Privacy Policy

This Privacy Policy explains how TenderIQ ("we", "us", "our") collects, uses, and protects personal data when you use our website at tenderiq.io and the TenderIQ platform. We are committed to protecting your privacy and processing your data in accordance with the EU General Data Protection Regulation (GDPR) and applicable Greek data protection law.

The data controller responsible for your personal data is:

• Stamatios Karvelis, Founder, TenderIQ
• Country: Greece
• Contact: support@tenderiq.io

We collect the following categories of data:

• Account data: name, email address, company name, role, and password hash.
• Customer content: RFP and tender documents you upload, responses you draft, comments, and related project metadata.
• Usage data: log data, device and browser info, IP address, pages visited, feature interactions.
• Billing data: processed by Stripe; we receive limited metadata such as plan, billing status, and last 4 digits of payment method.
• Cookies and analytics: see the Cookies section below.

We use your personal data to:

• Provide, operate, and secure the Service.
• Process and analyze uploaded documents to power AI features.
• Send transactional emails (account, billing, security, product updates).
• Process payments and manage subscriptions.
• Improve product quality, reliability, and AI performance.
• Comply with legal obligations.

We rely on the following legal bases under Article 6 GDPR:

• Contract performance: to provide the Service you have signed up for.
• Legitimate interests: to secure the Service, prevent fraud, and improve our product.
• Consent: for non-essential cookies and marketing communications. You may withdraw consent at any time.
• Legal obligation: to comply with tax, accounting, and other legal requirements.

We retain account data for as long as your account is active. After account deletion, data is retained for 30 days to allow recovery and then permanently deleted. Uploaded documents are deleted when you delete them or when your account is deleted. Billing records are retained for the period required by applicable tax law.

We do not sell your personal data. We share data only with the processors required to operate the Service:

• Supabase: database, authentication, and storage hosting.
• Stripe: payment processing.
• AI model providers: to process RFP content and generate responses, under data processing agreements that prohibit training on Customer Data.
• Email providers: for transactional and account emails.

All processors are bound by data processing agreements and process data only on our instructions.

Some of our processors are located outside the European Economic Area. When we transfer personal data outside the EEA, we rely on appropriate safeguards under the GDPR, including Standard Contractual Clauses approved by the European Commission and supplementary technical measures where required.

You have the following rights under the GDPR:

• Right of access to your personal data.
• Right to rectification of inaccurate data.
• Right to erasure ("right to be forgotten").
• Right to data portability.
• Right to object to or restrict processing.
• Right to withdraw consent at any time.
• Right to lodge a complaint with a supervisory authority (in Greece, the HDPA).

To exercise any of your rights, email support@tenderiq.io or use the GDPR data export and account deletion tools in Settings → Privacy inside the app. We will respond within 30 days.

We use essential cookies to operate the Service (authentication, security, session). With your consent, we may also use analytics and marketing cookies. You can change your preferences at any time.

Manage cookie preferences

TenderIQ is intended for business use and is not directed at children. We do not knowingly collect personal data from anyone under the age of 18. If you believe a minor has provided us with personal data, please contact us and we will delete it.

We may update this Privacy Policy from time to time. We will notify users of material changes by email or in-app notice. The "Last updated" date at the top reflects the latest revision.

For any privacy questions or requests, contact us at support@tenderiq.io. See also our Terms of Service.