← Back to SoulMen

Privacy Policy

Effective Date: July 1, 2026

This privacy policy describes how SoulMen Tech LLC(“we”, “us”, or “our”), operating the SoulMen vendor-readiness verification tool, collects, uses, and stores information when a subcontractor company (“Customer”, “you”) uses the product to prepare tender submission documents for review.

We are committed to protecting your privacy in compliance with applicable data protection regulations, including the UAE Personal Data Protection Law (Federal Decree-Law No. 45/2021) and the General Data Protection Regulation (GDPR).

1. Who This Covers

This policy applies to all registered users, reviewers, and representatives of subcontractor companies utilizing our platform to analyze and verify subcontractor tender submission packages.

2. What We Collect

  • Account and Profile Information: Name, business email address, company affiliation, and login credentials.
  • Uploaded Documents: Trade licenses, VAT certificates, chamber of commerce certificates, ISO certificates, HSE policy manuals, audited financial statements, bank letters, lease agreements, ICV certificates, and professional competency certificates uploaded for compliance analysis.
  • System-Generated Metadata: Extracted field values, compliance findings, confidence scores, and historical audit logs.
  • Platform Usage Logs: Actions taken within the workspace, checklist templates used, upload timestamps, and performance metrics.

We do not collect this information for any purpose beyond providing, maintaining, and improving the document compliance-verification service.

3. How We Use Your Information

We process your data strictly to perform our contract with you, specifically to:

  • Route, classify, and extract metadata from uploaded compliance packages.
  • Check extracted details against selected buyer portal checklists.
  • Compile readiness reports and highlight missing, expired, or non-compliant documents.
  • Keep a detailed audit ledger to meet enterprise auditing standards.
  • Deliver automated alerts for upcoming document expiries if configured by your account.
  • Monitor pipeline latency, model performance, and system health.

We do not sell your personal or corporate data, and we do not use your uploaded documents or extracted content to train AI models.

4. Subprocessors and Third-Party Providers

We use Google Gemini API (AI-assisted classification and extraction), Cloudflare R2 (encrypted document storage), Supabase / PostgreSQL (metadata, profiles, audit trails), and Resend (transactional email delivery) as subprocessors to deliver the Service. Customers with strict data sovereignty requirements may request dedicated regional deployments.

5. Retention and Deletion Policy

Completed or errored review runs and their associated files are automatically deleted after 90 days (configurable per tenant). You can delete any review session, document, or personal data immediately from your account dashboard at any time.

6. Security Measures

  • All files encrypted at rest (AES-256) and in transit (TLS 1.3).
  • Every database query is strictly partitioned by tenant ID.
  • Every upload is screened for disguised executable signatures and malware.
  • Passwords are hashed with Node.js scrypt; sessions use signed, HTTP-only, SameSite-lax cookies.

7. Your Rights

Under the UAE PDPL and GDPR, you have rights to access, rectification, deletion, restriction, portability, and objection regarding your personal data. To exercise any of these rights, contact our Data Protection Officer at privacy@soulmen.ae.

8. Contact Us

Email: privacy@soulmen.ae
Mailing Address: SoulMen Tech LLC, Dubai Internet City, Dubai, United Arab Emirates