BidClub
User Login

Trust & Security Center

Master Privacy Policy

How we protect your data at BidClub.in

IT Act 2000 SPDI Rules DPDP Act 2023

Operated By: eGenAI (OPC) Private Limited

Effective Date: 21/02/2026

Chapter 01

Introduction

This Privacy Policy explains how we collect, use, store and protect personal data in compliance with the following Indian regulations:

Information Technology Act, 2000 (IT Act)
Sensitive Personal Data or Information (SPDI) Rules
Digital Personal Data Protection Act, 2023 (DPDP Act)
Chapter 02

Data Collected

We collect the following information to facilitate our auction services:

Full Name
Email (Gmail authentication)
Phone Number
Billing Address

Technical & Activity Data:

IP Address & Device Data
Bid Activity Logs
Payment Reference Numbers
Financial Safety: We do not store full credit/debit card details.
Chapter 03

Purpose of Processing

Your data is processed for the following legitimate purposes:

Account Authentication: Secure login via Google systems.
Auction Participation: Tracking and validating your bids in real-time.
Fraud Detection: Protecting the platform and users from malicious activity.
Payment Processing: Handling transactions via secure gateways.
Legal Compliance: Meeting statutory reporting requirements.
Dispute Resolution: Managing support tickets and claims.
Chapter 04

Legal Basis

We process data based on the following legal frameworks:

User Consent: Your explicit agreement during signup.
Contractual Necessity: Required to fulfill auction contracts.
Legal Obligation: As mandated by Indian laws.
Legitimate Business Interest: Platform optimization and security.
Chapter 05

Data Sharing

We may share your information with trusted third parties:

Payment Gateways: For secure transaction processing.
Shipping Partners: To deliver won auction items.
IT Service Providers: For hosting and infrastructure (e.g., Google Cloud).
Government Authorities: When legally mandated by law.
Zero-Sale Policy: We do not sell your personal data to any third-party marketers.
Chapter 06

Data Retention

We retain your data for the minimum period necessary:

During the active lifecycle of your account.
Minimum 5 years for audit and tax compliance.
Longer periods if required by specific legal proceedings.
Chapter 07

Data Security

Our infrastructure implements bank-grade security protocols:

SSL/TLS Encryption for data in transit.
Secure OAuth 2.0 Authentication.
Granular Access Controls for internal staff.
24/7 Monitoring Systems for threat detection.

Note: While we use advanced safeguards, no system is 100% secure.

Chapter 08

User Rights

Under DPDP Act 2023, you have the following rights:

Access: View the data we hold about you.
Correct: Fix inaccuracies in your profile.
Withdraw: Revoke consent for data processing.
Deletion: Request account and data removal (subject to retention laws).

Requests are processed within a reasonable timeframe as per law.

Chapter 09

Cookies

We use cookies and similar technologies for:

Session Management: Keeping you logged in.
Security: Preventing cross-site request forgery.
Analytics: Understanding platform usage patterns.

Users may disable cookies via their browser settings, though some features may break.

Chapter 10

Children's Policy

The BidClub.in platform is not intended for persons under the age of 18. We do not knowingly collect data from minors.

Chapter 11

Data Breach

In the unlikely event of a material data breach:

Affected users will be notified via email where required by law.
Relevant regulatory authorities (e.g., CERT-In) will be informed as per statutory timelines.
Chapter 12

Corporate Liability Limitation

eGenAI (OPC) Private Limited shall not be liable for any unauthorized access, data loss, or breach that occurs despite reasonable security controls and standard industry protocols being in place.