← TenderAim

Privacy Policy

Updated: 2026-06

Note: this document must be reviewed by the founder before publishing.

1. Data controller

Data controller: MB Saisa, Lithuania. Product: TenderAim.

For all data protection questions contact: [email protected].

2. What data we process

  • Account data: name and email address.
  • Product data: search profiles, keywords, selected countries, and related preferences.
  • Usage analytics: interactions with product screens and flows (PostHog, EU region).
  • Technical data: IP address, browser/device information, security and availability logs.

3. Processing purposes and legal basis

  • Service delivery and account administration — GDPR Art. 6(1)(b) (contract).
  • Security, abuse prevention, and reliability — GDPR Art. 6(1)(f) (legitimate interest).
  • Product analytics and improvement — GDPR Art. 6(1)(a) (consent via cookie banner).
  • Legal obligations (e.g., accounting/disputes) — GDPR Art. 6(1)(c).

4. Processors and transfers

  • MongoDB Atlas (EU) — application data storage.
  • Resend — transactional email delivery.
  • PostHog (EU cloud) — product analytics after consent.
  • Cloudflare — security, CDN, and traffic protection.
  • Google Gemini API — analysis of publicly available procurement content (not for personal data profiling).

5. Retention periods

  • Account and profile data is retained while the account is active and up to 90 days after deletion.
  • Analytics data is retained up to 24 months or less based on PostHog configuration.
  • Security/technical logs are typically retained up to 12 months unless a legal obligation requires longer retention.

6. Your GDPR rights

  • Right of access.
  • Right to rectification.
  • Right to erasure.
  • Right to restriction and right to object where legitimate interest applies.
  • Right to data portability.
  • Right to withdraw consent at any time (including analytics consent).
  • Right to lodge a complaint with your supervisory authority.

7. Cookies and similar technologies

  • Necessary: cookies/storage entries required for core functionality and security (for example login, language, session state).
  • Consent state: localStorage key `ta_consent` with values `granted` or `necessary`.
  • Analytics (after consent only): PostHog identifiers/session cookies (for example `ph_*`).

Slapukų nustatymai

Naudojame būtinus slapukus ir (su jūsų sutikimu) analitiką, kad gerintume TenderAim.

Būtini: Visada įjungta