How Bidroom Protects Your Information
At Bidroom, protecting your personal information, financial data, and project details is our highest priority. We implement industry-leading security measures and follow strict data protection practices to ensure your information remains safe and private throughout your use of the platform.
Data We Collect and Why
| Data Type | Purpose | Who Can See It |
|---|---|---|
| Profile Information | Account functionality, matching, search | Other platform users (public profile) |
| Project Details | Project management, bidding, milestone tracking | Authorized project participants only |
| Financial Data | Payment processing, escrow management | You and Stripe (our payment processor) |
| Communication Data | In-app messaging, RFIs, notifications | Conversation participants only |
| Usage Analytics | Platform improvement, feature development | Bidroom team (aggregated, anonymized) |
| Location Data | Contractor matching, project mapping | Approximate location shown in profile |
Security Measures
- Encryption in Transit — All data transmitted between your device and our servers is encrypted using TLS 1.3, the same standard used by major banks.
- Encryption at Rest — Stored data is encrypted using AES-256 encryption, ensuring it remains protected even in the event of a physical breach.
- Payment Security — Financial data is handled exclusively by Stripe, a PCI DSS Level 1 certified payment processor. Bidroom never stores your credit card numbers or bank account details on our servers.
- Access Controls — Internal access to user data is restricted to authorized personnel with role-based access controls and audit logging.
- Regular Security Audits — We conduct regular security assessments and penetration testing to identify and address potential vulnerabilities.
Your Privacy Controls
- Profile Visibility — Control which profile elements are publicly visible and which are restricted to project participants only.
- Data Export — Request a complete export of all your personal data at any time through Settings > Privacy > Export Data.
- Account Deletion — Request permanent deletion of your account and associated data through Settings > Privacy > Delete Account. Active projects must be completed or transferred before deletion.
- Communication Preferences — Control who can contact you and through which channels via your notification preferences.
- Location Sharing — Choose whether to share your precise location or only your city/region for matching purposes.
Compliance
Bidroom complies with the California Consumer Privacy Act (CCPA), which gives California residents specific rights regarding their personal information including the right to know, the right to delete, and the right to opt out of data sales. We do not sell your personal information to third parties. We also comply with applicable federal regulations including the Gramm-Leach-Bliley Act for financial data protection.
Reporting Security Concerns
If you discover a potential security vulnerability or suspect unauthorized access to your account, contact us immediately at security@bidroom.io. We take all security reports seriously and will investigate promptly. For your protection, never share your password, authentication codes, or account access with anyone claiming to be from Bidroom support — we will never ask for this information.