Cyprus Privacy Policy


This Data Protection Privacy Policy shall be effective as and from the 25th May 2018.

This is your guide as to how your personal data is managed by BidX1. Data privacy is taken very seriously by us. This document outlines our approach under the General Data Protection Regulation 2018 (GDPR). In this notice, we explain how we collect personal information about you, including any data you may provide through this website, how we use it and how you can interact with us about it.

This website is not intended for children and we do not knowingly collect data relating to children.

Please, read and understand this privacy policy and any other policy we may provide from time to time when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy policy is supplementary to the other policies and is not intended to override them.

  1. Who are BidX1?

BidX1 is the trading name for different companies and the name of an online property platform, which is used by ISLANDERS ESTATE AGENCIES LTD and BidX1 group of companies, details of which can be found at

This privacy notice is issued on behalf of ISLANDERS ESTATE AGENCIES LTD (HE 343350), Bidx1 Auction Limited, TM BidX1 Technology Limited and BidX1 Acquisitions Limited so when we mention BidX1, "we", "us" or "our" in this privacy notice, we are referring to the companies aforementioned, which are responsible for your data.

BidX1 is the controller for your data and responsible for this website.

  1. Why do you collect information about me? What information will you collect?

There are a number of reasons why BidX1 collect information. We need to know how to contact you, we need to be certain of your identity and we need to understand your circumstances so that we can offer you the best possible customer experience.

The type of information that BidX1 may collect from you includes:

  1. How do you collect information about me? And when do you do so?

We collect information about you in a number of different ways. Some examples include:

  1. How do you use my information?

We may use your personal data for matters such as confirming your identity, to help us in the processing of an application for one of our services or to improve your customer experience with us.

Your data is used to manage and administer your account. Your data is also used to process transactions. An example is where you have provided us with your credit or debit card information or if you have provided us with your bank account details.

We may use your data to contact you by post, phone, text message, email or social media using our website or other means but not in a way that is contrary to your instructions to us, legitimate interest or contrary to law. We may monitor and record our conversations when we speak on the telephone (to check your instructions to us and for training and quality purposes) but will advise you if we are doing so. Your data may also be used to recover debts you may owe and also to manage and respond to a complaint or appeal that you have.

The processing of your data may be necessary for the performance of an existing contract we have with you or to take steps prior to entering into such a contract.

We may also use your data to manage our business for our legitimate interests, such as gathering location information from your mobile phone or other electronic device you may use to interact with us. Another legitimate interest of BidX1 is to conduct marketing activities such as direct marketing (provided that you have not objected to us using your details in this way) and research, including customer surveys, analytics and related activities.

Your data may be used to carry out strategic planning and business portfolio management. This could include compiling and processing your information for audit, statistical or research purposes (including, in some instances, making your data anonymous) in order to help us understand trends in our customer behaviour and to understand our risks better, including providing management information, operational and data risk management. 

We may use your data to protect our business, reputation, resources and equipment, to manage network and information security (developing, testing and auditing our websites and other systems, dealing with accidental events or unlawful or malicious actions that compromise the availability, authenticity, integrity and confidentiality of stored or transmitted personal data, and the security of the related services).

We protect your information with security measures under laws that apply, and we meet international standards in doing so. We keep our equipment, files and buildings secure. Personal data could be used to prevent and detect fraud, dishonesty and other crimes (such as preventing someone trying to steal your identity), including using CCTV at BidX1 office premises.

BidX1 may in the future wish to sell, transfer or merge part or all of its business or assets or to buy a new business or the assets of another business or enter into a merger with another business. If so, we may disclose your personal information under strict duties of confidentiality to a potential buyer, transferee, merger partner or seller and their advisers, so long as they agree to keep it confidential and to use it only to consider the possible transaction.

We need to use your information to manage and administer legal and compliance matters within BidX1, including compliance with regulatory, legislative and voluntary codes of practice to which we have committed. We use your data to comply with your information rights, to establish your identity and to comply with laws and regulations concerning the prevention of money laundering, fraud and terrorist financing. As a result, we may need to disclose information to government and other statutory bodies. Your data may be used to comply with binding court orders, search warrants, requests to assist regulatory or police authorities with the investigation or prevention of an offence and orders relating to requests for mutual legal assistance in criminal matters received from foreign law enforcement agencies.

In relation to properties which we offer for sale, legal or other documentation is uploaded onto our website by Attorneys acting on behalf of Vendors. This documentation is uploaded for the sole purpose of allowing interested parties to carry out due diligence prior to placing a bid in relation to a property. Legal documentation will generally only be available to view for the marketing period relating to an auction, unless a property has sold prior to, or is withdrawn prior to, the auction. If a property is unsold at auction the legal documents will remain available for a 7-day period only post the auction. 

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that it is required to use it for another reason, which is compatible with the original purpose. If you would like us to explain to you as to how the processing for the new purpose is compatible with the original purpose, please contact us. However, if we need to use your personal data for an unrelated purpose, we will get in touch with you and explain the legal basis which allows us to do so.

Sometimes, we may process your personal data without your knowledge or consent, but only in compliance with the rules abovementioned and when it is required or permitted by law.

It is of high importance that the personal data you give us is accurate and up-to-date. Please keep us posted if there is any change.

  1. Does BidX1 use automated processing or analytics? What is the legal basis?

We do not use automated processing in relation to the information we collect from you as part of our business. 

BidX1 use analytics for statistical purposes. This enables us to make more informed business decisions, including improving the quality of services we can offer. 

  1. Do you share my information with anyone else?

We only share your information with a certain number of other parties and only as necessary. Examples of information sharing here include:

  1. What about links on your website to other sites and social media?

Our Site may, from time to time, contain links to and from other websites and web platforms. In addition, third parties’ websites may also provide links to our Site. If you follow a link to any of those websites or web platforms, please note that we do not control those websites and web platforms, which have their own privacy policies and therefore, we do not accept any responsibility or liability for those policies. Please check those policies before you submit any personal data to those websites. We do not accept, and we disclaim, any responsibility for the privacy statements and information protection practices of any third-party website (whether or not such website is linked on or to the Site). These links are provided to you for convenience purposes only, and you access them at your own risk. It is your responsibility to check the third-party website’s privacy statements before you submit any personal data to their websites.

Our Site may also have “plugins” (such as the Facebook “share” or “like” button) to third-party sites or offer login (such as log in with Facebook) through a third-party account. Third-party plugins and login features, including their loading, operation and use, are governed by the privacy policy and terms of the third party providing them.

  1. How long do BidX1 hold onto my information?

The length of time we hold your data depends on a number of factors, such as regulatory and statutory requirements. Other considerations are the type of data we hold about you, whether the data is required for a legal dispute and whether you or a regulatory authority ask us to keep it for a valid reason.

As a general rule, we keep your information for a period of 8 years. However, if you request that BidX1 delete your data (prior to this 8-year period elapsing) we shall process your request unless there is a valid reason not to delete the data (such as a requirement to hold onto your data as we have a legal obligation to do so).

  1. What happens if I do not provide requested information to BidX1?

Sharing information with us is in both your interest and ours. We need your information in order to provide our services to you, fulfil any contracts we have with you, to manage our business for our legitimate interests and to comply with our legal obligations.

You can choose not to share information with us, but you must understand that this may limit the services we are able to provide to you. We may not be able to provide you with certain services that you request. For example, if you do not provide us with all requested information when registering for an auction we may not be able to approve you to bid on a property.

  1. What is the legal basis for BidX1 using my information? 

We will use your data and may share that data where:

  1. Does BidX1 process my information outside the European Economic Area (EEA)?

Your information is stored on secure systems within the premises of BidX1 and with providers of secure information storage. BidX1 do not generally transfer information about you outside the EEA.

In certain circumstances, we may allow the transfer of information about you outside the EEA by our service providers, but only if they agree to act solely on our instructions and to protect your information to the same standard that applies in the EEA. Where we authorise the processing/transfer of your personal information outside of the EEA, we require your personal information to be protected to at least Cypriot standards.

  1. What rights do I have under GDPR?

You have several rights in relation to how we use your information and we have significant obligations in this regard.

You have the right to:

We shall process your request without undue delay. In most instances, we will process your request within one calendar month. If we are unable to deal with your request fully within a calendar month (due to the complexity or number of requests), we may extend this period by a further two calendar month period. Should this be necessary, we will explain the reasons why. 

You also have the right to complain to BidX1, the Commissioner for Personal Data Protection or another supervisory authority. If you have a complaint about the use of your personal information, please let BidX1 know and we shall seek to resolve your issue as soon as possible. If you wish to make a complaint to BidX1 you may do so in person, by telephone, in writing or by email. Please be assured that all complaints received by us will be fully investigated. We ask that you supply as much information as possible to help us to resolve your complaint quickly.

  1. How do I contact BidX1 and/or your Officer for Personal Data Protection?

If you have any questions about how your personal data is gathered, stored, shared or used, or if you wish to exercise any of your data rights, you can check our Privacy Policy or contact our Data Protection Officer at:



Telephone: +353 (0)1 667 3388

Postal Address: BidX1, 2 Shelbourne Buildings, Crampton Avenue, Dublin 4, D04 W3V6

  1. 14. Can I contact anyone else?

If you are not satisfied with how BidX1 are dealing with your complaint you can contact the Office of the Commissioner for Personal Data Protection at

Office address:

Iasonos 1, 1082 Nicosia, Cyprus

Postal address:

P.O.Box 23378, 1682 Nicosia, Cyprus

Tel: +357 22818456

Fax: +357 22304565


However, it will be highly appreciated if you give us the opportunity to deal with your concerns before you approach the Commissioner for Personal Data Protection so please contact us in the first instance.

  1. Will there be any changes to your Privacy Policy?

We will update this Data Protection Privacy Policy from time to time. Any changes will be made available on this page.