Privacy Policy

We collect only the metadata necessary to operate the service (User ID, IP Address for audit logs, and billing details). Document content is encrypted client-side or server-side before storage.

We do not sell, trade, or rent your personal identification information to others. Ever.

All data in transit is encrypted via TLS 1.3. All data at rest is encrypted via AES-256-GCM.

For "Blind Tender" rooms, encryption keys are generated in the client browser and encrypted with a public key whose private counterpart is stored in a Hardware Security Module (HSM) with a time-lock policy.

We respect the sovereignty of your data. When you create a Room, you select the AWS Region (e.g., af-south-1 for South Africa, eu-west-2 for London).

Your data never leaves that jurisdiction. We strictly adhere to POPIA, GDPR, and CCPA requirements regarding cross-border data transfer.

We maintain an immutable Merkle-tree audit log of all access. This log is visible to Room Admins and cannot be altered by our staff. Every view, download, and login is cryptographically chained to the previous event.