tender book logo

Tenderbook

Privacy Policy

Company Privacy Policy

Your privacy is important to us. This Privacy Policy explains how we, Mbook Technology Private Limited (hereinafter referred to as "The Company" or "TenderBook"), collect, process, store, share, and protect your personal data through our interactions with you on the Platform (as defined below). Please note that the Platform may include links to websites operated by third parties whose privacy practices differ from those of The Company. If you submit personal data to any such third-party sites, their privacy policies may apply to your information and the Company shall not be held responsible for the same in any manner. By accessing, using, browsing, or registering on the Platform, you agree to be bound by this Privacy Policy and consent to the collection, storage, use, handling, disclosure, or transfer of your information in accordance with its terms.

Applicable Laws

This Privacy Policy is published pursuant to and in compliance with: The Information Technology Act, 2000; The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011 ("SPI Rules"); and Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021; The Digital Personal Data Protection Act, 2023 (if notified and in force) and rules framed thereunder, if any.

Basic principles

The fundamental principles governing personal information are as follows:

  • Personal information shall be processed lawfully, fairly, and with transparency
  • It shall be collected for explicit, specified, and legitimate purposes and not further processed in a manner incompatible with those purposes.
  • Data collected must be adequate, relevant, and limited to what is necessary for the purposes for which it is processed.
  • Personal data shall be accurate and, where necessary, kept up to date, with every reasonable step taken to ensure inaccurate personal data is erased or rectified without delay.
  • Information will be kept in a form that permits identification of the user for no longer than is necessary for the purposes for which the personal data are processed

1. Who we are:

Tenderbook is a platform that helps companies discover relevant tenders, apply seamlessly with the respective agencies, and access key insights without reading lengthy documents. It simplifies the tendering process by offering smart search, application support, and instant summaries—saving time and boosting efficiency for businesses of all sizes.

2. Our Privacy policy explains:

(a) What information we collect and the reasons for its collection.
(b) How we utilize the information gathered.
(c) The choices we provide, including methods for accessing and updating your information.
(d) Our data retention period and disposal practices.

3. Definitions:

Data/ Information: includes information that you submit to The Company via the Platform and/or information which is accessed and procured by The Company pursuant to your visit to the Platform.
Cookies: a small file placed on your computer by this Platform when you either visit or use certain features of the Platform. A cookie generally allows the website to "remember" your actions or preference for a certain period of time.
Data Protection Laws: any applicable law relating to the processing of personal data, including the Digital Personal Data Protection Act, 2023 and the Information Technology Act, 2000, as amended or substituted.
User or You: the natural person (including registered or unregistered users) who accesses the Platform.
Platform: the TenderBook website that you are currently using, and any sub-domains of this site, unless excluded by their own terms.

4. Information we collect

a) Information You Provide:

Personal Information: Our services require you to sign up. When you do, we'll ask for certain personal information, including but not limited to your full name, email address, contact number, address (includes state, city, pin code).
KYC and Financial Information: We collect KYC data (including KYC of Directors and Officers) and documents including PAN, GST certificates, incorporation documents and trade licenses which are required to unlock various features or actions on the Platform. To enable certain services, we may also ask you to furnish financial information including financial statements, bank account statement and IT returns which we may use to provide you a rating, score or badge. To assist you with tracking the documents submitted, knowing the status of verifications and other ancillary activities, we shall be sharing the submitted documents with The Company employees and/or necessary representatives or affiliates of the Company which is necessary for performing the verifications and/or other ancillary activities/services offered by the Company.

b) Information Collected by automated means:

Device information: We collect device-specific information, such as your hardware model, operating system version, unique device identifiers, and mobile network information, including your phone number. The Platform may link your device identifiers or phone number with your The Company account.
Log information: When you use our services or view content provided by The Company, we automatically collect and store certain information in server logs. This includes details of how you used our services (e.g., search queries), Internet protocol address, device event information (e.g., crashes, system activity, hardware settings), browser type and language, the date and time of your request, and referral URL.
Location information: When you use our services, we may collect and process information about your actual location.
Local storage: We may collect and store information (including personal information) locally on your device using mechanisms such as browser web storage and application data caches.
Cookies and similar technologies: Our Sites may use cookies such as HTTP Cookies. Your browser may tell you how to be notified when you receive certain types of Cookies and how to restrict or disable certain Cookies. Please note, however, that without cookies you may not be able to use all the features of our Sites.
Others: Information we collect when you are signed into our Platform, in addition to information obtained from partners, may be associated with your The Company Account. For more details on accessing, managing, or deleting information tied to your The Company Account, refer to the "Transparency and Choice" section of this policy. We may also use your unique identifier (e.g., employee number) if integration with your parent organization is required.

5. How we use the information we collect:

We use the Information we collect from you to provide, maintain, protect and improve our services, to develop new ones, and to protect The Company and our Users.
When you contact us, we keep a record of your communication to help solve any issues you might be facing. We may use your email address to inform you about our services, such as letting you know about upcoming changes or improvements, offers etc..
We use Information collected from Cookies and other technologies, to improve your user experience and the overall quality of our services. For example, by saving your language preferences, we'll be able to have our services appear in the language you prefer.

6. Transparency:

We recognize that individuals have varying privacy concerns. Our aim is to be transparent about the information we collect so that you can make informed choices about its use. For example, you can review and update your profile, and review and control certain types of information linked to your account.

7. Consent:

By using the Website and/or providing your information, you consent to the collection and use of the information you disclose on the Website in accordance with this Privacy Policy. When we process your Data, we do so with your consent and/or as necessary to operate our business, fulfil our contractual and legal obligations, protect the security of our systems and customers, or pursue other legitimate interests of The Company as described in this Privacy Policy. Additions/changes may be made to this clause from time to time for explicit permission/consent; please refer to clause "Changes to this privacy policy".

8. Accessing and updating information:

Whenever you use our services, we strive to provide you with access to your personal information. If that information is incorrect, we endeavour to offer ways to update it quickly or delete it while we retain such Information for legitimate purposes. When updating your personal information, we may ask you to verify your identity before acting on your request. We may decline requests that are unreasonably repetitive, require disproportionate technical effort (e.g., developing a new system or fundamentally altering an existing practice), or risk the privacy of others. We provide access to your Information and correction of erroneous data to support your rights. We aim to maintain our services in a manner that protects Information from accidental or malicious destruction.

9. Information sharing:

By agreeing to this privacy notice, you consent to the disclosure and transfer of your Information. Your Information may be disclosed:
  • To our affiliates for the purposes described in this privacy notice;
  • To a third-party payment gateway provider who collects certain financial information from you, including but not restricted to, your credit/ debit card number or your bank account details. All financial information collected from you by such third-party payment gateway providers will be used only for billing and payment processes.
  • To other third-party service providers who provide services such as data analysis, customer service, auditing and other services;
  • To your domain administrators- If your account is managed for you by a domain administrator, then your domain administrator who provides user support to your organization will have access to your The Company account information (including your email and other data). Your domain administrator may be able to view statistics regarding your account, reset your account password, suspend or terminate your account access, access or retain information stored as part of your account, receive your account information in order to satisfy applicable law, regulation, legal process or enforce governmental request and restrict your ability to delete or edit information or privacy settings, subject to compliance with applicable law.;
  • To third parties, to permit them to send you marketing communications, consistent with your choices. We may use third-party advertising companies to serve advertisements regarding goods and services that may be of interest to you when you access and use the Platform and other online services, based on information relating to your access to and use of the Platform and other websites or online services on any of your devices, as well as on information received from third parties.;
  • To enforce our terms and conditions; and
  • To protect our rights, privacy, safety or property, and/or that of our affiliates, you or others or to fight fraud and credit risk.
Your Information may also be transferred, stored, or processed in any country other than where you access the Platform. By using the Platform, you consent to such transfer of your Information outside your country and also within our affiliates, subsidiaries, and partners, whether based in or outside India, provided they have agreed to ensure the same level of data protection as prescribed under this privacy policy and the data protection laws of India.

10. Marketing Communications

By accessing the Platform and providing us with your Information, you explicitly consent to receive promotional and advertising communications (via call, SMS, WhatsApp, email, or other digital and electronic means) from us and/or our authorized representatives regarding our upcoming products, services, or new offerings. This applies even if your mobile number is registered under the DND/NCPR list as per the Telecom Commercial Communications Customer Preference Regulations, 2018. You acknowledge that communications sent to you may pertain to products and/or services you have already purchased or enquired about, and/or may also be promotional in nature. You may opt out of receiving promotional and advertising communications from us at any time by following the instructions in those communications or by emailing us at support@tenderbook.in . If you opt out of receiving promotional or advertising communications, we may still send you non-marketing communications about products you have purchased or services you have requested or received from us.

11. Information security measures:

We are committed to protecting The Company and our Users from unauthorized access to or unauthorized alteration, disclosure, or destruction of the Information we hold.
In particular:
  • We encrypt all our services and process and store Data in accordance with applicable Data Protection Laws.
  • We regularly review our Information collection, storage, and processing practices, including physical security measures, to guard against unauthorized access to systems.
  • We restrict access to personal information to The Company employees, contractors, and agents who require this information to process it for us, and who are bound by strict contractual confidentiality obligations. They may face disciplinary action or termination if they fail to meet these obligations
While we make our best efforts to transmit and store all information you provide in a secure operating environment not accessible to the public, you understand and acknowledge that complete security is not guaranteed, and we do not warrant against unintended disclosures or potential security breaches. You agree not to hold us responsible for any security breach or for any actions of third parties who receive your Information, or for events beyond our reasonable control, including acts of government including but not limited to requests made by any government entity under applicable laws, computer hacking, unauthorized access to computer data and storage devices, computer crashes, breaches of security and encryption, etc. However, if you have reason to believe that your interaction with us is no longer secure, please notify us immediately via the "Contact Us" section below

12. Data Storage and Processing Locations

Personal data collected by The Company Platform may be stored and processed in your region or anywhere within India. The selection of storage location(s) is driven by operational efficiency, performance improvement, and the creation of redundancies to protect data in the event of outages or other issues. We take steps to ensure that the Data we collect under this privacy policy is processed according to the provisions of this statement and the requirements of applicable Indian laws.

13. Scope of this Privacy Policy:

Our privacy policy applies to all services offered by The Company and its affiliates, but excludes services that have separate privacy policies that do not incorporate this policy. This privacy policy does not extend to services offered by other companies or individuals, including products or sites that may be displayed in search results or other sites linked to our services. Furthermore, our privacy policy does not cover the information practices of other companies and organizations that advertise our services and may use Cookies, pixel tags, and other technologies to serve and offer relevant advertisements

14. Compliance and cooperation with regulatory authorities:

We regularly review our compliance with our privacy policy. We also work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personal data that we cannot resolve with our Users directly.

15. Changes to This Privacy Policy:

In the event the Company modifies this Privacy Policy, the same will be updated on the website. This policy may be changed, but any changes will be posted, and changes will only apply to activities and information on a going forward, not retroactive basis. The users are encouraged to periodically review this page for the latest information on its privacy practices. In case of any material changes to the Policy, the users will be notified by email (sent to the email address specified in the user's account) or by means of a notice on this website prior to the change becoming effective.

16. Data Retention

User information data will be retained for as long as the user account is active or as needed to provide services to the user or otherwise required under any other law for the time being in force. If the user wishes to cancel its account or requests that the Company no longer uses its information to provide services, the user may contact the Company at support@tenderbook.in . The Company will retain and use user information as necessary to comply with its legal obligations, resolve disputes, and enforce its agreements or for other business purposes.

17. Rights of Users

Need to Know:

The Company DOES NOT solicit confidential details such as your OTP/CVV/PIN/Card Number/Bank account details through any means.
Be aware that scamsters/fraudsters employ various techniques, such as 'phishing,' to contact, influence, and defraud consumers.
The Company consistently cautions its customers against sharing any personal or payment-sensitive information with unknown persons, as such sharing can lead to unauthorized use and/or fraud, resulting in financial loss.
The Company shall not be liable for any loss, damage, or expense incurred by a customer where the customer has shared personal and/or payment-sensitive information with scamsters/fraudsters.
We encourage our customers to report such attempts or incidents to our Data Protection Officer (DPO) and Grievance Officer (GO) at zafar@tenderbook.in or Customer care at +91 9811714120 to enable us to investigate and explore legal recourse.
The Company reserves the right to divert emails to the DPO and GO if customers have directly written to customer support without exhausting the Grievance Redressal communication Procedure mentioned above

18. Non-Disclosure

The Company ensures that it is going to keep all information confidential except in the following cases:
  • The Company may disclose users' information to governmental and other statutory bodies who have appropriate authorization to access the same for any specific legal purposes.
  • The Company may disclose users' information if it is under a duty to do so in order to comply with any legal obligation, or in order to enforce or apply the Terms of Use (displayed on the website), or to protect the rights, property or safety of The Company, its users or others. This includes exchanging information with other companies / agencies that work for fraud prevention and credit reference.
  • The Company may disclose users' information to its agents under a strict code of confidentiality.
  • The Company may disclose users' information to such third parties to whom it transfers its rights and duties under the customer agreement entered into with the users. In such an event, the said third parties' use of the information will be subject to such confidentiality obligations as contained in this Policy.
  • The Company may disclose users' information to any member of its related or group companies including its subsidiaries, its ultimate holding company and its subsidiaries, as the case may be.
  • In the event that The Company sells or buys any business or assets, it may disclose the users' information to the prospective seller or buyer of such business or assets. user, email and visitor information are generally one of the transferred business assets in these types of transactions. The Company may also transfer or assign such information in the course of corporate divestitures, mergers or dissolution.

19. Severability

The Company has made every effort to ensure that this Policy adheres with the applicable laws. The invalidity or unenforceability of any part of this Policy shall not prejudice or affect the validity or enforceability of the remainder of this Policy.

20. No waiver

The rights and remedies available under this Policy may be exercised as often as necessary and are cumulative and not exclusive of rights or remedies provided by law. It may be waived only in writing. Delay in exercising or non-exercise of any such right or remedy does not constitute a waiver of that right or remedy, or any other right or remedy.

21. Contact us:

If you have a privacy concern, complaint, or a question regarding this privacy policy, please direct it to the Data Protection Officer (DPO) & Grievance Officer (GO) at zafar@tenderbook.in for the purposes of Indian data protection law. The Company will respond to all relevant user queries within 30 days.

Last updated: July 22, 2025