Privacy Policy

Introduction statement.

1. As a business headquartered in Asia, we are subject to certain regulations (among which, the European General Data Protection Regulation) that require us to comply with a number of obligations regarding your data.

2. BridgeBit is strongly committed to protecting personal data. In this document, you can learn everything about how we use your data: that we collect it from you and your actions, that we process only what we need in order to perform what you have asked or consented to (or what the law requires us to…), that we protect with appropriate technology. 

3. We may also disclose personal information under the following circumstances:

1. 1. with professional advisers, for example, law firms, as necessary to establish, exercise or defend our legal rights and obtain advice in connection with the running of our business – personal data may be shared with these advisers as necessary in connection with the services they have been engaged to provide;

   2. when explicitly requested by you;

   3. when required to deliver publications or reference materials requested by you;

   4. when required to facilitate conferences or events hosted by a third party;

   5. to law enforcement, regulatory and other government agencies and to professional bodies, as required by and/or in accordance with applicable law or regulation. 

4. BridgeBit may also review and use your personal information to determine whether disclosure is required or permitted.

5. Your local law may require us to set out in this privacy statement the legal grounds on which we rely in order to process your personal information. In such cases, we rely on one or more of the following processing conditions:

1. 1. our legitimate interests in the effective delivery of information and services to you and in the effective and lawful operation of our businesses and the legitimate interests of our clients in receiving services from us as part of running their organisation (provided these do not interfere with your rights);

   2. our legitimate interests in developing and improving our businesses, services and offerings and in developing new BridgeBit technologies and offerings (provided these do not interfere with your rights);

   3. to satisfy any requirement of law, regulation or professional body of which we are a member (for example, for some of our services, we have a legal obligation to provide the service in a certain statutory way);

   4. to perform our obligations under a contractual arrangement with you; or

   5. where no other processing condition is available, if you have agreed to us processing your personal information for the relevant purpose.

6. The right to privacy is a basic human right. We will fight for yours.

7. We may update this privacy statement at any time by publishing an updated version here. So you know when we make changes to this privacy statement, we will amend the revision date at the top of this page. The new modified or amended privacy statement will apply from that revision date. Therefore, we encourage you to review this privacy statement periodically to be informed about how we are protecting your information.

Point 4 How do we protect your personal data 

4.1. We are committed to protecting the privacy and confidentiality of your personal data. Access to your data is limited only to authorised BridgeBit officers, employees, contractors or others who may require access to it in order to perform the services requested by you.

4.2. We have security measures in place to protect our and our clients’ information (including personal data), which involve detecting, investigating and resolving security threats. Personal data may be processed as part of the security monitoring that we undertake. We monitor the services provided to clients for quality purposes, which may involve processing personal data stored on the relevant client file. We have policies and procedures in place to monitor the quality of our services and manage risks in relation to client engagements. We collect and hold personal data as part of our client engagement and acceptance procedures. As part of those procedures we carry out searches using publicly available sources (such as internet searches and sanctions lists) to identify politically exposed persons and heightened risk individuals and organisations and check that there are no issues that would prevent us from a particular client (eg. sanctions).

4.3. More specifically, we have implemented the following security measures:

1. Staff dedicated to cyber and physical security, that designs, implements and provides oversight to our information security program;

2. The use of specialised technology such as host-based security tools, network defence monitors, and intrusion detection systems;

3. Testing of the security and operability of products and services before they are introduced to the Internet, as well as ongoing scanning for publicly known vulnerabilities in the technology;

4. Internal and external reviews of our Internet website and services;

5. Monitoring of our systems infrastructure to detect weaknesses and potential intrusions;

6. Implementing controls to identify, authenticate and authorise access to various systems or sites;

7. Protecting information during transmission through various means including, where appropriate, encryption; and

8. Providing BridgeBit personnel with relevant training and continually updating our security practices in light of new risks and developments in technology.

Point 5 How can you exercise your data subjects rights

5.1. You may have certain rights under GDPR law in relation to the personal information we hold about you. In particular, you have a legal right to:

1. obtain confirmation as to whether we process personal data about you, receive a copy of your personal data and obtain certain other information about how and why we process your personal data

2. the right to request for your personal data to be amended or rectified where it is inaccurate (for example, if you change your address) and to have incomplete personal data completed.

5.2. Rights of the individual:

A. The right to delete your personal data in the following cases:

1. 1. the personal data is no longer necessary in relation to the purposes for which they were collected and processed;

   2. our legal ground for processing is consent, you withdraw consent and we have no other lawful basis for the processing;

   3. our legal ground for processing is that the processing is necessary for legitimate interests pursued by us or a third party, you object to the processing and we do not have overriding legitimate grounds;

   4. you object to processing for direct marketing purposes;

   5. your personal data has been unlawfully processed; or

   6. your personal data must be erased to comply with a legal obligation to which we are subject.

2. The right to restrict personal data processing in the following cases:

1. 1. for a period enabling us to verify the accuracy of personal data where you contested the accuracy of the personal data;

   2. your personal data have been unlawfully processed and you request restriction of processing instead of deletion;

   3. your personal data are no longer necessary in relation to the purposes for which they were collected and processed but the personal data is required by you to establish, exercise or defend legal claims; or

   4. for a period enabling us to verify whether the legitimate grounds relied on by us override your interests where you have objected to processing based on it being necessary for the pursuit of a legitimate interest identified by us.

3. The right to object to the processing of your personal data in the following cases:

1. 1. our legal ground for processing is that the processing is necessary for a legitimate interest pursued by us or a third party; or

   2. our processing is for direct marketing purposes.

4. The right to data portability.

The right to receive your personal data provided by you to us and the right to send the data to another organisation (or ask us to do so if technically feasible) where our lawful basis for processing the personal data is consent or necessity for the performance of our contract with you and the processing is carried out by automated means.

5. The right to withdraw consent.

Where we process personal data based on consent, individuals have a right to withdraw consent at any time. We do not generally process personal data based on consent (as we can usually rely on another legal basis).

If you consider that the processing of your personal data infringes the law, you may have the right to lodge a complaint with the data protection regulatory authority responsible for enforcement of data protection law in the country where you normally reside or work, or in the place where the alleged infringement occurred.

Point 7 Minors

We understand the importance of protecting children’s privacy, especially in an online environment. The Websites covered by this Privacy statement are not intentionally designed for or directed at children, and our Terms and conditions and Terms of use require all users to be above the age of majority in their local country. We adhere to laws regarding marketing to children. We never knowingly collect or maintain personal information about individuals under the age of 18.

Point 9 Miscellaneous 

9.1. Complying with any requirement of law, regulations or a professional body of which we are a member.

As with any provider of such type of services, we are subject to legal, regulatory and professional obligations. We need to keep certain records to demonstrate that our services are provided in compliance with those obligations and those records may contain personal data.

9.2. Improving and developing our services.

Where agreed with our clients, we may use information that we receive in the course of providing services for other lawful purposes, including analysis to better understand a particular issue, industry or sector, to improve our business, service delivery and offerings and to develop new BridgeBit technologies and offerings. To the extent that the information we receive in the course of providing professional services contains personal data, we will de-identify the data prior to using the information for these purposes.

9.3. Websites.

This section describes how BridgeBit handles personal information collected through the Websites on www.BridgeBit.com and any other BridgeBit Websites that link to this privacy statement (collectively, “the Websites”).

By using the Websites and providing personal information to us, you acknowledge you have read this privacy statement, and, to the extent your consent is necessary and valid under applicable law, you consent to the collection, use and disclosure of such personal information by the BridgeBit and any third party recipients in accordance with this privacy statement.

Some sites of the Websites may have (might have in future) privacy statements that differ from this one and/or contain additional information as required under local law. Please refer to the privacy statements on the sites you visit in order to understand how they collect and process your data. By accessing any sites available within the Websites or content within them, you (a) acknowledge you will review those Privacy statements and (b) to the extent required under applicable law, consent to the collection, processing and use of your personal data as described in those Privacy statements.

We do not intend to collect sensitive information through the Websites unless we are legally required to do so. Examples of sensitive information include race or ethnic origin; political opinions; religious or philosophical beliefs; trade union membership; physical or mental health; genetic data; biometric data; sexual life or sexual orientation; and criminal records. We ask that you do not provide sensitive information of this nature when using the Websites.  If you choose to provide sensitive information to us for any reason, the act of doing so constitutes your explicit consent, where such consent is necessary and valid under your local law, for us to collect and use that information in the ways described in this section of this Privacy statement or as described at the point where you choose to disclose this information.

We also do not actively seek demographic information from visitors to the Websites. However, you may choose to provide such information (including for example when becoming a Registered User, visiting our site from a social media site, submitting a resume, or responding to an online job application). If you choose to provide demographic information to us, the act of doing so constitutes your explicit consent, where such consent is necessary and valid under applicable law, for us to collect and use that information in the ways described in this section of the Privacy statement or as described at the point where you choose to disclose this information.

It is our policy to collect only minimum personal information required. If the Websites seek non-mandatory personal information about you, you will be notified of this at the point of collection. If you believe a Website has collected excessive information about you, please contact us to raise any concerns.

Some pages on the Websites may permit you to send emails to us. Messages sent via the Websites will contain your screen name and email address, as well as any additional information you wish to include in the message.

9.4. Third Party Links.

The Websites may link to third-party sites not controlled by BridgeBit and which do not operate under BridgeBit’ privacy practices. When you link to third-party sites, BridgeBit’ privacy practices no longer apply. We encourage you to review each third-party site’s privacy policy before disclosing any personally identifiable information.

9.5. Marketing

Where we are legally required to obtain your explicit consent to provide you with marketing materials, we will only provide you with such marketing materials if you have provided consent for us to do so.

If you opt into any subscriptions, you will receive automated emails when content is updated. If you opt into any newsletters, you will receive curated emails known as newsletters. 

9.6. Unsubscribe

If you want to unsubscribe from mailing lists or any registrations, you should look for and follow the instructions we have provided within the appropriate area(s) of the Websites or in the relevant communications to you.

If you do not wish to receive emails or marketing communications from us, you can at any time contact us to request that such communications cease. If you wish to unsubscribe or no longer receive only certain communications, please identify such communications in your request.

If you choose to unsubscribe from any or all mailings, we may retain information sufficient to identify you so that we can honour your request.

9.7. Account Deactivation

If you are a Registered User, you may deactivate your account at any time via the Registered User section of the Websites. If you deactivate your account on the Websites, you will no longer receive the benefits of being a Registered User. If you choose to deactivate your account, we may retain information sufficient to identify you so that we can honour your request.

If you have other registrations with BridgeBit, or have provided your information to BridgeBit through other means (such as subscribing to newsletter), those registrations will be maintained unless you take specific action to inform us to cease contacting you.

Any user generated content that you may have created before then will not be anonymised following deactivation, nor will it be immediately removed from our systems or records.

Point 10 Cookies Policy. 

This policy relates to the website www.BridgeBit.com, owned by BridgeBit Sp Z.o.o. , a limited company incorporated under the laws of Poland, with registered seat in Łódź, NIP 7252333408, KRS 0001047932 and explains how it deploys cookies and what options do you have to control them (the “Cookie Policy”).

10.1. What are “cookies”?

Cookies are very small pieces of data, stored in text files on your computer or other device when websites are loaded in a browser. They are used mainly to “remember” you and your preferences. In many sites, they ensure a consistent and efficient experience for visitors, and perform essential functions such as allowing users to register and remain logged in. Cookies can be set by the site that you are visiting (known as “first party cookies”), or by third parties, such as those who serve content or provide advertising or analytics services on the website (“third party cookies”). Websites may also contain other similar technologies such as “web beacons” or “pixels.” These are typically small transparent images that provide us with statistics, for similar purposes as cookies. They are often used in conjunction with cookies, though they are not stored on your computer in the same way. As a result, if you disable cookies, web beacons may still load, but their functionality will be restricted. For the purposes of this policy, we will use “cookies” as also including “web beacons” or “pixels”.

10.2 How can you control the use of cookies in this website?

A “cookie notice” appeared when you accessed our website, requesting your consent for the use of cookies. Your consent should be free, explicit, unambiguous and properly informed by this Cookie Policy. When you consent in this manner, we place advertising cookies on your browser. If you do not provide consent, we will not deploy any cookies in your browser. By doing so, you won’t share information with our analytics tool about events or actions that happen after the opt-out.

10.3. Registered users

We use these technologies to make navigation of the Websites easier for you and to better deliver tailored content to you. If you choose to become a Registered User: (a) we will use cookies to facilitate your registration and remember your preferences, (b) you will receive the benefits of registration only if you accept the strictly necessary cookies, which include those cookies used as part of registration.

10.4. Analytics and site statistics

We also use these technologies to gather usage information and statistics regarding use of the Websites. For example, we collect information about page visits and navigation to determine what content is of greatest interest and if users are able to find content easily. Likewise, we collect information about which content is viewed and whether content is viewed in their entirety to determine what content is of most interest to users. We also use usage information to generate various reports regarding use of the Websites. These reports contain aggregated information about users and do not single out users individually. If you are a Registered User we may also collect information on what specific interests you have in order to understand what content interests you most. Information about the cookies used on our Websites can be found below. 

10.5. Measuring effectiveness of our activities

We may utilise online identification technologies from marketing partners, third party sites and social media platforms. These technologies help us measure the efficacy of our marketing and awareness campaigns and to understand how visitors navigate to the Websites from Partners ad. We use these technologies to compile statistics about visitors who interact with the Websites online content, to gauge the effectiveness of our ads, and to provide more pertinent information to our visitors.

10.6. Managing cookies on your device

You can control and manage cookies using your browser. Please note that removing or blocking cookies can impact your user experience and some functionality may no longer be available.

10.7. Using your browser to control cookies

Most browsers allow you to view, manage, delete and block cookies for a website. Be aware that if you delete all cookies then any preferences you have set will be lost, including the ability to opt-out from cookies as this function itself requires placement of an opt out cookie on your device. 

10.8. Managing Analytics cookies

You can opt-out of having your anonymised browsing history within our websites or applications recorded by analytics cookies. 

10.9. Cookie disclosure

The following section explains the types, categories and purpose of cookies on the Websites. By using these Websites you consent to the deployment of cookies for the stated purpose.

10.9.1. Types of cookies:

(1) Session cookies: these cookies remain in your browser during your browser session only, i.e. until you leave the website.

(2) Persistent cookies: these cookies remain in your browser for a set period of time after the browser session (unless deleted by you).

10.9.2. Categories of cookies:

(1) Strictly Necessary Cookies: These cookies are fundamental to website functionality and cannot be switched off without blocking features on the site. They are usually set in response to your actions on the site, such as filling in forms, setting preferences, or logging in.

(2) Performance Cookies: These cookies allow us to gather analytics to improve the performance and functionality of our site. These analytics can include measurements on the popularity of a page, common patterns of how people browse around the site, and how frequently a certain feature is used.  We usually aggregate the data for review but in some cases we may collect information on content you have viewed in order to understand what interests you most.

(3) Customization cookies: These cookies help us to understand how effective our marketing campaigns are, and enhance your online experiences with us with customization.

(4) Advertising cookies:  BridgeBit may present ads to you on sites that are not owned or operated by BridgeBit to promote BridgeBit services, articles or events. The cookies are used to make advertising messages more relevant to you and your interests. They also perform functions like preventing the same ad from continuously re-appearing. These advertisements are solely intended to make you aware of relevant BridgeBit promotions. BridgeBit does not sell your data to any third parties. Please see our privacy policy for more details.

Point 11 

11.1. Under the General Data Protection Regulation (GDPR), which is a comprehensive data protection law in the European Union (EU), organizations are required to have a clear and transparent complaint policy related to privacy data. This policy ensures that individuals have avenues to raise concerns or complaints regarding the handling of their personal data by organizations. 

11.2. Complaint Submission Process.

11.2.1. BridgeBit’s Complaint Channel – complaints related to GDPR compliance may be submitted to BridgeBit using [email protected].

11.2.2. Submission of Complaint – You submit your complaint through the above mentioned e-mail. The complaint should include sufficient details to allow BridgeBit to understand the nature of the concern, including relevant information such as the your contact details, the specific data processing activities in question, and the alleged GDPR violations.

11.2.3. Acknowledgment of Receipt – Upon receiving a complaint, BridgeBit promptly acknowledges you the receipt of the complaint. This acknowledgment serves to reassure you  that your complaint has been received and is being taken seriously. It includes an indication of the expected timeframe for further communication or resolution.

11.2.4. Initial Assessment – BridgeBit conducts an initial assessment of the complaint to determine its validity and seriousness. This involves reviewing the information provided by you, assessing whether the complaint falls within the scope of GDPR, and identifying any immediate actions that are necessary to mitigate risks or address concerns.

11.2.5. Investigation and Resolution – If your complaint is deemed credible and falls within the BridgeBit’s responsibility under GDPR, an investigation is initiated. This investigation involves gathering additional information, interviewing relevant parties, reviewing relevant documentation, and assessing compliance with GDPR requirements. Based on the findings of the investigation, BridgeBit takes appropriate actions to address the complaint, which includes implementing corrective measures, providing remedies to affected individuals, or making changes to its data processing practices.

11.2.6. Communication with Complainant – Throughout the process, BridgeBit maintains communication with you to provide updates on the status of the investigation and any actions taken to address the complaint. This communication helps to keep you informed and engaged, demonstrating transparency and accountability.

11.2.7. Resolution and Follow-Up – Once the complaint has been adequately addressed and resolved to the satisfaction of both parties, BridgeBit communicates the outcome to you. This communication includes details of the actions taken and any remedies provided. 

11.2.8. Documentation and Record-Keeping – Throughout the complaint handling process, BridgeBit maintains comprehensive records documenting the details of the complaint, the investigation process, and the actions taken to resolve it. These records serve as evidence of GDPR compliance and may be subject to regulatory scrutiny.

11.3. Escalation and External Remedies – If you are not satisfied with the BridgeBit’s response to your complaint, you have the right to escalate the matter internally within the BridgeBit (by using appeal from first decision) or seek external remedies through Polish data protection authorities.

11.4. Polish data protection authority – The President of the Office for Personal Data Protection. Office of the President for Personal Data Protection [Urzad Ochrony Danych Osobowych]. Stawki 2 Str. 00-193 Warsaw.Poland.

Point 12.

Legal Disclaimer 

The information contained in this site is for general guidance on matters of interest only. The application and impact of laws can vary widely based on the specific facts involved. Given the changing nature of laws, rules and regulations, and the inherent hazards of electronic communication, there may be delays, omissions or inaccuracies in information contained in Websites. While we have made every attempt to ensure that the information contained in this site has been obtained from reliable sources, BridgeBit is not responsible for any errors or omissions, or for the results obtained from the use of this information. All information in this site is provided “as is”, with no guarantee of completeness, accuracy, timeliness or of the results obtained from the use of this information, and without warranty of any kind, express or implied, including, but not limited to warranties of performance, merchantability and fitness for a particular purpose. In no event will BridgeBit, its related member entities, or the partners, agents or employees thereof be liable to you or anyone else for any decision made or action taken in reliance on the information in this Site or for any consequential, special or similar damages, even if advised of the possibility of such damages.