Skip to main content

Privacy Policy

Last updated: 2026/05/13

POPIA-Aligned
Introduction

Tenders-SA.org ("we", "us", "our") is committed to protecting your privacy and complying with the South African Protection of Personal Information Act (POPIA). This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our tender portal services.

By using Tenders-SA.org, you consent to the collection and use of your personal information as described in this policy.

Information We Collect

Personal Information

  • Name, email address, and contact details
  • Company registration information and tax numbers
  • BBBEE certification details and levels
  • Director information and ownership details
  • Financial information (turnover, revenue)
  • Professional certifications and qualifications

Usage Information

  • Tender search history and preferences
  • Application submissions and drafts
  • Document uploads and downloads
  • AI assistant interactions and generated content
  • Matching scores and tender recommendations

Technical Information

  • IP address and location data
  • Browser type and device information
  • Cookies and similar tracking technologies
  • Access times and usage patterns
How We Use Your Information

Primary Purposes

  • Provide tender matching services
  • Process and manage applications
  • Generate AI-powered recommendations
  • Facilitate document management
  • Send tender notifications and alerts

Secondary Purposes

  • Improve our services and features
  • Analyze usage patterns and trends
  • Prevent fraud and ensure security
  • Comply with legal obligations
  • Marketing (with explicit consent)
Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We only share your data in the following circumstances:

Third-Party Service Providers

We share data with trusted providers who help us operate our service:

  • Paddle: Payment processing
  • Resend: Email delivery
  • Anthropic (Claude): AI-powered features
  • Cloudflare: Content delivery and security

Legal Requirements

We may disclose your information when required by law, court order, or government regulation, including to comply with POPIA requirements.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction.

Data Security

We apply technical and organisational safeguards designed to protect your personal information:

Technical Safeguards

  • HTTPS for data in transit
  • Access controls
  • Password hashing
  • Role-based permissions

Organisational Safeguards

  • Production access restrictions
  • Logging and monitoring
  • Backup controls
  • Incident response procedures

Security controls are reviewed periodically and improved as the platform evolves.

Your Rights Under POPIA

As a data subject, you have the following rights under POPIA:

Right to Access

You can request a copy of all personal information we hold about you.

Right to Correction

You can request correction of inaccurate or incomplete information.

Right to Deletion

You can request deletion of your personal information, subject to legal retention requirements.

Right to Data Portability

You can request your data in a machine-readable format.

How to Exercise Your Rights

To exercise any of these rights, please contact us:

[email protected]
Data Retention

We retain your personal information only as long as necessary for the purposes for which it was collected, or as required by law:

Data TypeRetention PeriodReason
Account InformationUntil account deletionService provision
Application Data7 yearsTax and legal compliance
Financial Records7 yearsTax compliance
Audit Logs2 yearsSecurity and compliance
Marketing DataUntil consent withdrawnMarketing communications
Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience and analyze website usage. You can control cookie preferences through your browser settings.

Essential CookiesRequired
Analytics CookiesOptional
Marketing CookiesOptional

For detailed information about cookies, please see our Cookie Policy.

International Data Transfers

Your personal information is primarily stored and processed within South Africa. However, we may transfer data to international service providers who assist us in operating our service.

International Transfers

  • Anthropic (Claude AI): United States
  • Cloudflare: Global network with South African presence
  • Paddle: United Kingdom (with South African support)

All international transfers comply with POPIA requirements and include appropriate data protection safeguards.

Contact Information

If you have any questions about this Privacy Policy or how we handle your personal information, please contact us:

Email:[email protected]
Address:

Managa Complex
Shoprite USave Street
Thohoyandou, Limpopo, 0950

Information Officer / Privacy Contact

For privacy concerns or to exercise your data protection rights, please contact us at the above address or email [email protected].

Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify you of any material changes by email or by posting a notice on our website before the changes take effect.

This Privacy Policy is governed by and construed in accordance with the laws of South Africa.