BidVet

Privacy Policy

Last updated: January 15, 2026

End-to-End Encryption

TLS 1.3 in transit, AES-256 at rest

SOC 2 Compliant

Enterprise-grade infrastructure

Your Data Stays Yours

Never shared or sold

1. Introduction

BidVet ("we," "us," or "our") respects your privacy and is committed to protecting your personal data and business-sensitive documents. This privacy policy will inform you as to how we look after your personal data when you visit our website and use our bid leveling services, and tell you about your privacy rights and how the law protects you.

We understand that as a construction professional, you are entrusting us with highly confidential business information—subcontractor bids, project costs, and client data. We take this responsibility extremely seriously and have implemented robust security measures to protect this information.

2. The Data We Collect

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:

  • Identity Data: includes first name, last name, username or similar identifier.
  • Contact Data: includes billing address, delivery address, email address and telephone numbers.
  • Transaction Data: includes details about payments to and from you and other details of products and services you have purchased from us.
  • Technical Data: includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform on the devices you use to access this website.
  • Usage Data: includes information about how you use our website, products and services.
  • Bid Data: includes the construction documents, estimates, and subcontractor bids you upload for analysis.

3. Document & Bid Data Protection

We recognize that the bid documents you upload contain highly sensitive competitive information. Here's how we protect your documents:

Document Security Measures

  • Encryption at Rest: All uploaded documents are encrypted using AES-256 encryption before being stored in our database.
  • Encryption in Transit: All data transfers use TLS 1.3 encryption to protect your files during upload and download.
  • Access Control: Your documents are accessible only to you. We implement strict row-level security policies ensuring no other user can access your data.
  • Data Deletion: You can delete your projects and documents at any time. Deleted data is permanently removed from our systems within 30 days.

Important: We never share your bid documents, pricing information, or subcontractor details with other users, competitors, or third parties. Your competitive bid information remains strictly confidential.

4. Client & Subcontractor Information

We understand your documents may contain information about your clients, project owners, and subcontractors. We handle this third-party information with the same level of security as your own data:

  • No Data Mining: We do not mine, aggregate, or analyze client/subcontractor information across different users.
  • No Cross-Referencing: Subcontractor pricing from your bids is never cross-referenced or shared with other general contractors.
  • Isolated Processing: Each user's data is processed in isolation—your data never intersects with another user's data.
  • No Unauthorized Access: Our employees cannot access your documents without explicit authorization for support purposes.

5. How We Use Your Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • To provide the bid leveling service you have requested.
  • To process and analyze uploaded documents using AI technologies.
  • To manage your account and subscription.
  • To improve our website, products/services, marketing or customer relationships.
  • To comply with a legal or regulatory obligation.

We never use your bid data to:

  • Train machine learning models on your specific project data
  • Share pricing information with competitors
  • Create aggregate pricing databases
  • Market to your subcontractors or clients

6. Data Security Infrastructure

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed:

  • SOC 2 Type II Compliant: Our infrastructure meets rigorous security and availability standards.
  • Secure Cloud Hosting: Data is stored on enterprise-grade cloud infrastructure with automatic backups and redundancy.
  • Regular Security Audits: We conduct regular security assessments and penetration testing.
  • Employee Access Controls: Access to your data is limited to employees who have a business need to know, and all access is logged and audited.
  • Incident Response: We have procedures in place to detect, report, and investigate personal data breaches.

7. Third-Party AI Processing

Our service utilizes third-party AI providers (such as OpenAI) to process text and data from your uploaded documents. Here's what you need to know:

  • Data Processing Agreements: We have strict data processing agreements with our AI providers.
  • No Model Training: Your data is NOT used to train public AI models.
  • Ephemeral Processing: Document content is sent for analysis and discarded by the AI provider after processing.
  • API-Only Access: We use enterprise API tiers that provide additional privacy protections.

If you provide your own OpenAI API key, your data is processed directly through your own OpenAI account, and we do not have visibility into that processing relationship.

8. Data Retention

We retain your data according to the following guidelines:

  • Active Account Data: Retained while your account is active and for 90 days after account closure.
  • Deleted Projects: Permanently removed within 30 days of deletion request.
  • Transaction Records: Retained for 7 years for legal and tax compliance.
  • Technical Logs: Automatically deleted after 90 days.

You can request complete deletion of your account and all associated data at any time by contacting us at support@bidvet.com.

9. Your Legal Rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data:

  • Right to Access: Request copies of your personal data.
  • Right to Correction: Request correction of inaccurate personal data.
  • Right to Erasure: Request deletion of your personal data.
  • Right to Restrict Processing: Request restriction of processing of your personal data.
  • Right to Data Portability: Request transfer of your personal data.
  • Right to Object: Object to processing of your personal data.
  • Right to Withdraw Consent: Withdraw consent where we rely on consent for processing.

To exercise any of these rights, please contact us at support@bidvet.com. We will respond to your request within 30 days.

10. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • The right to know what personal information is being collected about you.
  • The right to know whether your personal information is sold or disclosed and to whom.
  • The right to opt-out of the sale of personal information.
  • The right to non-discrimination for exercising your CCPA rights.

Important: We do not sell your personal information to third parties.

11. Contact Us

If you have any questions about this privacy policy, our privacy practices, or wish to exercise your data protection rights, please contact us at:

BidVet Support

Email: support@bidvet.com

We aim to respond to all requests within 2 business days.