Security

Security, Permissions & Auditability

Enterprise-grade security measures to protect your tender documents and business data.

Discuss Security RequirementsCreate Account

Why Security Matters

Tender documents often contain sensitive commercial information—pricing, methodologies, and competitive intelligence. Protecting this data requires proper security controls, access management, and accountability.

Data Protection

Encryption at Rest

AES-256 encryption for all stored data, including tender documents and responses.

Encryption in Transit

TLS 1.3 for all communications between your browser and our servers.

UK/EU Data Residency

Data stored in UK/EU data centres with enterprise-grade infrastructure.

Data Retention Controls

Configurable retention policies. Delete your data at any time with full audit trail.

Access Control

Role-Based Access Control

Define roles with specific permissions: Author, Reviewer, Approver, Admin.

User-Level Permissions

Fine-grained control over what each team member can view and edit.

Secure Authentication

Email verification and secure password requirements.

Session Management

Automatic session timeout and secure cookie handling.

Audit Trail

Complete visibility into who did what and when. Every action is logged for accountability.

All actions logged with timestamp and user
Document access tracking
Status change history
Export audit reports

Our Security Approach

Data handling designed to support UK GDPR compliance
Security controls aligned with ISO 27001 principles
Cyber security practices informed by Cyber Essentials framework
Infrastructure hosted with providers maintaining recognised security certifications

Note: We continuously review and improve our security practices. For specific compliance enquiries or security questionnaires, please contact our team.

Frequently Asked Questions

Is TenderVera ISO 27001 certified?

Our security controls are aligned with ISO 27001 principles. We continuously improve our security practices and welcome discussions about your specific requirements.

Where is data stored?

Data is stored in UK/EU data centres with enterprise-grade infrastructure provided by established cloud service providers.

Can I delete my data?

Yes. You control your data and can delete it with full audit trail. Configurable retention policies are also available.

How do you handle GDPR compliance?

Our data handling practices are designed to support UK GDPR compliance. This includes data minimisation, retention controls, and deletion capabilities.

What about security questionnaires?

We're happy to discuss your specific security requirements. Please contact our team for security questionnaire requests.

Questions About Security?

We're happy to discuss your specific security requirements and answer any questions.

Contact Us Create Account