Privacy Policy

This policy explains how TenderVera collects, uses, and protects your personal data. We are committed to handling your information responsibly and in compliance with UK data protection law.

Last updated: 12 March 2026

1. Data Controller

TenderVera Ltd is the data controller for personal data processed through our platform. We are responsible for deciding how we hold and use personal information about you.

Registered Address

548–550 Elder House
Eldergate
Milton Keynes
MK9 1LR

Contact: [email protected]

2. Data We Collect

We collect and process the following categories of personal data:

  • Account Information – Name, email address, company name, and job title
  • Service Data – Tender documents and related business information you submit
  • Usage Data – How you interact with our platform, including login times and features used
  • Payment Data – Processed securely through Stripe; we do not store full card details
  • Communications – Messages exchanged through our platform and support correspondence

3. Lawful Basis for Processing

We process your data under the following lawful bases:

  • Contract – To provide the bid support services you have purchased
  • Legitimate Interests – To improve our services and ensure platform security
  • Legal Obligation – To comply with applicable laws and regulations
  • Consent – For optional marketing communications (where applicable)

4. Data Sharing

We do not sell your personal data. We may share data with:

  • Service Providers – Hosting, payment processing, and email services
  • Legal Requirements – When required by law or legal process

All service providers are bound by data processing agreements compliant with UK GDPR.

5. Data Retention

We retain your data for as long as necessary to provide our services and comply with legal obligations. Tender documents are retained for 30 days after completion unless you request earlier deletion. Account data is retained while your account is active and for a reasonable period thereafter for legal and audit purposes.

6. Your Rights

Under UK GDPR, you have the following rights:

  • Right of access to your personal data
  • Right to rectification of inaccurate data
  • Right to erasure (right to be forgotten)
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing

To exercise these rights, contact [email protected].

7. Data Security

We implement appropriate technical and organisational measures to protect your data, including encryption in transit and at rest, access controls, and regular security reviews.

8. International Transfers

Data may be processed by service providers outside the UK. Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the ICO.

9. Complaints

If you have concerns about how we handle your data, please contact us first. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

10. Policy Updates

We may update this policy from time to time. Material changes will be communicated to registered users via email.

← Back to Home