TenderVera logo
Security

Security, Permissions & Auditability

Enterprise-grade security controls, ISO 27001-aligned practices and Cyber Essentials framework to protect your tender documents and business data.

Discuss Security RequirementsContact Us

Why Security Matters

Tender documents often contain sensitive commercial information including pricing, methodologies and competitive intelligence. Protecting this data requires proper security controls, access management, and accountability.

Data Protection

Encryption at Rest

AES-256 encryption for all stored data, including tender documents and responses.

Encryption in Transit

TLS 1.3 for all communications between your browser and our servers.

UK/EU Data Residency

Data stored in UK/EU data centres with enterprise-grade, ISO 27001-certified cloud infrastructure.

Data Retention Controls

Configurable retention policies. Delete your data at any time with full audit trail.

Access Control

Role-Based Access Control

Define roles with specific permissions: Author, Reviewer, Approver, Admin.

User-Level Permissions

Fine-grained control over what each team member can view and edit.

Secure Authentication

Email verification and secure password requirements.

Session Management

Automatic session timeout and secure cookie handling.

Audit Trail

Complete visibility into who did what and when. Every action is logged for accountability.

All actions logged with timestamp and user
Document access tracking
Status change history
Export audit reports

Our Security Approach

Data handling designed to support UK GDPR compliance
Security controls aligned with ISO 27001 principles and Cyber Essentials framework
Enterprise-grade encryption, access control, and audit logging
Infrastructure hosted with providers maintaining ISO 27001 and SOC 2 certifications

Note: We continuously review and improve our security practices. For specific compliance enquiries or security questionnaires, please contact our team.

Frequently Asked Questions

Does TenderVera follow recognised security standards?

Our security controls are aligned with ISO 27001 principles and the Cyber Essentials framework. Infrastructure is hosted with ISO 27001 and SOC 2-certified providers. We continuously improve our controls and welcome discussions about your specific requirements.

Where is data stored?

Data is stored in UK/EU data centres with enterprise-grade infrastructure provided by ISO 27001-certified cloud service providers.

Can I delete my data?

Yes. You control your data and can delete it with full audit trail. Configurable retention policies are also available.

How do you handle GDPR compliance?

Our data handling practices are designed to support UK GDPR compliance. This includes data minimisation, retention controls, and deletion capabilities.

What about security questionnaires?

We're happy to discuss your specific security requirements. Please contact our team for security questionnaire requests.

Questions About Security?

We're happy to discuss your specific security requirements and answer any questions.

Contact Us View Pricing
SecurityCase studiesFeatures