BidCleverAI
Your Privacy Matters

Privacy Policy

We are committed to protecting your privacy and ensuring the security of your personal information.

Last updated: February 2, 2026

1. Introduction

BidClever ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website bidclever.ai (the "Site") and use our tender management platform and services (collectively, the "Services").

Please read this Privacy Policy carefully. By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access the Site or use our Services.

2. Information We Collect

2.1 Personal Information You Provide

We collect personal information that you voluntarily provide to us when you:

  • Register for an account or subscribe to our Services
  • Request a demo or contact us through our forms
  • Subscribe to our newsletter
  • Download templates or resources
  • Participate in surveys or promotions
  • Contact our customer support team

This information may include:

  • Contact Information: Name, email address, phone number, company name, job title
  • Account Information: Username, password, account preferences
  • Billing Information: Payment card details, billing address (processed securely through our payment processor)
  • Communication Data: Messages, feedback, and correspondence with us

2.2 Information Collected Automatically

When you access our Site or Services, we automatically collect certain information, including:

  • Device Information: Browser type, operating system, device type, unique device identifiers
  • Usage Data: Pages visited, time spent on pages, links clicked, features used
  • Log Data: IP address, access times, referring URLs, error logs
  • Location Data: General geographic location based on IP address

3. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and store information about your interactions with our Site and Services. You can manage your cookie preferences through our cookie consent banner or your browser settings.

3.1 Types of Cookies We Use

Necessary Cookies

These cookies are essential for the Site to function properly. They enable core functionality such as security, session management, and accessibility features. You cannot opt out of these cookies as the Site would not function without them.

Analytics Cookies

These cookies help us understand how visitors interact with our Site by collecting and reporting information anonymously. We use this data to improve our Site's performance and user experience. Analytics cookies are only placed with your consent.

Marketing Cookies

These cookies are used to track visitors across websites to display relevant advertisements. They help us measure the effectiveness of our marketing campaigns and deliver personalized content. Marketing cookies are only placed with your consent.

3.2 Managing Your Cookie Preferences

You can manage your cookie preferences at any time by clicking the "Manage Cookies" link in our website footer. You can also configure your browser to refuse cookies or alert you when cookies are being sent. However, disabling certain cookies may affect the functionality of our Site.

4. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide and Maintain Services: To deliver our tender management platform, process transactions, and provide customer support
  • Improve Our Services: To analyze usage patterns, identify issues, and enhance user experience
  • Communicate With You: To send service updates, respond to inquiries, and provide requested information
  • Marketing: To send promotional materials and newsletters (with your consent)
  • Personalization: To tailor content and recommendations based on your preferences and usage
  • Security: To detect, prevent, and address fraud, abuse, and security issues
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes

5. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data based on the following legal grounds:

  • Consent: Where you have given us explicit consent to process your data for specific purposes (e.g., marketing communications, analytics cookies)
  • Contract Performance: Where processing is necessary to fulfill our contractual obligations to you or to take steps at your request before entering into a contract
  • Legitimate Interests: Where processing is necessary for our legitimate business interests, such as improving our Services, preventing fraud, and ensuring security, provided these interests do not override your rights
  • Legal Obligation: Where processing is necessary to comply with applicable laws and regulations

6. Data Sharing and Disclosure

We may share your information in the following circumstances:

  • Service Providers: We share data with third-party vendors who perform services on our behalf, such as hosting (Amazon Web Services), AI processing (OpenAI), payment processing, email delivery, and analytics. These providers are contractually bound to protect your data and are listed in our Sub-Processor Register, available upon request.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. We will notify affected users and provide options in accordance with applicable data protection laws, including GDPR.
  • Legal Requirements: We may disclose information when required by law, court order, or government request, or to protect our rights, property, or safety.
  • With Your Consent: We may share your information for other purposes with your explicit consent.

We do not sell your personal information to third parties.

7. Sub-Processors

We use the following categories of sub-processors to deliver our Services:

  • Cloud Infrastructure: Amazon Web Services (AWS) for hosting and data storage
  • AI Processing: OpenAI for enterprise AI features (Tender Chat, TRS scoring). OpenAI's enterprise terms explicitly prohibit using customer data for model training.
  • Payment Processing: For secure handling of billing and subscription payments
  • Email Services: For transactional and marketing communications
  • Analytics: For anonymized usage analytics to improve our Services

A complete and current list of sub-processors with their specific identities and processing purposes is available upon request by contacting [email protected].

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from your jurisdiction. When we transfer data internationally, we implement appropriate safeguards to protect your information, including:

  • Standard Contractual Clauses approved by the European Commission
  • Data processing agreements with our service providers
  • Compliance with applicable data protection frameworks

9. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. The retention period may vary depending on the context and our legal obligations.

When determining retention periods, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process the data, and applicable legal requirements.

If you cancel your subscription, you can export your data before the cancellation takes effect. After cancellation, we retain your data for 30 days in case you decide to reactivate. After this period, your data is permanently deleted from our systems.

10. Your Rights Under GDPR

If you are located in the EEA, UK, or Switzerland, you have the following rights regarding your personal data:

  • Right of Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can request that we correct inaccurate or incomplete data.
  • Right to Erasure: You can request that we delete your personal data in certain circumstances.
  • Right to Restrict Processing: You can request that we limit how we use your data.
  • Right to Data Portability: You can request a copy of your data in a structured, machine-readable format.
  • Right to Object: You can object to processing based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: Where processing is based on consent, you can withdraw your consent at any time.
  • Right to Lodge a Complaint: You have the right to file a complaint with your local data protection authority.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You can request information about the categories and specific pieces of personal information we have collected about you.
  • Right to Delete: You can request deletion of your personal information, subject to certain exceptions.
  • Right to Opt-Out: You can opt out of the sale of your personal information. Note: We do not sell personal information.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

12. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • AES-256 encryption for data at rest and TLS 1.3 for data in transit
  • Regular security assessments and penetration testing
  • Access controls and authentication mechanisms
  • Employee training on data protection and security
  • Incident response procedures

Our platform is built on Amazon Web Services (AWS) infrastructure, which maintains SOC 2 Type II and ISO 27001 certifications. While we leverage these certified platforms and follow security best practices, BidClever as a company has not completed independent SOC 2 or ISO 27001 certification audits at this time.

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

13. Children's Privacy

Our Services are not intended for individuals under the age of 16. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information.

14. Third-Party Links

Our Site may contain links to third-party websites and services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our Site and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Website: bidclever.ai

For GDPR-related inquiries, you may also contact your local data protection authority.