Security & Compliance.
Built In From Day One.
Data Protection to the Highest Standards
As a German company, BidFix is exclusively subject to German and European law. All customer data is stored on servers in German data centers.
Third-country laws such as the US Cloud Act or Patriot Act cannot be applied to BidFix. Your sensitive procurement data is protected from third-country access.
ISO 27001 Certified
International standard for information security
GDPR Compliant
Full compliance with the General Data Protection Regulation
German Company
Subject only to German and EU law
US Cloud Act Protection
No applicability of US laws
Technical Security
SSL/TLS Encryption
256-bit AES for all data transfers
Redundant Data Storage
Multiple mirrors for maximum uptime
Automatic Backups
Regular backup of all data
Two-Factor Authentication
Optional 2FA for additional protection
Role-Based Access Control
Granular permissions for teams
DPA Available
Data Processing Agreement per GDPR
On-Premise & Critical Infrastructure
For organizations with special security requirements, we also offer on-premise installations or hosting on critical infrastructure upon request.
On-premise in your infrastructure
Critical infrastructure compliant hosting
Custom requirements
Questions about Security & Privacy?
Visit our Trust Center or contact us for more information.