Specsift
Privacy

Privacy Policy

Last updated: March 15, 2026

This Privacy Policy explains how SpecSift ("SpecSift", "we", "us", or "our") collects, uses, and protects information when you use our website, web application, and related services (collectively, the "Service").

The Service is intended for business users located in Canada and the United States. By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy.

1. Information We Collect

a) Account & Contact Information

We collect information you provide when you create an account or contact us, such as:

  • Name
  • Work email address
  • Company name and role
  • Password (stored only in hashed form)
  • Optional profile and organization details

b) Tender & Project Content ("Customer Content")

When you use the Service, you may upload or otherwise provide:

  • Tender documents (e.g., specifications, ITTs, instructions to bidders)
  • Addenda, schedules, BOQs, and appendices
  • Drawings and related design documents
  • Internal notes, appetite settings, and other configuration data

We treat this as Customer Content. You retain ownership of Customer Content; we process it only to provide the Service and as otherwise described here.

c) Usage & Technical Data

We automatically collect certain data when you use the Service, such as:

  • IP address, browser type, and device information
  • Pages visited, features used, and timestamps
  • Diagnostic and performance data (e.g., error logs)

d) Cookies & Similar Technologies

We use cookies and similar technologies to:

  • Keep you signed in
  • Remember preferences
  • Measure usage and improve the Service

You can control cookies through your browser settings, but some features may not function properly if cookies are disabled.

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service
  • Analyze documents and generate reports you request
  • Configure risk scoring and appetite settings for your organization
  • Communicate with you (support, onboarding, product updates)
  • Monitor, troubleshoot, and improve performance and security
  • Enforce our Terms of Use and comply with legal obligations

We do not sell your personal information.

3. How We Handle Customer Content

Customer Content is used solely to:

  • Perform analyses and generate outputs that you or your organization request
  • Support debugging and quality assurance for your account
  • Maintain necessary logs and backups for security and reliability

We do not use Customer Content to train generic public models or to market to you or third parties.

We rely on infrastructure and service providers (for hosting, storage, AI processing, email, logging, etc.). These providers may process Customer Content only so we can operate the Service. They are contractually restricted from using your data for their own independent purposes.

4. Applicable Privacy Laws

Because we primarily serve users in Canada and the United States, we aim to handle personal information in line with:

  • Applicable Canadian federal and provincial privacy laws (such as PIPEDA and substantially similar provincial laws, where they apply), and
  • Applicable U.S. federal and state privacy laws for business users (including state privacy acts for residents of those states, where applicable).

The Service is not targeted at residents of the European Economic Area or the United Kingdom, and we do not currently design the Service to meet GDPR/UK GDPR requirements.

5. Sharing of Information

We may share personal information with:

  1. Service Providers

    Third-party vendors who assist with hosting, storage, AI processing, analytics, email, customer support, and similar services.

  2. Business Transfers

    In connection with a merger, acquisition, financing, or sale of all or part of our business, information may be transferred as part of that transaction.

  3. Legal, Safety, and Compliance

    Where we reasonably believe disclosure is necessary to comply with a law, protect rights and safety, or address fraud, security, or technical issues.

We do not sell or rent your personal information.

6. Data Location, Security & Retention

Data Location

Our Service and service providers may store or process information in Canada, the United States, or other locations in North America. By using the Service, you consent to your information being processed in these locations, which may have different data-protection rules than your home jurisdiction.

Security

We use commercially reasonable administrative, technical, and physical safeguards, such as:

  • Encrypted connections (HTTPS/TLS) for data in transit
  • Access controls and least-privilege principles for staff and systems
  • Segregation of environments where appropriate

However, no method of transmission or storage is 100% secure. You understand that you upload and use Customer Content at your own risk.

Retention

We retain information for as long as needed to:

  • Provide the Service to you and your organization
  • Comply with legal, accounting, or reporting obligations
  • Resolve disputes and enforce agreements

You may request deletion of your account and associated personal data as described below. Certain logs and backups may be retained for a limited period after deletion for security and compliance.

7. Your Rights & Choices

Your privacy rights vary depending on where you live (e.g., by province or state), but may include the right to:

  • Access personal information we hold about you
  • Request correction or update of inaccurate information
  • Request deletion of certain personal information, subject to legal retention obligations
  • Opt out of certain types of communications

To exercise these rights, contact us at rob@specsift.com, matt@specsift.com. We may need to verify your identity before responding.

You may also unsubscribe from marketing emails using the link in those emails and adjust cookie settings through your browser.

If you are a user inside an organization account, some requests may need to be routed through your organization's administrator.

8. Children's Privacy

The Service is intended for business and professional use only and is not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us information, please contact us so we can delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top and, where appropriate, notify you through the Service or by email.

Your continued use of the Service after an update means you accept the revised Privacy Policy.

10. Contact Us

SpecSift

Attn: Privacy

Email: rob@specsift.com, matt@specsift.com

Mailing address: 1325 Lower Water St, Halifax, NS

SpecSift - AI Tender Analysis for Civil & Infrastructure Contractors