Retention

Retention and deletion principles

DueBid distinguishes document retention, quarantine, artifact expiry, tombstones, backups, and legal or security holds.

Effective date: June 25, 2026

Verified technical controlData lifecycle

Upload completion is not acceptance

A completed transfer only means the file parts were received. The document is not accepted for analysis until the security review reaches an accepted version.

Evidence: Frontend intake types distinguish upload status from document security status and accepted_at version state.

Verified technical controlData lifecycle

Security scan is not business verification

Security review checks whether a file can proceed through the workflow. It does not verify whether the document is legally sufficient, commercially acceptable, or correct for the tender.

Evidence: Document security states are separate from processing, proposal, and report review states.

Verified technical controlData lifecycle

AI-assisted analysis is separate from human review

Automated extraction and analysis can prepare findings, but material customer-visible findings remain bounded by release and review gates.

Evidence: Report copy, sample report, and workspace states distinguish generated analysis from human review and customer-visible artifacts.

Verified technical controlRetention/deletion

Retention and deletion are stateful

Deletion requests, artifact expiry, tombstones, backups, legal holds, and security holds may have different timelines. DueBid does not claim instant deletion from backups.

Evidence: Report artifact UI exposes retention expiry where provided; public copy avoids exact retention periods until approved launch content supplies them.

Verified technical controlOperations

Public production source maps are not served

The production build disables browser source maps and prunes public source-map files after build.

Evidence: next.config.mjs disables productionBrowserSourceMaps; scripts/build-and-prune.mjs runs scripts/prune-public-source-maps.mjs.

Verified technical controlOperations

Safe outage surfaces

Error and outage surfaces show safe recovery guidance and request IDs without exposing protected readiness, infrastructure topology, internal storage names, scanner names, or backend internals.

Evidence: Global and locale error pages render safe request IDs; BFF route handlers return sanitized backend-unavailable envelopes.

Not configured for launchOperations

Backup and restore commitments

Public backup and restore commitments require approved deployment input before publication.

Evidence: No approved public RPO, RTO, backup region, or restore-drill claim is checked into the frontend.

Not configured for launchOperations

No public certifications claimed

No SOC 2, ISO 27001, penetration-test, insurance, SLA, uptime, or audit-certification claim is published unless approved evidence is supplied.

Evidence: Trust-content scan rejects fake certification and uptime language.