Privacy Policy

1. Introduction

ProofWorks (trading as BidEngine), Company No. 193465832, is committed to protecting your privacy in compliance with the UK GDPR and Data Protection Act 2018.

2. Data Controller

Terri Bryan
ProofWorks (trading as BidEngine)
Archer Drive, Derby, DE3 0AG
Email: privacy@bidengine.co

3. Data We Collect

Account Information: Name, email, company details, payment information

Content You Upload: Bid documents, evidence records, generated responses

Usage Data: Login times, IP addresses, features used

4. How We Use Your Data

• Providing the Service (contract performance)
• Processing payments (contract performance)
• Sending service updates (legitimate interest)
• Improving our Service (legitimate interest)

5. Third-Party Processors

• Bubble (AWS) - Database hosting (USA)
• Clerk - Authentication (USA)
• OpenAI - AI processing (USA)
• n8n - Workflow automation (Germany/EU)
• Stripe - Payment processing (USA)
• Vercel - Website hosting (USA)

Where data is transferred outside the UK/EEA, appropriate safeguards are in place.

6. Data Retention

• Account data: Duration of account plus 2 years
• Uploaded content: Duration of account
• Payment records: 7 years (legal requirement)
• Usage logs: 12 months

7. Your Rights (GDPR)

• Access: Request a copy of your data
• Rectification: Correct inaccurate data
• Erasure: Request deletion ("right to be forgotten")
• Restrict Processing: Limit how we use your data
• Data Portability: Receive your data in portable format
• Object: Object to processing based on legitimate interests

Contact privacy@bidengine.co to exercise these rights. We respond within 30 days.

8. Data Security

We implement encryption in transit (TLS/SSL), encrypted database storage, secure authentication, and access controls.

9. Complaints

You may lodge a complaint with the Information Commissioner's Office (ICO):
ico.org.uk

10. Contact

Terri Bryan (Data Controller)
ProofWorks, Archer Drive, Derby, DE3 0AG
Email: privacy@bidengine.co