Privacy Policy for tend.ee

Last Updated: June 23, 2025

At tend.ee, we respect your privacy and are committed to protecting it.

This Privacy Policy explains what personal data we collect, how we use it, and what rights you have in relation to its processing.

Our goal is to provide you with full transparency and control over your data, in accordance with the highest standards, including the General Data Protection Regulation (GDPR).

1. Data Controller

The controller of your personal data — meaning the entity that decides on the purposes and means of processing — is:

FIRSTSCORE OÜ

Kentmanni tn 4,

10116, Tallinn, Estonia

Registry number: 16012086

If you have any questions regarding the processing of your data, please contact us at: privacy@tend.ee.

2. What Data We Collect

To provide our services at the highest level, we collect the following types of data:

• Registration and Contact Data: Your name, business email address, phone number, company name, and job title. This is the data you provide when creating an account.

• Billing Data: Information necessary for invoicing, such as company name, address, and VAT/tax number.

• Profile and Usage Data: Information you provide to personalize the service (e.g., your industries, target markets, desired contract values, your company’s unique strengths). We also collect data about your activity on the platform (e.g., viewed tenders, saved searches).

• Technical Data: Your IP address, browser and operating system information, approximate location, and data from cookie files.

• Communication Data: The content of your correspondence with us via email, chat, or other support channels.

3. Why and On What Legal Basis We Process Your Data

We process your data only for specific, legitimate purposes:

• To provide our services to you (Legal basis: Art. 6(1)(b) GDPR – performance of a contract):

  • To manage your account and provide access to the platform.

  • To personalize and deliver matched tender alerts according to your profile.

  • To process payments for your subscription.

• To comply with our legal obligations (Legal basis: Art. 6(1)(c) GDPR):

  • To issue invoices and maintain accounting records.

  • To respond to requests from authorized state authorities.

• Based on our legitimate interests (Legal basis: Art. 6(1)(f) GDPR):

  • To communicate with you regarding the service (e.g., information about changes, technical maintenance).

  • To analyze how our platform is used in order to improve it, optimize features, and develop new ones.

  • To ensure the security of our platform and prevent fraud.

  • For direct marketing of our services (always with the option to opt-out).

• Based on your consent (Legal basis: Art. 6(1)(a) GDPR):

  • To send newsletters and marketing information if you have opted-in.

  • To use certain cookies (e.g., analytical, marketing).

4. Who We Share Your Data With

We treat your data with confidentiality. We only share it with trusted partners who help us provide our services. These include:

• Payment service providers (e.g., Stripe) to process transactions.

• Cloud infrastructure providers (e.g., AWS, Google Cloud) on whose servers our platform operates.

• Analytics and marketing tool providers (e.g., Google Analytics, Mailchimp) to improve our services and communication.

• Customer support tool providers (e.g., Intercom, Zendesk).

We always ensure that our partners provide a level of data protection that is at least as high as ours, typically based on data processing agreements.

5. International Data Transfers

We use global service providers, which may involve transferring your data outside the European Economic Area (EEA).

In such cases, we always ensure the transfer is based on adequate legal safeguards, such as Standard Contractual Clauses (SCCs) approved by the European Commission.

6. How Long We Keep Your Data

We store your data for as long as necessary to fulfill the purposes for which it was collected:

• For the duration that you hold an account on the tend.ee platform.

• After your account is deleted, for the period required by law (e.g., for tax and accounting purposes) or until any potential claims are time-barred.

7. Your Rights

Under the GDPR, you have the following rights:

• Right to access data: You can request a copy of your personal data.

• Right to rectification: You can request to correct inaccurate data.

• Right to erasure ("right to be forgotten"): You can request the deletion of your data if there is no longer a legal basis for its processing.

• Right to restriction of processing: You can request to limit the processing of your data in certain cases.

• Right to data portability: You can receive your data in a structured format and transfer it to another controller.

• Right to object: You can object to the processing of your data based on our legitimate interest.

• Right to withdraw consent: If processing is based on your consent, you can withdraw it at any time.

To exercise these rights, please contact us at: privacy@tend.ee.

You also have the right to lodge a complaint with a supervisory authority, which in Estonia is the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon - AKI).

8. Cookies

Our website uses cookies to ensure its proper functioning, analyze traffic, and personalize content.

You can find more information about this in our separate Cookie Policy.

9. Changes to This Privacy Policy

We reserve the right to make changes to this policy.

We will inform you of any significant changes via email or through a notification on the platform.