.svg)
TenderPilot helps Australian SMEs win more government contracts, faster, smarter, and compliantly. Built by procurement experts. Powered by AI.
Made with 🖤 in South Australia
.svg){kind=small}
At TenderPilot, security, trust, and compliance are at the heart of everything we do.
We know our customers rely on us to handle sensitive procurement data, and we design our systems to meet the highest standards of security, privacy, and responsible AI practice.
Microsoft Azure OpenAI (Australia)
- All AI models are hosted exclusively in Microsoft Azure OpenAI Australian data centres.
- These facilities are already certified to IRAP (Information Security Registered Assessors Program), ISO 27001, and SOC 2 standards.
- Ensures government-grade compliance and data residency within Australia.
Google Cloud Platform (GCP, Australia)
- Selected web application components are hosted on GCP’s Australian data centres.
- GCP infrastructure meets equivalent ISO, SOC 2, and IRAP compliance benchmarks.
Data Encryption
- All data is encrypted in transit (TLS/SSL) and at rest (AES-256 standard).
Responsible AI Network Member
- TenderPilot is a member of the Responsible AI Network, established by Australia’s National Artificial Intelligence Centre.
-We are committed to Responsible AI principles: fairness, transparency, privacy, accountability, and robustness.
- We fully comply with the Responsible AI Network’s recommendations for the ethical development and deployment of AI.
ASD ACSC (Australian Cyber Security Centre)
- As a member of the Australian Signals Directorate (ASD) – ACSC Partner Program, we align with Australia’s official cybersecurity best practices.
- Our systems and processes are continuously benchmarked against Essential Eight mitigation strategies.
Privacy Act 1988 (Cth)
ll handling of personal information complies with the Australian Privacy Principles (APPs).
- We also align with GDPR requirements for our international customers.
Access Controls
- Role-based access with multi-factor authentication (MFA).
- Monitoring and logging of all privileged account activity.
Monitoring & Testing
- Continuous monitoring for anomalies and threats.
- Regular third-party penetration testing and vulnerability scanning.
Incident Response
- Documented incident response framework.
- Notification procedures aligned with the Notifiable Data Breaches (NDB) Scheme.
Data Retention & Portability
- Data retained only as long as required by law or to deliver services.
- Secure deletion and customer data export options available upon request.
Customer Data Protection
- Customer data is used only to deliver outputs requested by the customer.
- We do not use customer data to train general-purpose AI models.
Proprietary Model Training
- Where TenderPilot trains its proprietary AI models, only anonymised, aggregated data is used.
- Outputs are provided as assistance and require customer review before submission.
Transparency
- AI outputs may contain inaccuracies or require modification.
- Users remain responsible for verifying compliance with tender requirements.
TenderPilot helps SMEs win more government tenders, faster, smarter, and without costly consultants or endless guesswork.
TenderPilot helps Australian SMEs win more government contracts, faster, smarter, and compliantly. Built by procurement experts. Powered by AI.
Made with 🖤 in South Australia