Privacy Policy

Effective as of December 6th, 2018.

This Privacy Policy explains how Graflo Group LLC (“Bidscape.it”, or “we”, “us” or “our”) collects, uses and shares your personal information if you visit www.bidscape.it (the “Site”) or register to use our services, and explains your choices for how we handle your personal information. For convenience, the Site and our services are collectively referred to as the “Service.”

Bidscape.it respects your privacy rights and is committed to transparency in how we collect, use and share your personal information. If you have any questions or concerns about your personal information or this Privacy Policy, email us at privacy@bidscape.it.

Users in the European Economic Area should be sure to read the important information provided here.

Bidscape.it’s Service and Client Services Data

Registered customers of the Service (“Clients”) use it to collect information about how their own users use Client websites, applications, services (“Client Services”) and related third-party applications (“Client Services Data”). Clients also use the Service to more efficiently route Client Services Data to their own third party applications/services and control how their own third party applications/services exchange Client Services Data.

Client Services Data may include, without limitation, information about the identity of Client users (such as name, postal address, e-mail address, IP address and phone number), as well as information about the pages users visit, the features they use, and the actions they take while using the Client Services. This Privacy Policy does not apply to Client Services Data or to Client Services, and we are not responsible for our Clients’ handling of Client Services Data. Our Clients have their own policies regarding the collection, use and disclosure of your personal information. To learn about how a particular Client handles your personal information, we encourage you to read the Client’s privacy statement. Our use of Client Services Data provided by our Clients in connection with our Service is subject to the written agreement between Bidscape.it and Client.

Personal Information We Collect

We collect personal information about you in the following ways:

Information you give us

Personal information that you may provide through the Service or otherwise communicate with us includes:

Identity information, such as your first name, last name, username or similar identifier, title, date of birth and gender;
Contact information, such as your postal address, email address and telephone number;
Profile information, such as your username and password, interests, and preferences;
Feedback and correspondence, such as information you provide when you respond to surveys, participate in market research activities, report a problem with Service, receive customer support or otherwise correspond with us;
Payment information, such as your credit card or other payment card details as described in the Payment Information section below;
Transaction information, such details about purchases you make through the Service and billing details;
Usage information, such as information about how you use the Service and interact with us; and
Marketing information, such your preferences for receiving marketing communications and details about how you engage with them.
Information we get from others

We may obtain additional information about you from third party sources, such as APIHub, Inc., to enrich your experience with the Service and provide you with more relevant information in the Service.

Information automatically collected

Our servers may automatically record certain information about how you use the Service, such as your Internet Protocol (IP) address, device and browser type, operating system, the pages or features of the Service that you browsed and the time spent on those pages or features, the frequency with which you use the Service, search terms, the links that you click on or use, and other statistics. We collect this information in server logs and by using cookies and similar tracking technologies to analyze trends, administer the website, track users’ movements around the website, gather demographic information about our user base as a whole, and deliver advertising. See our Website Data Collection Policy for more information.

Sensitive personal information

Subject to the following paragraph, we ask that you not send or disclose to us any sensitive personal information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or union membership) on or through the Service or otherwise. If you send or disclose any sensitive personal information to us (such as when you submit user generated content to the Service), you must consent to our processing and use of such sensitive personal information in accordance with this Privacy Policy. If you do not consent to our processing and use of such sensitive personal information, you must not provide it.

Changes to your personal information

It is important that the personal information we hold about you is accurate and current. Please let us know if your personal information changes during your relationship with us by updating your registration profile or emailing us at privacy@bidscape.it.

How We Use Your Personal Information

We use your personal information for the following purposes or as otherwise described to you at the time of collection:

To provide the Service

If you have a Bidscape.it account, we use your personal information:

to operate, maintain, administer and improve the Service;
to manage and communicate with you regarding your Service account if you have one, including by sending you Service announcements, technical notices, updates, security alerts, and support and administrative messages;
to process payments you make through the Service as described in the Payment Information section below;
to better understand your needs and interests, and personalize your experience with the Service; and
to respond to your Service-related requests, questions and feedback.

To send you marketing communications

If you request information from us, use the Service or participate in our surveys, promotions or events, we may send you Bidscape.it-related marketing communications as permitted by law but will provide you with the ability to opt out.

To deliver you advertising

We and our partners may serve you ads in the Service or third party sites, including to tailor ads based on your interests and browsing history. See the Tracking and Targeted Advertising section below for more details.

To create anonymous data

We may create aggregated and other anonymous data from our users’ personal information. We make personal information into anonymous data by removing information that makes the data personally identifiable to you. We may use this anonymous data and share it with third parties for our lawful business purposes.

For security, compliance, fraud prevention and safety

We may use your personal information as we believe appropriate to (a) investigate or prevent violation of the law or our Terms of Service; (b) secure the Service; (c) protect our, your or others’ rights, privacy, safety or property; and (d) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.

For compliance with law; legal claims

We may use your personal information as we believe appropriate to (a) comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities; (b) where permitted by law in connection with a legal investigation; and (c) to prosecute or defend legal claims.

With your consent

In some cases we may ask for your consent to collect, use or share your personal information, such as when you let us post your testimonials or endorsements in the Service.

How We Share your Personal Information

We do not share or sell the personal information that you provide us with other organizations without your express consent, except as described in this Privacy Policy. We may disclose personal information to third parties under the following circumstances:

Affiliates. We may disclose your personal information to our subsidiaries and corporate affiliates for use consistent with this Privacy Policy.
Service Providers. We may employ third party companies and individuals to administer and provide the Service on our behalf (such as customer support, hosting, website analytics, email delivery and database management services). These third parties are permitted to use your personal information only to perform these tasks in a manner consistent with this Privacy Policy and are obligated not to disclose or use it for any other purpose.
Payment processors. We may share your payment information to process your payments as described in the Payment Information section below.
Professional advisors. We may disclose your personal information to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services they render to us.
Compliance with Laws and Law Enforcement; Protection and Safety. We may disclose your personal information as we believe appropriate to government or law enforcement officials or private parties (a) for the security, compliance, fraud prevention and safety purposes described above; (b) as required by law, lawful requests or legal process, such as to respond to subpoenas or requests from government authorities; (c) where permitted by law in connection with any legal investigation; and (d) to prosecute or defend legal claims.
Business Transfers. We may sell, transfer or otherwise share some or all of our business or assets, including your personal information, in connection with a business deal (or potential business deal) such as a merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy, in which case we will make reasonable efforts to require the recipient to honor this Privacy Policy.

Your Choices

Access, Update, Correct or Delete Your Information

All Bidscape.it account holders may review, update, correct or delete the personal information in their registration profile by logging into their account. Bidscape.it account holders may also contact us at privacy@bidscape.it to accomplish the foregoing or if you have additional requests or questions.

Access to Data Controlled by our Clients

Bidscape.it has no direct relationship with the individuals whose personal information is contained within the Client Services Data processed by the Service. An individual who seeks to access, correct or delete personal information provided by our Clients should direct their request the Client. Similarly, if your Service account is administered by your employer or other organization, you should direct your request regarding your account or personal information (including requests to access, correct or delete it) to the organization’s administrator. See the Organization-Administered Accounts section below for details. You may also contact us at privacy@bidscape.it if you have additional questions or concerns.

Marketing communications

You may opt out of marketing-related emails by logging in and changing your account settings or by following the opt-out prompt in the email. You may continue to receive Service-related and other non-marketing emails.

Testimonials

If you gave us consent to post a testimonial to our site, but wish to update or delete it, please contact us.

Choosing not to share your personal information

If you do not provide information indicated as required or mandatory within the Service, or that is otherwise necessary to provide a requested service or feature within the Service, that portion or all of the Service may be unavailable to you and we may deactivate your account.

Tracking and Targeted Advertising

We may allow service providers and other third parties to use cookies and other tracking technologies to track your browsing activity over time and across the Service and third party websites. For example, we may partner with third party advertisers to display advertising on the Site or manage our advertising on other sites. These advertisers may also provide you targeted ads based upon your interests on third party sites. We also use third party website analytics services that help us analyze users’ interactions with the Site. For more details, see our Website Data Collection Policy. You may opt out of certain tracking activities on our Site in our Website Data Collection Preferences center. In addition, some advertising networks allow you to opt out of targeted advertising. For more information, visit http://www.aboutads.info/choices/ or http://www.youronlinechoices.com.

Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to do not track or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

In some of our communications, we track clicks on links in the communications to content in the Service to help us measure the effectiveness of our communications.

Social Media Widgets

Our Service may include social media features, such as the Facebook “like” button and widgets, such as the “share this” button. These features may collect your personal information and track your use of the Service. These social media features are either hosted by a third party or hosted directly in the Service. Your interactions with these features are governed by the privacy policy of the company providing such functionality.

Payment Information

Any payment card information you use to make a purchase on the Service is collected and processed directly by our payment processor, Stripe and we never receive or store your full payment card information. Stripe commits to complying with the Payment Card Industry Data Security Standard (PCI-DSS) and using industry standard security. Stripe may use your Payment Information in accordance with its own Privacy Policy here: https://stripe.com/us/checkout/legal.

Security

The security of your personal information important to us. We take a number of organizational, technical and physical measures designed to protect the personal information we collect, both during transmission and once we receive it. However, no security safeguards are 100% secure and we cannot guarantee the security of your information.

International Data Use

Bidscape.it is headquartered in the United States and has affiliates and service providers in other countries, and your personal information may be collected, used and stored in the United States or other locations outside of your home country. Privacy laws in the locations where we handle your personal information may not be as protective as the privacy laws in your home country.

European Union users should read the important information provided here about transfer of personal information outside of the European Economic Area.

Third Party Sites and Services

The Service may contain links to other websites and services operated by third parties, such as social media platforms, advertising services and other websites and applications. These links are not an endorsement of, or representation that we are affiliated with, any third party. We do not control third party websites, applications or services, and are not responsible for their actions. Other websites and services follow different rules regarding their collection, use and disclosure of your personal information. We encourage you to read their privacy policies to learn more.

User Generated Content

We may make available in the Service, or link to, features that allow you to share information online (e.g., on message boards, in chat areas, in file uploads, through events, etc.). Please be aware that whenever you voluntarily disclose personal information online, that information becomes public and can be collected and used by others. We have no control over, and take no responsibility for, the use, storage or dissemination of such publicly-disclosed personal information. By posting personal information online in public forums, you may receive unsolicited messages from other parties.

Children

The Service is not directed at, and Bidscape.it does not knowingly acquire or receive personal information from, children under the age of 16. If we learn that any user of the Service is under the age of 16, we will take appropriate steps to delete that individual’s personal information and restrict that individual from future access to the Service.

Organization-Administered Accounts

Where the Service is provided to you through your employer or another organization, that organization is the administrator of the Service and we act only as its service provider. We are not responsible for the privacy or security practices of these organizations, which have their own privacy policies, and we encourage you to contact them with your privacy-related questions or requests to access, correct or delete your personal information. Please note that your organization’s administrator may be able to:

require you to reset your account password;
restrict, suspend or terminate your access to the Service;
access information in and about your account;
access or retain information stored as part of your account;
change the email address associated with your account;
change your information, including profile information; and
restrict your ability to edit, restrict, modify or delete information.

Please contact your organization or refer to your administrator’s organizational policies for more information.

Changes to this Privacy Policy

We reserve the right to modify this Privacy Policy at any time. We encourage you to periodically review this page for the latest information on our privacy practices. If we make material changes to this Privacy Policy we will notify you by email (if you have an account linked to a valid email address) or another manner through the Service that we believe is reasonably likely to reach you.

Any modifications to this Privacy Policy will be effective upon our posting of the new terms and/or upon implementation of the new changes in the Service (or as otherwise indicated at the time of posting). In all cases, your continued use of the Service after the posting of any updated Privacy Policy indicates your acceptance of the update.

Contact Us

If you have any questions or concerns about our Privacy Policy, please contact us.

Graflo Group LLC, Attention: Data Protection Officer

Email: privacy@bidscape.it

Additional Information for European Union Users

Personal information

References to “personal information” in this Privacy Policy are equivalent to “personal data” governed by European data protection legislation.

Controller, Data Protection Officer and EU Representative

Bidscape.it, Inc. is the controller of your personal information covered by this Privacy Policy for purposes of European data protection legislation and you can contact us and our Data Protection Officer using the contact details listed in the Contact Us section above. Our EU representative is:

Graflo Group LLC, Attention: Data Protection Officer

Email: privacy@bidscape.it

Legal bases for processing

We only use your personal information as permitted by law. We are required to inform you of the legal bases of our processing of your personal information, which are described in the table below. If you have questions about the legal basis of how we process your personal information, contact us at privacy@bidscape.it.

Processing purpose	Legal Basis
To provide the Service	You have entered a contract with us and we need to use your personal information to provide services you have requested or take steps that you request prior to providing services.
To send you marketing communcations To deliver you advertising To create anonymous data For compliance, fraud prevention and safety To prosecute or defend legal claims	These processing activities constitute our legitimate interests. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal information for our legitimate interests. We do not use your personal information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
For compliance with law	Processing is necessary to comply with our legal obligations
With your consent	Processing is based on your consent. Where we rely on your consent you have the right to withdraw it anytime in the manner indicated in the Service or by contacting us at privacy@bidscape.it.

Use for new purposes

We may use your personal information for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis.

Retention

We will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

Your rights

European data protection laws give you certain rights regarding your personal information. You may ask us to take the following actions in relation to your personal information that we hold:

Opt-out. Stop sending you direct marketing communications. You may continue to receive Service-related and other non-marketing communications.
Access. Provide you with information about our processing of your personal information and give you access to your personal information.
Correct. Update or correct inaccuracies in your personal information.
Delete. Delete your personal information.
Transfer. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
Restrict. Restrict the processing of your personal information.
Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.

You can submit these requests by email to privacy@bidscape.it or our postal address provided above. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or response to your requests regarding your personal information, you may contact us or submit a complaint to the data protection regulator in your jurisdiction. You can find your data protection regulator here.

Cross-Border Data Transfer

If we transfer your personal information out of the European Economic Area or Switzerland and are required to apply additional safeguards to your personal information under European data protection legislation, we will do so. Such safeguards may include applying the European Commission Model contracts for the transfer of personal data to third countries described here, or for transfers to third parties in the United States, ensuring they participate in the EU-U.S. Privacy Shield Framework or Swiss-U.S. Privacy Shield Framework. Please contact us for further information about any such transfers or the specific safeguards applied.

Bidscape.it itself has self-certified to the EU-U.S. and Swiss-U.S. Privacy Shield. For more information, see our Privacy Shield Notice.

Privacy Shield Notice

Effective as of December 6, 2018.

Graflo Group LLC (“Bidscape.it” or “we”, “us” or “our”) complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data transferred to it in the United States from the European Economic Area (“EEA”) or Switzerland, respectively. We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles. To learn more about the Privacy Shield program, the Privacy Shield Principles and to view our certification, please visit www.privacyshield.gov.

Scope. Our certification of adherence to the Privacy Shield Principles applies to the personal data that (a) we collect from our customers and other visitors to our website for account management, billing or marketing purposes (“Bidscape.it User Data”) and (b) that we process on behalf of our customers in providing online services to them under a service agreement (“Services Data”).

Data processed. The Bidscape.it User Data that we collect, use and share is described in our Privacy Policy. While our customers decide what Services Data to submit, it typically includes information about their own users and how they use the customer’s sites, applications and services and third party applications. We process Services Data as instructed by our customers and do not own or control Services Data.

Purposes of data processing. We collect, use and share Bidscape.it User Data for the purposes described in our Privacy Policy. We process Services Data for the purpose of providing our online services to our customers, which may include accessing and processing the data to provide the services, to correct and address technical or service problems, to follow instructions of the customer who submitted the data, or in response to contractual requirements.

Inquiries and complaints. If you believe Bidscape.it maintains your personal data within the scope of our Privacy Shield certification, you may direct any inquiries or complaints concerning our Privacy Shield compliance to privacy@bidscape.it. If you are located in the EEA or Switzerland and have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

Arbitration. If you are located in the EEA or Switzerland and neither Bidscape.it nor our dispute resolution provider resolves your complaint, you may be entitled to invoke binding arbitration under certain conditions more fully described on the Privacy Shield website.

Third parties who may receive personal data. We share Bidscape.it User Data with third parties as described in our Privacy Policy. We may share Services Data with third parties under the following circumstances and only in accordance with the applicable customer agreements:

Affiliates. We may disclose Services Data to our subsidiaries and corporate affiliates for use consistent with this Privacy Policy.
Service Providers. We may employ third party companies and individuals to administer and provide the Service on our behalf (such as customer support, hosting, website analytics, email delivery, database management services). Bidscape.it maintains contracts with these service providers restricting their access, use and disclosure of personal data in compliance with our Privacy Shield obligations, including the onward transfer provisions, and we may be liable if they fail to meet those obligations and we are responsible for the event giving rise to damage.
Legal requirements. We may disclose Services Data if required to do so by law in order to (for example) respond to a subpoena or request from law enforcement, a court or a government agency, or in the good faith belief that such action is necessary (a) to comply with a legal obligation, (b) to protect or defend our rights, interests or property or that of third parties, (c) to prevent or investigate possible wrongdoing in connection with the services, (d) to act in urgent circumstances to protect the personal safety of customers, their users or the public; or (e) to protect against legal liability.
Business Transfers. As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, Services Data may be part of the transferred assets.

In addition, we may be required to disclose any personal data that we process in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Your rights to access, to limit use, and to limit disclosure. Individuals in the EEA and Switzerland have rights to access personal data about them, and to limit use and disclosure of their personal data. With our Privacy Shield self-certification, we have committed to respect those rights. We process Services Data only on behalf of our customers in accordance with their instructions. This means that if you wish to access Services Data and request that we correct, amend or delete it if it is inaccurate or processed in violation of Privacy Shield, you should contact that customer with your request. We will then help them to fulfill that request in accordance with their instructions.

If your personal data includes Bidscape.it Personal Data, you can request access to that data and request that we correct amend, or delete it if it is inaccurate or processed in violation of Privacy Shield by emailing your request to privacy@bidscape.it. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions.

U.S. Federal Trade Commission Enforcement. Bidscape.it’s commitments under the Privacy Shield are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.

If there is any conflict between the terms in this Privacy Shield Notice and the Privacy Shield Principles, the Privacy Shield Principles shall take precedence.