thedigihubs
Contact us

Legal

Privacy policy

Effective 1 January 2026. This policy explains what data TheDigiHubs collects, why we collect it, how it's protected, and the rights you have over it.

TheDigiHubs operates an agentic digital procurement platform that connects buyers and suppliers worldwide. This policy applies to www.thedigihubs.com and all related services (the "Platform"). For any privacy question, write to support@thedigihubs.com.

1. Who is the data controller

TheDigiHubs is the controller for personal data we collect as a service provider. Where buyers or suppliers upload data about their own staff or counterparties, those organisations are the controllers and we act as their processor under our Data Processing Addendum (DPA), available on request.

2. What we collect

  • Account data: name, work email, company, country, role, password hash.
  • RFQ & quotation content: requirements, specifications, prices, attachments, supplier responses, award decisions.
  • Supplier profile data: company information, certifications, ratings, references.
  • Usage telemetry: log-in events, feature use, device, browser, IP address (truncated for analytics).
  • Communications: messages exchanged in-platform, support tickets, sales emails.
  • Cookies and similar technologies: see our cookie policy.

3. Why we process it (lawful bases)

  • Contract: to provide the Platform you (or your employer) signed up for.
  • Legitimate interests: security, fraud prevention, product analytics, and direct sales follow-up where you contacted us.
  • Consent: for analytics cookies, marketing emails, and any other optional feature.
  • Legal obligation: tax, accounting, anti-money-laundering, and sanctions screening.

4. AI processing

TheDigiHubs uses AI agents to match RFQs to suppliers, rank quotations, draft contracts, and score suppliers. We do not use your RFQ or quotation content to train foundation models, and we do not share it with model providers outside the scope of generating your result.

5. Sharing and subprocessors

We share data only with vetted subprocessors that help us run the Platform: cloud hosting, email delivery, payment processing, analytics, customer support, and AI inference. A current list of subprocessors is available at support@thedigihubs.com. We never sell personal data.

6. International transfers

Data may be processed in the EU, UK, or US. Transfers outside the EEA/UK rely on Standard Contractual Clauses and, where relevant, the UK International Data Transfer Addendum and the EU-US Data Privacy Framework.

7. Retention

Account and transaction data: for the duration of your account plus 7 years (tax/audit). RFQ and award records: 10 years (procurement audit). Marketing data: until you unsubscribe. Logs: 90 days rolling. Deletion requests are honoured within 30 days, subject to legal retention.

8. Your rights

Under GDPR, UK GDPR, and CCPA you may request access, rectification, deletion, restriction, portability, and objection. You may also withdraw consent at any time and lodge a complaint with your supervisory authority. Email support@thedigihubs.com — we respond within 30 days.

9. Security

TLS 1.2+ in transit, AES-256 at rest, role-based access, SSO/SAML for enterprise, full audit trails. See our security page.

10. Children

The Platform is not directed at people under 18. We do not knowingly process children's data.

11. Changes

We post material updates on this page and notify account holders by email at least 30 days before they take effect.

12. Contact

TheDigiHubs · privacy enquiries: support@thedigihubs.com.