Specsift
Privacy

Privacy Policy

Last updated: March 19, 2026

This Privacy Policy explains how SpecSift ("SpecSift", "we", "us", or "our") collects, uses, discloses, and protects information when you use our website, web application, and related services (collectively, the "Service").

The Service is intended for business users located in Canada, the United States, Australia, and other jurisdictions where we choose to make the Service available. By using the Service, you agree to the collection, use, and disclosure of information in accordance with this Privacy Policy.

1. Information We Collect

a) Account & Contact Information

We collect information you provide when you create an account, request access, contact us, or otherwise interact with the Service, such as:

  • Name
  • Work email address
  • Company name and role
  • Password (stored only in hashed form)
  • Optional profile and organization details

b) Tender & Project Content ("Customer Content")

When you use the Service, you may upload or otherwise provide:

  • Tender documents (e.g., specifications, ITTs, instructions to bidders)
  • Addenda, schedules, BOQs, and appendices
  • Drawings and related design documents
  • Internal notes, appetite settings, and other configuration data

We treat this as Customer Content. You retain ownership of Customer Content; we process it only to provide the Service and as otherwise described in this Privacy Policy.

c) Usage & Technical Data

We automatically collect certain data when you use the Service, such as:

  • IP address, browser type, and device information
  • Pages visited, features used, and timestamps
  • Diagnostic and performance data (e.g., error logs)

d) Cookies & Similar Technologies

We use cookies and similar technologies to:

  • Keep you signed in
  • Remember preferences
  • Measure usage and improve the Service

You can control cookies through your browser settings, but some features may not function properly if cookies are disabled.

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service
  • Analyze documents and generate reports you request
  • Configure risk scoring and appetite settings for your organization
  • Communicate with you (support, onboarding, product updates)
  • Monitor, troubleshoot, and improve performance and security
  • Enforce our Terms of Use and comply with legal obligations

We do not sell your personal information.

3. How We Handle Customer Content

Customer Content is used solely to:

  • Perform analyses and generate outputs that you or your organization request
  • Support debugging and quality assurance for your account
  • Maintain necessary logs and backups for security and reliability

We do not use Customer Content to train generic public models or to market to you or third parties.

We rely on infrastructure and service providers (for hosting, storage, AI processing, email, logging, analytics, customer support, and similar services). These providers may process Customer Content only so we can operate the Service and are contractually restricted from using your data for their own independent purposes.

4. Applicable Privacy Laws

We aim to handle personal information in line with applicable privacy laws in the jurisdictions where we operate and make the Service available, including:

  • Applicable Canadian federal and provincial privacy laws (such as PIPEDA and substantially similar provincial laws, where they apply)
  • Applicable U.S. federal and state privacy laws for business users, where they apply
  • Applicable Australian privacy laws, including the Privacy Act 1988 (Cth) and the Australian Privacy Principles, where they apply

The Service is not targeted at residents of the European Economic Area or the United Kingdom, and we do not currently design the Service to meet GDPR or UK GDPR requirements.

5. Sharing of Information

We may share personal information with:

Service Providers

Third-party vendors who assist with hosting, storage, AI processing, analytics, email, customer support, logging, and similar services.

Business Transfers

In connection with a merger, acquisition, financing, restructuring, or sale of all or part of our business, information may be transferred as part of that transaction.

Legal, Safety, and Compliance

Where we reasonably believe disclosure is necessary to comply with a law, regulation, court order, or lawful request; to protect rights, property, or safety; or to address fraud, security, or technical issues.

We do not sell or rent your personal information.

6. Data Location, Cross-Border Processing, Security & Retention

Data Location & Cross-Border Processing

Our Service and service providers may store or process information in Canada, the United States, Australia, or other jurisdictions where we or our service providers operate.

By using the Service, you understand that your information may be transferred to, stored in, or processed in countries outside your home jurisdiction, and those countries may have different data-protection laws than your home jurisdiction.

Where applicable, we take reasonable steps to ensure that personal information processed by overseas service providers is handled in a manner consistent with applicable legal requirements and appropriate privacy and security safeguards.

Security

We use commercially reasonable administrative, technical, and physical safeguards, such as:

  • Encrypted connections (HTTPS/TLS) for data in transit
  • Access controls and least-privilege principles for staff and systems
  • Segregation of environments where appropriate

However, no method of transmission or storage is 100% secure. You understand that you upload and use Customer Content at your own risk.

Retention

We retain information for as long as needed to:

  • Provide the Service to you and your organization
  • Comply with legal, accounting, or reporting obligations
  • Resolve disputes and enforce agreements

You may request deletion of your account and associated personal data as described below. Certain logs and backups may be retained for a limited period after deletion for security, legal, and compliance purposes.

7. Data Breach Notification

If we become aware of a data breach affecting personal information, we will investigate and take appropriate steps consistent with applicable law.

Where required by applicable law, we will notify affected individuals and relevant regulators of eligible data breaches, including under Australia's Notifiable Data Breaches scheme where applicable.

8. Your Rights & Choices

Your privacy rights vary depending on where you live and the laws that apply to you, but may include the right to:

  • Access personal information we hold about you
  • Request correction or update of inaccurate information
  • Request deletion of certain personal information, subject to legal retention obligations
  • Opt out of certain types of communications

To exercise these rights, contact us at rob@specsift.com, matt@specsift.com. We may need to verify your identity before responding.

You may also unsubscribe from marketing emails using the link in those emails and adjust cookie settings through your browser.

If you are a user inside an organization account, some requests may need to be routed through your organization's administrator.

9. Children's Privacy

The Service is intended for business and professional use only and is not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us information, please contact us so we can delete it.

10. Region-Specific Privacy Information

Australia

If you are located in Australia, we aim to handle personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles, where they apply.

If you believe we have mishandled your personal information, please contact us first using the details below so we can try to resolve your concern. If required by applicable law, you may also have the right to make a complaint to the Office of the Australian Information Commissioner.

Canada and the United States

If you are located in Canada or the United States, your privacy rights will depend on the applicable federal, provincial, state, or other local laws that apply to your use of the Service and the type of information involved.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top and, where appropriate, notify you through the Service or by email.

Your continued use of the Service after an update means you accept the revised Privacy Policy.

12. Contact Us

SpecSift

Attn: Privacy

Email: rob@specsift.com, matt@specsift.com

Mailing address: 1325 Lower Water St, Halifax, NS

SpecSift - AI Tender Analysis for Civil & Infrastructure Contractors