Skip to main content

Privacy Policy

Last updated: 2025/11/08

POPIA Compliant
Introduction

Tenders-SA.org ("we", "us", "our") is committed to protecting your privacy and complying with the South African Protection of Personal Information Act (POPIA). This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our tender portal services.

By using Tenders-SA.org, you consent to the collection and use of your personal information as described in this policy.

Information We Collect

Personal Information

  • Name, email address, and contact details
  • Company registration information and tax numbers
  • BBBEE certification details and levels
  • Director information and ownership details
  • Financial information (turnover, revenue)
  • Professional certifications and qualifications

Usage Information

  • Tender search history and preferences
  • Application submissions and drafts
  • Document uploads and downloads
  • AI assistant interactions and generated content
  • Matching scores and tender recommendations

Technical Information

  • IP address and location data
  • Browser type and device information
  • Cookies and similar tracking technologies
  • Access times and usage patterns
How We Use Your Information

Primary Purposes

  • Provide tender matching services
  • Process and manage applications
  • Generate AI-powered recommendations
  • Facilitate document management
  • Send tender notifications and alerts

Secondary Purposes

  • Improve our services and features
  • Analyze usage patterns and trends
  • Prevent fraud and ensure security
  • Comply with legal obligations
  • Marketing (with explicit consent)
Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We only share your data in the following circumstances:

Third-Party Service Providers

We share data with trusted providers who help us operate our service:

  • Paddle: Payment processing
  • Resend: Email delivery
  • Anthropic (Claude): AI-powered features
  • Cloudflare: Content delivery and security

Legal Requirements

We may disclose your information when required by law, court order, or government regulation, including to comply with POPIA requirements.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction.

Data Security

We implement industry-standard security measures to protect your personal information:

Technical Security

  • 256-bit SSL/TLS encryption
  • Encrypted database storage
  • Secure password hashing (bcrypt)
  • Regular security audits

Access Controls

  • Role-based access permissions
  • Multi-factor authentication
  • Audit logging of all access
  • Employee background checks
Your Rights Under POPIA

As a data subject, you have the following rights under POPIA:

Right to Access

You can request a copy of all personal information we hold about you.

Right to Correction

You can request correction of inaccurate or incomplete information.

Right to Deletion

You can request deletion of your personal information, subject to legal retention requirements.

Right to Data Portability

You can request your data in a machine-readable format.

How to Exercise Your Rights

To exercise any of these rights, please contact us:

privacy@tenders-sa.org
Data Retention

We retain your personal information only as long as necessary for the purposes for which it was collected, or as required by law:

Data TypeRetention PeriodReason
Account InformationUntil account deletionService provision
Application Data7 yearsTax and legal compliance
Financial Records7 yearsTax compliance
Audit Logs2 yearsSecurity and compliance
Marketing DataUntil consent withdrawnMarketing communications
Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience and analyze website usage. You can control cookie preferences through your browser settings.

Essential CookiesRequired
Analytics CookiesOptional
Marketing CookiesOptional

For detailed information about cookies, please see our Cookie Policy.

International Data Transfers

Your personal information is primarily stored and processed within South Africa. However, we may transfer data to international service providers who assist us in operating our service.

International Transfers

  • Anthropic (Claude AI): United States
  • Cloudflare: Global network with South African presence
  • Paddle: United Kingdom (with South African support)

All international transfers comply with POPIA requirements and include appropriate data protection safeguards.

Contact Information

If you have any questions about this Privacy Policy or how we handle your personal information, please contact our Data Protection Officer:

Email:privacy@tenders-sa.org
Address:

123 Main Street
Centurion, Gauteng
South Africa, 0046

Data Protection Officer

For formal data protection concerns or to exercise your POPIA rights, please contact our Data Protection Officer at the above address or email dpo@tenders-sa.org.

Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify you of any material changes by email or by posting a notice on our website before the changes take effect.

This Privacy Policy is governed by and construed in accordance with the laws of South Africa.