SmartTender

SmartTender Privacy Policy

Last Updated: 2025/12/01

Welcome to SmartTender (“we,” “us,” or “our”). We are committed to protecting your privacy and ensuring that any personal information we collect is handled in a safe and responsible manner, in compliance with the Protection of Personal Information Act (POPIA) of South Africa and other applicable laws.

If you have any questions or concerns about our practices, please contact us at info@smarttender.co.za or visit our Contact Page.

1. Scope of This Privacy Policy

This Privacy Policy applies to:

  • Our website, SmartTender.co.za, including all subdomains and related services.
  • Any other websites, pages, features, or content owned and operated by SmartTender that include this Privacy Policy.
  • Interactions you may have with our emails and/or customer support.

By accessing or using our service, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy and our compliance with POPIA.

2. Information We Collect

2.1 Personal Information You Provide

  • Registration Data: When you create an account or profile, we may collect personal information such as your name, email address, and business preferences.
  • Communication Data: If you contact us (e.g., by email or through our website), we may collect the contents of your message, your contact details, and any attachments you provide.

2.2 Automatically Collected Information

  • Usage Data: We may collect information automatically about your interactions with our website, such as your IP address, browser type, pages viewed, and the dates/times of your visits.
  • Cookies: We do not store any cookies on your device other than those that are technically required to run the website effectively. These essential cookies are necessary for functions such as secure login and session management.

3. How We Use Your Information

We use the information we collect for the following purposes, in compliance with POPIA’s requirement for lawful processing:

  1. Service Provision: To provide, maintain, and improve the SmartTender service, including AI-based tender recommendations.
  2. Customer Support: To respond to your inquiries, troubleshoot issues, and improve customer experience.
  3. Email Communications: To send regular email updates (e.g., once per week) and important account notifications (only if you have opted in or if these emails are necessary to provide our service).
  4. Business Operations: To analyze usage trends, maintain security, and help us improve the functionality and user experience of our service.

We will not sell or share your personal information with third parties for direct marketing purposes without your explicit consent.

3.1 Automated Decision-Making and Profiling

SmartTender uses AI-powered algorithms to provide personalized tender recommendations. This automated processing:

  • Analyzes your business profile information and stated preferences
  • Generates relevance scores for available tenders
  • Determines which tenders to recommend via email and in your dashboard

This automated processing is necessary for the performance of our contract with you to provide personalized tender recommendations. You can influence these recommendations by updating your business profile preferences at any time. No decisions with significant legal effects are made solely through automated means without human oversight.

4. Third-Party Services

4.1 Amazon Web Services (AWS)

  • Hosting: Our website is hosted on AWS servers located in Cape Town, South Africa.
  • Emails: We also use AWS for sending emails; these services are hosted in the same region.
  • AWS Privacy Policy

4.2 OpenAI

We use OpenAI's API for integrating AI functionalities into our software.

4.3 AWS Cognito

We use AWS Cognito for secure user authentication and account management. This service handles user authentication, login credentials, and session management. We do not store passwords on our servers.

4.4 Payment Providers (Stripe)

We use third-party payment providers to process subscriptions and payments. Currently, we use Stripe for payment processing. We do not store or process your payment information (e.g., credit card details) on our servers. Any payment information you provide is handled directly by these third-party payment processors.

We only share information with these third-party services as necessary to provide the service (e.g., processing payments or sending emails).

4.5 International Data Transfers

Some of our service providers, including OpenAI and Stripe, process data outside of South Africa. When we transfer personal information internationally, we ensure appropriate safeguards are in place as required by POPIA, including verifying that recipients maintain adequate data protection standards. Our AI functionality may send business profile information to OpenAI's servers in the United States for processing tender recommendations.

5. Legal Basis for Processing (POPIA Compliance)

Under POPIA, we process personal information based on the following grounds:

  • Performance of Contract: We process your data to provide our services as per the agreement when you create an account or use SmartTender.
  • Legitimate Interests: We process your data to optimize our services, ensure security, and maintain our business operations.
  • Consent: Where required, we obtain your consent for specific data processing activities (e.g., marketing emails).

6. Data Retention

We keep your personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy or to comply with legal obligations. If you request deletion of your data, we will securely delete it unless we are required by law to keep it for a specified period.

For operational and service fulfillment purposes, we may retain customer information on our systems as necessary to provide our services.

7. Data Security

We take reasonable administrative, technical, and physical measures to protect the information we collect from loss, theft, misuse, unauthorized access, disclosure, alteration, and destruction. These measures include:

  • Secure hosting with AWS
  • Encryption of data where applicable
  • Regular software updates and security patches
  • Limited access to personal data by employees on a need-to-know basis

However, no method of transmission or electronic storage is 100% secure. Therefore, we cannot guarantee absolute security.

7.1 Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the Information Regulator and affected individuals as soon as reasonably possible after becoming aware of the breach, in accordance with POPIA requirements. Such notification will include the nature of the breach, the likely consequences, and the measures taken to address it.

8. Age Requirement

Our services are intended for business users and are not directed at individuals under 18 years of age. We do not knowingly collect personal information from individuals under 18. If you believe we may have accidentally collected such information, please contact us immediately at info@smarttender.co.za, and we will delete it.

9. Your Rights Under POPIA

Under POPIA, you have the right to:

  • Access Your Information: Request confirmation of whether we hold your personal information, and request access to it.
  • Correct Your Information: Request that we correct or delete your personal information if it is inaccurate, irrelevant, or incomplete.
  • Object to Processing: Object to the processing of your personal information under certain circumstances.
  • Withdraw Consent: Where processing relies on your consent, you may withdraw that consent at any time.
  • Complain: Lodge a complaint with the Information Regulator if you believe your personal information has been processed unlawfully.

For more information on how to exercise these rights, please contact us at info@smarttender.co.za.

10. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. The updated version will be posted on this page with an updated “Last Updated” date. We encourage you to review this Privacy Policy periodically for any changes. Your continued use of our service constitutes acceptance of the updated Privacy Policy.

11. Contact Us

If you have any questions, concerns, or requests related to this Privacy Policy or your personal information, please contact us:

The responsible party for the processing of your personal information under POPIA is Alexander Fischer-Brandies, Waldpromenade 57A, 82131 Gauting, Germany.

We are committed to resolving any issues you may have regarding your privacy and data protection.

12. Information Regulator – South Africa

If you believe that we are not adequately addressing your concerns regarding the processing of your personal information, you have the right to lodge a complaint with the Information Regulator of South Africa:

Thank you for entrusting SmartTender with your personal information.

Back to Home