1. Scope
This Privacy Policy explains how TenderOS (“we”, “us”) collects, uses, discloses, and protects personal information when you visit our website or use the TenderOS platform (the “Service”). When you use the Service as part of an organisation, that organisation is the controller of the Customer Data you upload, and we act as a processor on its behalf.
2. Data we collect
- Account data: name, work email, organisation, role, authentication tokens.
- Customer Data: RFP documents, proposal drafts, knowledge-base files, tender metadata, comments, and any other content you upload.
- Usage data: session timestamps, feature usage, API call counts, vision-page counts, generated-token counts.
- Diagnostic data: error reports and traces sent to Sentry and Langfuse, scrubbed of personal identifiers where possible.
3. Why we process it
We process personal information to:
- Provide, maintain, and improve the Service.
- Authenticate users and enforce ABAC permissions.
- Process payments and issue invoices.
- Detect, investigate, and prevent fraud and abuse.
- Send transactional emails (sign-in, ingestion completion).
- Perform aggregated, de-identified analytics to inform our roadmap.
4. Legal basis
Where the GDPR applies, our legal basis for processing personal information is performance of the contract, our legitimate interests, your consent (for marketing emails), or compliance with a legal obligation, as relevant.
5. Subprocessors
We use a small number of carefully vetted subprocessors. The current list is maintained in our Data Processing Agreement and includes, at the date of this policy:
- Amazon Web Services (AWS) — hosting, S3 storage, Bedrock LLMs.
- Clerk — authentication and SSO.
- Supabase / Neon — managed PostgreSQL.
- Resend — transactional email delivery.
- Sentry — error monitoring.
- Langfuse — LLM trace and cost monitoring.
We will notify you of any change to the subprocessor list at least thirty (30) days before it takes effect.
6. Retention
We retain Customer Data for as long as your organisation maintains an active subscription. On termination, you have thirty (30) days to export your data. After that, all Customer Data is purged from primary storage and backups within a further thirty (30) days.
7. International transfers
The Service is hosted in the AWS region you select at onboarding. By default we host in ap-south-1 (Mumbai); other regions including eu-central-1, us-east-1, and me-central-1 are available on request. Subprocessor locations are listed in the DPA.
8. Your rights
Depending on where you live, you may have rights to access, correct, delete, restrict the processing of, or port your personal information. To exercise these rights, email privacy@tenderos.io. We will respond within thirty (30) days.
9. Security
We protect personal information with the security measures described on our security page and in our SOC 2-style control set, available under NDA.
10. Children
The Service is intended for use by professionals over 18. We do not knowingly collect personal information from children.
11. Contact
Questions about this policy can be sent to privacy@tenderos.io. Postal address is provided on request.