a user submits a bid or requests to participate in an auction, the personal data will be forwarded to the auction house for review of authorization and fulfillment of any contract (e.g. upon successful bids). The auction house is required to treat all data as strictly confidential and not to pass it on to third parties.

In addition to personal data, an auction house can also, in the case of justified interest (e.g. in the case of a bid), obtain reference information about the user left by another auction house on our platform, and report their own experience.

The legal basis for this is the consent in accordance with Art. 6 para. 1 let. a and Art. 7 GDPR, the processing for the fulfillment of contractual or precontractual measures in accordance with Art. 6 para. 1 let. b GDPR and the processing for fulfillment of legal obligations in accordance with Art. 6 para. 1 let. c GDPR.

4 Collection of access data

Each time our platform is accessed, data transferred by the browser is gathered, such as the access date and time, the exact URL of the visited website, the referrer URL (the last visited website), language, time zone and the user agent (allowing conclusions to be drawn on the browser used, the system and the device). This data is used for the purpose of operation, security and optimization of our platform as well as for statistical analysis. The data will not be disclosed to third parties unless there is justified suspicion of an unlawful act.

The legal basis for this is the safeguarding of our legitimate interests in accordance with Art. 6 para. 1 let. f GDPR.

5 Establishing contact

When establishing contact with us (via contact form or email), the information provided by the user is used in order to process the contact request, in accordance with Art. 6 para. 1 let. a GDPR.

6 Cookies

We use cookies on our platform. This means that when visiting our platform, small data files are automatically created by the user's browser and stored on the user's device.

On one hand, the deployment of cookies enables a more pleasant use of our platform for the user. We use so-called “session cookies” to cache certain information while the user is on our platform. This information is automatically deleted upon leaving our platform.

In addition, we use cookies to save selected long-term settings (e.g. language or currency) in order to increase user-friendliness. These settings are saved on the user's device for a certain period of time.

Most browsers enable the use of cookies automatically. The browser can, however, be configured so that no cookies are stored on the device, or so that a notification always appears before a new cookie is created. Disabling cookies completely can, however, mean that not all the functions on our platform are available.

7 Integration of third party content and services

Based on our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our platform in accordance with Art. 6 para. 1 let. f GDPR), we make use of content or services provided by third parties within our platform, in order to integrate their content and services (hereinafter referred to uniformly as "content"). By integrating this content, third parties automatically receive knowledge of the IP address of the user browsing the site with the integrated content.

By using this content, third party providers may use so-called "pixel tags" (invisible graphics) for statistical or marketing purposes. The pixel tags can be used to evaluate information such as visitor traffic to our platform. Furthermore, the pseudonymous information may also be stored in cookies on the user’s device and may contain, amongst other things, technical information about the browser and operating system, referring websites, visiting time and other information about using our platform, as well as being linked to such information from other sources.

The following list provides an overview of third party providers, their content, as well as links to their respective privacy policies, which provide further indications of the processing of data and, as already mentioned here, possibilities of repeal (so-called opt out):

8 Rights of the user

Users have the right, upon request, to full and gratuitous disclosure of their personal data that has been stored by us.

In addition, users have the right to correct inaccurate data, limit the processing and delete their personal data, assert their rights to data portability (if applicable) and, in the event of unlawful data processing, to file a complaint with the appropriate supervisory authority.

Likewise, users can revoke their consent without affecting the legitimacy of the processing up to the revocation.

The data stored with us is deleted as soon as it is no longer necessary for its intended purpose, provided that the deletion does not conflict with any legal storage requirements. In the case that the users’ data is not deleted, as its retention is necessary for other legal purposes, the processing of the data will be limited. This means that the data will remain blocked and not used for other purposes. This applies, for example, to data that must be retained due to commercial or tax reasons.

According to legal requirements, data will be stored for at least 10 years in accordance with Art. 957ff of the Swiss Code of Obligations.

Users may object to any future processing of their personal data in accordance with legal requirements at any time.

9 Changes to the privacy policy

We reserve the right to make changes to the privacy policy in order to adapt it to the amended legislation or changes in services and processing of data. This only applies, however, in regard to statements of data processing. If consent of the user is required or sections of the privacy policy contain regulations of the contractual relationship with the users, changes will only be made with the consent of the users.

Users are requested to inform themselves regarding the content of the privacy policy on a regular basis.


Last updated 8 June 2018

Feedback / Support