Privacy

Privacy Policy

How DueBid collects, uses, shares, protects, and deletes personal data and confidential tender material.

Effective date: June 25, 2026

scope

Scope

This Privacy Policy applies to DueBid websites, accounts, workspaces, APIs, hosted checkout handoffs, report delivery, and customer support.

Customer tender documents may contain personal data, business confidential information, commercial terms, and sensitive procurement material. Customers remain responsible for deciding what material is appropriate to submit.

roles

Privacy roles

For account, website, billing-support, security, and product-usage data, DueBid generally acts as an independent controller or business. For customer content submitted into a workspace, DueBid generally processes that material to provide the requested product features and digital report artifacts.

When checkout is handled by Lemon Squeezy or related payment-provider infrastructure, that provider independently processes payment, tax, fraud, receipt, refund, dispute, and chargeback data according to its own terms and privacy notices.

data collected

Data we collect

We collect account and workspace data such as name, email, company, role, authentication state, workspace membership, preferences, invitation records, and support communications.

We collect customer content such as tender documents, RFP text, addenda, proposal files, uploaded evidence, comments, reviewer decisions, report artifacts, document metadata, and workspace activity needed to provide DueBid.

We collect technical and security data such as IP address, device and browser data, session events, audit logs, file integrity checks, access logs, API requests, error events, and abuse-prevention signals.

billing data

Billing and payment data

DueBid does not intentionally collect or store full card numbers, bank account numbers, card security codes, or other full payment credentials.

DueBid receives limited billing metadata from checkout and billing providers, such as customer identifiers, order identifiers, product or plan identifiers, subscription status, payment status, currency, tax, amount, invoice or receipt references, refund status, and portal availability.

uses

How we use data

We use data to provide and secure the application, process uploaded material, generate and review digital report artifacts, verify payment state, provision subscriptions and report credits, provide support, monitor reliability, prevent abuse, comply with law, and improve product quality.

We do not use customer tender material to train general-purpose models for other customers. Cross-customer reuse of customer tender material is not permitted.

sharing

How we share data

We share data with service providers that help operate DueBid, including hosting, storage, security scanning, monitoring, analytics, communications, model-processing, support, billing, tax, subscription, and payment providers.

We may share data when required by law, to protect rights and security, to investigate misuse, to complete a merger or financing transaction, or with your direction through workspace integrations and authorized users.

DueBid does not sell personal information for money and does not share customer tender material for cross-context behavioral advertising.

subprocessors

Subprocessors

DueBid's subprocessor categories include cloud hosting, object storage, security and malware scanning, email and support tooling, monitoring and analytics, AI/model processing, and hosted checkout and billing providers.

Lemon Squeezy and its payment-provider infrastructure process checkout, subscription, tax, invoice, refund, and chargeback data when used for DueBid purchases. A current named subprocessor list requires approved launch content before publication.

retention

Retention and deletion

Workspace documents and report artifacts are retained while the workspace is active or while needed to deliver the purchased digital product, maintain customer-requested company memory, support auditability, or comply with law.

Verified deletion requests are processed through the approved deletion workflow unless retention is required for security, legal, tax, accounting, billing, dispute, fraud-prevention, or backup integrity reasons. Backups and disaster-recovery copies are overwritten on their normal cycle.

Billing, tax, invoice, security, audit, and dispute records may be retained longer where required for compliance, accounting, chargeback defense, or fraud prevention.

security

Security

DueBid uses access controls, workspace authorization, secure download gates, server-side validation, audit logging, transport security, and file-safety controls designed to protect confidential tender material.

No system is perfectly secure. Report suspected unauthorized access, unsafe file handling, or security incidents through the approved public security contact once it is configured.

international

International processing

DueBid and its providers may process data in countries different from where users are located. Where required, DueBid uses contractual, organizational, and technical measures intended to support lawful transfers.

Do not submit data that cannot lawfully be transferred to or processed by the systems needed to provide DueBid.

rights

Privacy rights

Depending on your location, you may have rights to access, correct, delete, restrict, object to, or receive a copy of personal data. You may also have rights to opt out of certain processing or lodge a complaint with a supervisory authority.

Send privacy requests through the approved public privacy contact once configured. DueBid may need to verify your identity, authority, workspace role, and the scope of the request before acting.

children

Children

DueBid is intended for business users and is not directed to children. Do not use DueBid if you are under 18, and do not intentionally submit children's personal data unless it is lawful and necessary for the requested tender workflow.

contact

Contact

Privacy, security, billing, and product-support contacts require approved launch content before production publication. Until then, use the request-review flow for pre-launch questions.

DueBid may update this Privacy Policy as the product, providers, legal requirements, or business operations change.