Privacy Policy

BidGuard Solutions ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our RFP compliance auditing service at bidguardsolutions.com (the "Service").

Please read this Privacy Policy carefully. By using our Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

1. Information We Collect

1.1 Personal Information

We collect personal information that you voluntarily provide to us when you:

• Create an account or register for our Service
• Submit RFP documents for auditing
• Contact us for support or inquiries
• Subscribe to our newsletter or marketing communications

This personal information may include:

• Contact Information: Name, email address, phone number, company name
• Account Information: Username, password (encrypted)
• Business Information: Company details, industry, contracting history
• Payment Information: Billing address, payment method details (processed securely by our payment processor)

1.2 Document Information

When you use our Service, you upload RFP documents and draft responses for compliance auditing. These documents may contain:

• Project specifications and requirements
• Your company's proposed responses
• Business-sensitive information related to government contracts

Important: We treat all uploaded documents as confidential business information and apply strict security measures to protect them.

1.3 Usage Data

We automatically collect certain information when you access and use our Service, including:

• IP address and device information
• Browser type and version
• Pages visited and time spent on pages
• Referring website addresses
• Operating system and device identifiers
• Service usage patterns and preferences

1.4 Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our Service and store certain information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

2. How We Use Your Information

We use the collected information for various purposes:

• To Provide Our Service: Process your RFP audits, generate compliance reports, and deliver results
• To Manage Your Account: Create and maintain your user account, process payments, and manage subscriptions
• To Communicate With You: Send service updates, respond to inquiries, provide customer support
• To Improve Our Service: Analyze usage patterns, develop new features, and enhance user experience
• To Ensure Security: Monitor for fraudulent activity, prevent abuse, and protect our systems
• To Comply With Legal Obligations: Meet regulatory requirements and respond to legal requests
• With Your Consent: Send marketing communications (you can opt-out at any time)

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data under the following legal bases:

• Contract Performance: Processing necessary to provide our Service to you
• Legitimate Interests: Improving our Service, preventing fraud, and ensuring security
• Legal Obligation: Complying with applicable laws and regulations
• Consent: Marketing communications and optional features (you can withdraw consent at any time)

4. How We Share Your Information

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following limited circumstances:

4.1 Service Providers

We may share your information with third-party service providers who perform services on our behalf, including:

• AI Processing: Google Gemini API for RFP analysis and compliance checking
• Payment Processing: Secure payment processors to handle transactions
• Cloud Hosting: Infrastructure providers for data storage and processing
• Email Services: Communication platforms for sending service emails

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, subpoenas, government agencies).

4.3 Business Transfers

If we are involved in a merger, acquisition, or asset sale, your personal information may be transferred. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

5. Data Retention

We retain your information for as long as necessary to provide our Service and fulfill the purposes outlined in this Privacy Policy:

• Account Information: Retained while your account is active and for a reasonable period after account closure
• Uploaded Documents: Automatically deleted 90 days after your audit is completed
• Payment Records: Retained for 7 years to comply with tax and accounting regulations
• Usage Data: Retained for up to 2 years for analytics and service improvement

You may request earlier deletion of your data by contacting us at hello@bidguardsolutions.com.

6. Data Security

We implement appropriate technical and organizational security measures to protect your information, including:

• Encryption of data in transit (TLS/SSL) and at rest (AES-256)
• Secure authentication and access controls
• Regular security audits and vulnerability assessments
• Employee training on data protection and confidentiality
• Automatic deletion of sensitive documents after 90 days

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.

7. Your Privacy Rights

7.1 General Rights

You have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal obligations)
• Data Portability: Request a copy of your data in a structured, machine-readable format
• Objection: Object to processing of your personal information for certain purposes
• Restriction: Request restriction of processing in certain circumstances

7.2 GDPR Rights (EEA, UK, Switzerland)

If you are located in the EEA, UK, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

• Right to withdraw consent at any time
• Right to lodge a complaint with your local data protection authority
• Right to object to automated decision-making and profiling

7.3 CCPA Rights (California Residents)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to Know: Request disclosure of personal information collected, used, and shared
• Right to Delete: Request deletion of your personal information
• Right to Correct: Request correction of inaccurate personal information
• Right to Opt-Out: Opt-out of the sale or sharing of personal information (Note: We do not sell personal information)
• Right to Non-Discrimination: Not be discriminated against for exercising your privacy rights

7.4 Australian Privacy Rights

If you are located in Australia, you have rights under the Australian Privacy Act 1988, including the right to access and correct your personal information and to make a complaint to the Office of the Australian Information Commissioner.

7.5 How to Exercise Your Rights

To exercise any of these rights, please contact us at hello@bidguardsolutions.com. We will respond to your request within 30 days (or as required by applicable law).

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country.

When we transfer personal data from the EEA, UK, or Switzerland to other countries, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions by the European Commission
• Other legally approved transfer mechanisms

9. Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us, and we will delete such information from our systems.

10. Third-Party Links

Our Service may contain links to third-party websites or services that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policy of every site you visit.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date at the top of this Privacy Policy
• Sending you an email notification (for material changes)

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

This Privacy Policy is designed to comply with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), UK GDPR, Australian Privacy Act, and other applicable privacy laws.