Tendre Privacy Policy
Last updated: 25 March 2026
1. Introduction
Tendre ("we", "us", "our") is committed to protecting your privacy and handling your personal data responsibly.
This Privacy Policy explains how we collect, use, store, and share personal data when you use www.tendre.com (the "Platform"), and sets out your rights under applicable data protection law, including UK GDPR and EU GDPR.
By using the Platform, you agree to the collection and use of your personal data as described in this policy.
2. Who We Are
Tendre operates as a digital marketplace connecting occupiers, property owners, and suppliers within the commercial real estate, workplace, and office procurement sector.
For the purposes of data protection law, Tendre acts as a Data Controller in respect of personal data collected through the Platform, and as a Data Processor where we process personal data on behalf of our users in accordance with our Data Processing Agreement.
Contact for data protection matters:
Email: privacy@tendre.com
Website: www.tendre.com
3. Personal Data We Collect
3.1 Information You Provide to Us
When you register and use the Platform, we collect:
- Name, job title, and department
- Business email address and phone number
- Company name, type, and location
- Profile information, credentials, and case studies (for suppliers)
- Project and tender information (for occupiers)
- Payment information (processed securely via our payment provider; we do not store card details)
- Communications and messages sent through the Platform
- Staff postcodes and location data submitted via the Staff & Commute Analysis tool
- Files, documents, and data you upload to the Platform
3.2 Information Collected Automatically
When you use the Platform, we automatically collect:
- IP address and device information
- Browser type and operating system
- Pages visited, features used, and time spent on the Platform
- Referral sources and search terms
- Session data and cookies (see our Cookie Policy)
3.3 Information from Third Parties
We may receive information about you from:
- Your organisation (where your account is set up by an account administrator)
- Third-party analytics and marketing partners
- Publicly available sources (for example, company registration data)
4. How We Use Your Personal Data
We use your personal data for the following purposes:
4.1 Providing and Operating the Platform
- Creating and managing your account
- Enabling supplier discovery, matching, and communication
- Managing tenders, projects, and procurement workflows
- Processing subscription payments and managing access
- Providing AI-powered features, benchmarking, and analytics tools
- Operating the Staff & Commute Analysis tool
Lawful basis: Contract (processing necessary to perform our agreement with you); Legitimate interests
4.2 Improving the Platform
- Analysing usage patterns to improve features and performance
- Conducting internal research and product development
- Generating anonymised, aggregated insights and benchmarking data
Lawful basis: Legitimate interests
4.3 Communications
- Sending account-related notifications and updates
- Responding to enquiries and support requests
- Sending marketing communications (where you have opted in or we have a legitimate interest)
Lawful basis: Consent (for marketing); Contract and Legitimate interests (for service communications)
4.4 Safety, Security, and Compliance
- Detecting and preventing fraud, abuse, and misuse of the Platform
- Enforcing our Terms of Use and policies
- Complying with legal obligations
Lawful basis: Legal obligation; Legitimate interests
5. Staff and Commute Data
Where you submit staff postcode data via the Staff & Commute Analysis tool, you confirm that:
- You have a lawful basis for processing this data under applicable data protection law
- You have provided appropriate notices to the relevant individuals (your employees or staff)
- The data is used solely for the purpose of generating commute analysis results
We process postcode-level location data to generate routing and commute estimates. This data is not used for any other purpose and is not shared with third parties, except where necessary to generate routing results via mapping service providers.
Detailed results are accessible only to you and, where applicable, to Tendre administrators for platform support purposes.
6. Sharing Your Personal Data
We do not sell your personal data. We may share it with:
6.1 Other Platform Users
Your profile information (name, company, contact details, and any content you publish) is visible to other users of the Platform as part of its core functionality.
Supplier profiles are visible to occupiers and owners seeking services.
6.2 Service Providers and Sub-processors
We use third-party service providers to support the operation of the Platform, including:
- Cloud hosting and infrastructure providers
- Analytics and performance monitoring tools
- Email and communication services
- Payment processing providers
- Mapping and routing API providers (for commute analysis)
All service providers are bound by data processing agreements and are required to handle your data in accordance with applicable law.
6.3 Legal and Regulatory Requirements
We may disclose your personal data where required by law, regulation, or court order, or where necessary to protect the rights and safety of Tendre, its users, or the public.
6.4 Business Transfers
In the event of a merger, acquisition, or sale of all or part of Tendre's business, your personal data may be transferred to the relevant third party, subject to appropriate protections.
7. International Data Transfers
Tendre may transfer personal data outside the UK or EEA. Where this occurs, we ensure that appropriate safeguards are in place, including:
- Standard Contractual Clauses (SCCs) approved by the relevant regulatory authority
- Transfers only to countries deemed to provide adequate protection under UK or EU law
- Other lawful transfer mechanisms as required
You can request further information about international transfer safeguards by contacting us at privacy@tendre.com.
8. Data Retention
We retain your personal data for as long as necessary to provide the Platform and fulfil the purposes described in this policy, and in accordance with applicable legal requirements.
In general:
- Account data is retained for the duration of your account, plus a reasonable period afterwards for legal and compliance purposes
- Usage and analytics data is retained in anonymised or aggregated form indefinitely
- Postcode and commute analysis data is retained only as long as needed to provide results and support your account
- Payment records are retained for the period required by applicable tax and accounting law
You may request deletion of your personal data at any time (see Section 10).
9. Cookies
We use cookies and similar technologies on the Platform. For full details, please see our Cookie Policy.
10. Your Rights
Under UK GDPR and EU GDPR, you have the following rights in respect of your personal data:
- Right of access: to request a copy of the personal data we hold about you
- Right to rectification: to request correction of inaccurate or incomplete data
- Right to erasure: to request deletion of your personal data, subject to applicable legal obligations
- Right to restriction: to request that we restrict processing in certain circumstances
- Right to data portability: to receive your data in a structured, machine-readable format
- Right to object: to object to processing based on legitimate interests or for direct marketing purposes
- Rights in relation to automated decision-making: to not be subject to solely automated decisions that significantly affect you
To exercise any of these rights, please contact us at:
Email: privacy@tendre.com
We will respond to all requests within one calendar month. We may need to verify your identity before processing your request.
If you are dissatisfied with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at www.ico.org.uk (UK) or your local supervisory authority (EU).
11. Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, disclosure, or alteration, including:
- Encryption of data in transit (TLS)
- Encryption of sensitive data at rest where appropriate
- Role-based access controls
- Regular security monitoring and review
- Secure cloud infrastructure
No system is completely secure. If you become aware of any security vulnerability or incident, please contact us immediately at privacy@tendre.com.
12. Children
The Platform is intended for use by businesses and professionals. We do not knowingly collect personal data from individuals under the age of 18. If you believe a minor has submitted data to us, please contact us and we will take appropriate steps to delete it.
13. Changes to This Policy
We may update this Privacy Policy from time to time. The date at the top of this document indicates when it was last revised. Where changes are material, we will notify you via the Platform or by email.
Continued use of the Platform following any update constitutes your acceptance of the revised policy.
14. Contact
For any privacy-related questions, requests, or concerns:
Email: privacy@tendre.com
Website: www.tendre.com