Privacy Policy

Last updated: 2026-01-01

This Privacy Policy explains how TAXOSURE ("we", "us", "our") collects, uses, discloses, and protects your information when you use tender.taxosure.com.

1. Information We Collect

Account information — name, email, password (hashed), phone number when you register.

Usage data — pages visited, search queries, tender views, alert preferences. Used to improve search and personalise recommendations.

Device data — IP address, browser type, OS, screen size. Used for analytics and anti-abuse.

Cookies — session cookies for login; analytics cookies (you may opt out).

2. How We Use Information

  • Provide tender search and alert services
  • Authenticate you, prevent fraud, secure the platform
  • Send transactional emails (OTP, alerts, billing)
  • Improve our product and AI features
  • Comply with applicable laws

3. Sharing of Information

We do not sell your personal data. We share data only with:

  • Service providers — payment processors (Razorpay), email delivery (Gmail SMTP), analytics, hosting (DigitalOcean).
  • Legal authorities — when required by Indian law or court order.
  • Aggregate / anonymised data — for industry research, never identifying you.

4. Data Retention

Account data: retained while your account is active. After deletion, removed within 30 days (logs retained 90 days for security).

5. Your Rights

You may access, correct, export, or delete your personal data at any time from your dashboard, or by emailing hello@tender.taxosure.com.

6. Security

Passwords are hashed with bcrypt. All traffic is encrypted with TLS 1.2+. Database access is restricted to authorised systems. Despite our efforts, no system is 100% secure — please use a strong, unique password.

7. Children

TAXOSURE is not directed at children under 18. We do not knowingly collect data from minors.

8. Third Parties

Our site links to government tender portals. We are not responsible for their privacy practices — please review their policies independently.

9. Changes

We may update this policy. Material changes will be communicated via email and a notice on the site.

10. DPDP Act 2023 Compliance (India)

Under the Digital Personal Data Protection Act, 2023, you have the following rights as a Data Principal:

  • Right to access (§11) — download every byte of personal data we hold via Account Settings → "Export my data".
  • Right to correction (§12) — edit profile fields from your dashboard.
  • Right to erasure (§12) — self-delete your account from Account Settings. We anonymise name/email/phone/company/GSTIN immediately; invoices are retained in anonymised form for India tax compliance (GST audit retention).
  • Right to grievance redressal (§13) — our Data Protection Officer responds within 7 working days at privacy@tender.taxosure.com.
  • Right to nominate (§14) — nominate another individual to exercise your rights in case of death or incapacity.

Consent for cookies: Essential cookies (login session) are required for the site to work. Analytics and marketing cookies require your explicit opt-in via the banner shown on first visit. You can revoke consent any time by clearing the ti_cookie_consent entry in your browser storage, or by running window.TI.cookieConsent.revoke() in the developer console.

Cross-border transfers: All data is stored on servers located in Germany (Hetzner, Frankfurt). We do not transfer personal data to jurisdictions blacklisted by MeitY under DPDP §16.

Children’s data: See §7 above. Where consent is required from a parent / guardian under DPDP §9, we collect verifiable consent before processing.

11. Contact

Questions? Email hello@tender.taxosure.com.