Privacy Policy
This Privacy Policy explains how BesaBid collects, uses, stores, and protects personal data when you use our platform and services.
BesaBid is a B2B e-procurement platform based in Albania. We are committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
By using our services, you acknowledge that you have read and understood this Privacy Policy.
Data Controller
The data controller responsible for your personal data is:
BesaBid
Website: https://besabid.com
Email: [email protected]
Personal Data We Collect
We may collect and process the following categories of personal data:
3.1 Identity and Contact Data
- Full name
- Email address
- Phone number
- Job title
- Company name
- Company registration details
3.2 Account Data
- Username and password
- Profile information
- Account preferences
3.3 Transaction and Procurement Data
- Tender and bidding information
- Contracts and invoices
- Supplier and buyer interactions
- Communication logs within the platform
3.4 Technical Data
- IP address
- Browser type and version
- Device information
- Operating system
- Usage data and analytics
- Cookies and tracking technologies
Legal Basis for Processing (GDPR Article 6)
We process personal data only when a lawful basis applies:
- Contract performance – to provide our services
- Legal obligation – compliance with applicable laws
- Legitimate interests – improving services, security, fraud prevention
- Consent – when you have explicitly agreed to processing
- Vital interests – in rare cases of security or protection
How We Use Your Data
We use your personal data to:
- Provide access to the BesaBid platform
- Manage user accounts and authentication
- Facilitate procurement, bidding, and tender processes
- Process transactions and documentation
- Communicate service updates and notifications
- Provide customer support
- Improve platform performance and user experience
- Ensure security and prevent fraud
- Comply with legal obligations
Sharing and Disclosure of Data
We do not sell personal data.
We may share data with:
- Verified suppliers and buyers participating in procurement processes
- Third-party service providers (hosting, analytics, IT services)
- Payment processors and financial institutions
- Legal, regulatory, or government authorities when required by law
- Professional advisors (legal, accounting, auditing services)
All third parties are required to process personal data securely and in compliance with GDPR.
International Data Transfers
Your personal data may be transferred and stored outside the European Economic Area (EEA).
Where such transfers occur, we ensure appropriate safeguards such as:
- Standard Contractual Clauses (SCCs)
- Adequacy decisions by the European Commission
- Other legally approved transfer mechanisms
Data Retention
We retain personal data only for as long as necessary for:
- The purpose for which it was collected
- Compliance with legal and regulatory obligations
- Resolution of disputes
- Enforcement of agreements
After this period, data is securely deleted or anonymized.
Data Security
We implement appropriate technical and organizational measures to protect your data, including:
- Encryption of data in transit and at rest
- Secure servers and infrastructure
- Access control and authentication mechanisms
- Regular security monitoring and audits
- Internal policies for data protection
Despite these measures, no system can guarantee 100% security
Cookies and Tracking Technologies
We use cookies and similar technologies to:
- Enable platform functionality
- Maintain user sessions
- Remember preferences
- Analyze platform usage and performance
- Improve user experience
You can control cookies through your browser settings. Disabling cookies may limit platform functionality.
Your Rights Under GDPR
You have the following rights regarding your personal data:
- Right of access
- Right to rectification
- Right to erasure (“right to be forgotten”)
- Right to restriction of processing
- Right to data portability
- Right to object to processing
- Right to withdraw consent at any time
- Right to lodge a complaint with a supervisory authority
To exercise your rights, contact us using the details provided below.
Data Sharing with Third Parties
We may integrate with external systems such as:
- ERP platforms
- Accounting systems
- CRM tools
- Analytics providers
These providers process data under strict contractual obligations in compliance with GDPR.
Children’s Data
Our services are intended for businesses and professionals only. We do not knowingly collect personal data from individuals under the age of 18.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time.
We encourage users to review this policy periodically.
Contact Information
If you have any questions about this Privacy Policy or your personal data, please contact us:
BesaBid
Website: https://besabid.com
Email: [email protected]