Book a demo

Company

Enterprise Security

TenderMind is built to minimize data exposure by design. Our security posture differs by deployment model, because the data path is fundamentally different for Platform Workflows versus Embedded Agents.

Platform Workflows

Ephemeral processing by default

Platform Workflows are executed inside TenderMind's platform for complex, end-to-end processing. To reduce risk, processing is designed to be RAM-based and ephemeral:

  • Files are processed in-memory for the duration of the workflow.
  • Once processing is complete, the user receives the result via email.
  • After delivery, we delete all processed content.

What we keep

We retain only minimal operational metadata required for basic observability and traceability:

  • File name logs for the documents that were processed (e.g., filenames)
  • No document content is retained after processing.

Model provider safeguards

When Platform Workflows use third-party AI infrastructure, we operate under commercial agreements intended to ensure:

  • Your data is not used to train models.
  • Your data is not stored by the provider and is deleted immediately after processing.

Best-in-class models

We use leading, up-to-date models from major AI providers to ensure high-quality results and robust infrastructure. This is paired with the safeguards above, so capability improves without compromising your data handling expectations.

Embedded Agents

Data stays in your enterprise environment

Embedded Agents run inside the AI interface your company already uses (e.g., enterprise copilots and approved AI workspaces). In this model:

  • Data handling follows your organization's existing enterprise agreement with that provider.
  • In most corporate environments, these agreements are designed to ensure data is handled within the organization's controlled boundary and meets the provider's enterprise security commitments.

Why we deploy inside your interface

The purpose of Embedded Agents is privacy-first deployment:

  • Your team works inside a familiar, approved interface.
  • You keep your existing controls (access, governance, retention, internal policies).
  • TenderMind integrates on top of what your organization already uses, so privacy and compliance align with your current standards.

Summary

  • Platform Workflows: RAM-based processing, results delivered by email, and full deletion of processed content after delivery, with only filename logs retained. Third-party AI usage is governed by agreements designed to prevent training and storage.
  • Embedded Agents: Run inside your company's approved AI interface and inherit the security and privacy terms of your organization's enterprise agreement, maximizing privacy and compliance by keeping work within your existing environment.

Compliance note

Security expectations and contractual terms can vary by provider and deployment. If you need a security summary for your internal review (legal, IT, or procurement), we can provide a deployment-specific description aligned to your organization's requirements.

Need a security summary?

We can provide a deployment-specific description for your internal review.

Contact usBook a demo