Security & data handling

TenderTism processes commercially sensitive procurement intelligence for firms bidding into 8-figure infrastructure contracts. We treat that responsibility accordingly.

Compliance commitments

SOC 2 Type II

In progress

Targeting certification within 12 months of launch. We use Vanta for continuous control monitoring. Evidence available to enterprise prospects under NDA.

Australian Privacy Act 1988

Compliant

Compliant with the Australian Privacy Principles (APPs). Privacy policy published. Data subject rights (access, correction, deletion) supported via the settings panel.

GDPR

Tooling in place

Data processing agreements available for EU-based customers. Right to erasure, data portability, and lawful basis documentation supported.

WCAG 2.2 AA

Target

Accessibility is audited on every release. Screen-reader testing with VoiceOver and NVDA. Focus management and keyboard navigation on all interactive surfaces.

Data handling

Encryption at rest: All data encrypted using AES-256. Database volumes encrypted at the infrastructure layer. Private-corpus documents (Enterprise) additionally encrypted at the application layer with per-org keys.
Encryption in transit: TLS 1.3 required for all API and web traffic. Certificate pinning on mobile clients (Phase 3). HSTS with a 12-month max-age on all web properties.
Data residency: Production data is hosted in Sydney (ap-southeast-2) by default. Enterprise customers can request Singapore (ap-southeast-1) or EU (eu-west-1) residency.
Tender data (aggregated): Public tender notices are sourced from open portals and normalised. TenderTism does not claim copyright over portal-sourced tender content. We provide enrichment and organisation — the citation provenance model means AI-extracted facts are always linked to the original source document.
Customer-uploaded documents: Capability statements and private-corpus documents are isolated per-org with row-level security. They are never used to train shared models. Access is audited. Documents can be deleted at any time from the settings panel.
AI model providers: We use Anthropic Claude via the Batches API for document enrichment. Claude processes tender pack text under Anthropic's data processing terms. Customer-uploaded documents in private-corpus RAG mode are not sent to any third-party AI provider — they are retrieved locally using on-premises embeddings.
Bid-price data (Enterprise): Anonymised bid-price aggregation uses k-anonymity with k≥5. No individual firm's price is ever disclosed. If a query cell has fewer than 5 contributing firms, the result is withheld with a transparent message.
Data retention: Free and Solo tiers: 90-day rolling archive. Team/Pro: 3 years. Enterprise: configurable, up to 7 years. Deletion requests are processed within 30 days.

Access controls

Role-based access control (Owner / Admin / Member / Viewer) per organisation
Per-pursuit Chinese walls — users can be in an org but excluded from individual pursuits (Enterprise)
Two-factor authentication: TOTP (Google Authenticator, Authy) and WebAuthn/passkeys
SSO with SAML 2.0, Okta, Microsoft Entra (Enterprise tier)
Session management — view and revoke active sessions from the security settings panel
Audit log of all authentication events, data exports, and admin actions (Enterprise)
Personal access tokens and service accounts with scoped permissions

Security contact

Report security vulnerabilities to [email protected]. We respond within 24 hours. Responsible disclosure is appreciated — we will not pursue legal action against researchers who follow coordinated disclosure practices.