Privacy Policy

Last updated: September 24, 2025

GDPR Compliance Statement

TenderPulse is fully compliant with the General Data Protection Regulation (GDPR) and is committed to protecting your privacy and personal data. This policy explains how we collect, use, and protect your information.

1. Data Controller

TenderPulse acts as the data controller for the personal data we process. Our contact information:
Email: privacy@tenderpulse.eu
Address: TenderPulse, EU Region

2. Personal Data We Collect

We collect the following types of personal data:

  • Account Information: Email address, name, company information
  • Usage Data: Login times, feature usage, alert preferences
  • Payment Information: Billing details (processed securely by Stripe)
  • Communication Data: Support tickets, feedback, and correspondence

3. Legal Basis for Processing

We process your personal data based on:

  • Contract Performance: To provide our service as agreed
  • Legitimate Interest: To improve our service and prevent fraud
  • Consent: For marketing communications (where applicable)
  • Legal Obligation: For tax and accounting purposes

4. How We Use Your Data

We use your personal data to:

  • Provide and maintain our service
  • Process payments and manage subscriptions
  • Send you tender alerts and notifications
  • Provide customer support
  • Improve our service and develop new features
  • Comply with legal obligations

5. Data Sharing and Transfers

We do not sell your personal data. We may share data with:
Service Providers: Stripe (payments), SendGrid (emails), Railway (hosting)
Legal Requirements: When required by law or to protect our rights
Business Transfers: In case of merger or acquisition

6. Your Rights Under GDPR

You have the following rights:

  • Right of Access: Request copies of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a structured format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes encryption, secure servers, and regular security assessments.

8. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy, or as required by law. Account data is typically retained for the duration of your subscription plus 3 years for legal and accounting purposes.

9. Cookies and Tracking

We use essential cookies for authentication and service functionality. We do not use tracking cookies or third-party analytics without your explicit consent.

10. Contact Us

To exercise your rights or for any privacy-related questions, contact us at:
Email: privacy@tenderpulse.eu

You also have the right to lodge a complaint with your local data protection authority if you believe we have not handled your personal data in accordance with GDPR.