This Privacy Policy describes how SME PROCURE LTD (“we”, “us”, “our”) collects, uses and shares personal information when you use SME Procure, including our websites, applications and related product features such as Smart Scope, Smart Team and Smart Bid (the “Service”).
We are based in the United Kingdom. We use personal information only for the purposes described in this Privacy Policy, for compatible purposes permitted by law, or where we are required or permitted to do so by law.
SME PROCURE LTD is the controller of personal information processed through the Service unless a separate agreement says otherwise.
Controller: SME PROCURE LTD, 220 Aztec West, Almondsbury, Bristol, England BS32 4SY. Company number: 16982913 (England and Wales).
Privacy contact: privacy@sme-procure.com.
SME PROCURE LTD is part of a corporate group. Our immediate parent company is RC Fornax PLC (company number 12795371). We may share personal information with RC Fornax PLC and other group companies where necessary for administration, security, service delivery, support, governance or corporate operations.
We collect the following categories of information:
The Service is designed for business and professional use. Please do not upload classified information, export-controlled technical data, sensitive personal data or third-party confidential information unless you and your organisation are authorised to do so and your use is permitted under the relevant agreement and applicable law.
We use personal information to:
Some Service features use AI and automated processing to help structure requirements, parse documents, build profiles, generate search queries, rank candidate results and explain potential fit.
AI-assisted outputs are decision-support materials. They may be incomplete, inaccurate or require context-specific review. Users remain responsible for checking outputs before relying on them, making procurement or staffing decisions, and complying with applicable procurement, employment, security, confidentiality, classification, export control and organisational requirements.
We do not use the Service to make solely automated decisions that produce legal or similarly significant effects about individuals without human involvement, unless we tell you separately and the law permits it.
Where UK GDPR, EU GDPR or similar laws apply, we rely on one or more of the following legal bases:
If we process special category personal data or criminal offence data because you upload it or include it in content, we do so only as necessary to provide the Service, where permitted by law and subject to any applicable additional safeguards or conditions.
We may share personal information with:
We do not sell personal information or use it for targeted advertising.
Personal information may be processed in countries outside the United Kingdom, including where our service providers, subprocessors or group companies operate. Where required, we use appropriate safeguards such as adequacy regulations, the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses, Standard Contractual Clauses or equivalent mechanisms under applicable law.
We retain personal information only for as long as reasonably necessary for the purposes described in this Privacy Policy, unless a longer retention period is required by law, contract, dispute resolution, security, audit or legitimate business needs.
Retention periods depend on the type of data, account or workspace status, contractual requirements, user or organisation instructions, backup cycles and legal obligations. Uploaded files such as CVs, resumes, requirement documents and supplier evidence are retained according to the same principles and any organisation-specific rules enabled in the Service.
We may retain limited records after account closure where needed for security, audit, legal compliance, dispute resolution or enforcement of agreements.
We use technical and organisational measures designed to protect personal information, including access controls, authentication, logging and operational security practices. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
Depending on your location, you may have rights to:
In the UK, the supervisory authority is the Information Commissioner’s Office: ico.org.uk.
To exercise your rights, contact us at privacy@sme-procure.com. We may need to verify your identity before responding. Some rights are subject to legal limits and may not apply in every case.
The Service is not directed at individuals under 16. We do not knowingly collect personal information from children under 16.
We may update this Privacy Policy from time to time. We will post the updated version on this page and revise the “Last updated” date.
Questions about this Privacy Policy or our privacy practices can be sent to privacy@sme-procure.com.
These Terms of Service (“Terms”) govern your access to and use of SME Procure (the “Service”) provided by SME PROCURE LTD, company number 16982913, 220 Aztec West, Almondsbury, Bristol, England BS32 4SY (“we”, “us”, “our”).
By accessing or using the Service, you agree to these Terms. If you use the Service on behalf of an organisation, you represent that you have authority to bind that organisation, and “you” includes that organisation where applicable.
If you or your organisation has a separate written agreement with us, that agreement may supplement or override these Terms for the relevant Service.
SME Procure provides procurement-related tools and features for requirement scoping, supplier discovery, associate discovery, team formation, profile matching, bid support, document processing and related collaboration.
Features may be added, changed, limited, suspended or discontinued from time to time. Some features may be made available only to certain users, plans, workspaces or customer organisations.
You must provide accurate registration information and keep it up to date. You are responsible for keeping your login credentials secure and for activity under your account.
You must comply with applicable laws, these Terms, our policies and any requirements imposed by your employer, client, customer organisation or workspace administrator.
We may refuse, suspend or terminate access where we reasonably believe an account is unauthorised, inaccurate, insecure, unlawful, harmful or in breach of these Terms.
If you join or use a workspace linked to an organisation, that organisation and its authorised administrators may control or access certain account, profile, content and usage information associated with that workspace. Administrators may invite users, manage permissions, configure workflows and remove access.
If you leave an organisation or workspace, content you created or submitted in that workspace may remain available to the organisation where needed for Service functionality, legal compliance, audit, delivery or continuity.
You retain ownership of content you submit to the Service, including CVs, resumes, documents, profile information, requirement materials, supplier evidence, messages, images and other files (“User Content”).
You grant us a non-exclusive, worldwide, royalty-free licence to host, store, copy, process, transmit, display, index, analyse and otherwise use User Content as necessary to provide, secure, support and improve the Service. This includes sharing User Content with other users or organisations where the Service is designed to do so, such as associate discovery, supplier discovery, team building, bid support, project staffing or workspace collaboration.
You represent that you have all rights and permissions needed to submit User Content and allow us to process it under these Terms. You must not submit User Content that infringes third-party rights, breaches confidentiality obligations, is unlawful, is misleading, contains malware or violates applicable security, classification, export control or procurement rules.
The Service may generate AI-assisted outputs, including summaries, extracted profile fields, role structures, workpackage structures, search queries, rankings, candidate matches, supplier matches and fit rationale.
AI-assisted outputs are provided to support human review and decision-making. They are not procurement, legal, financial, employment, security or professional advice. You are responsible for checking outputs, validating evidence, applying your own judgement and complying with any applicable procurement rules, employment rules, security rules, export controls, classification requirements, customer policies and contractual obligations.
We do not guarantee that AI-assisted outputs will be accurate, complete, current, unbiased or suitable for your intended purpose.
You agree not to:
You may receive or access non-public information through the Service. You agree to protect such information in line with applicable agreements, policies and law.
You are responsible for ensuring that your use of the Service complies with applicable confidentiality duties, security classifications, export controls, sanctions, procurement rules and customer or government requirements. The Service must not be used for classified, restricted or controlled content unless we have expressly agreed in writing that the relevant environment and controls are suitable for that content.
The Service relies on third-party providers for functions such as authentication, hosting, cloud infrastructure, email delivery, maps, AI processing, document processing, vector search and security checks. Their terms, policies and processing practices may apply to the extent you use those features. Our current key subprocessors are listed on the Subprocessors page.
We are not responsible for third-party services outside our reasonable control.
If fees apply, they will be set out in an order form, subscription plan, statement of work or other written agreement. You agree to pay all applicable fees and taxes according to the relevant payment terms.
Unless a separate agreement says otherwise, fees are non-refundable except where required by law.
We and our licensors own all rights, title and interest in the Service, including software, workflows, user interface, designs, models, databases, documentation, branding and related intellectual property, excluding User Content.
Subject to these Terms, we grant you a limited, non-exclusive, non-transferable, revocable right to use the Service for your internal business purposes and authorised workflows.
You may give us feedback or suggestions. We may use feedback without restriction or obligation to you.
Our Privacy Policy explains how we collect, use and share personal information. By using the Service, you acknowledge that personal information will be processed as described in the Privacy Policy.
We may suspend or terminate access to the Service if we reasonably believe:
You may stop using the Service at any time. Termination does not affect rights or obligations that accrued before termination. Sections that by nature should survive will survive, including confidentiality, user content licences needed for retained data, payment obligations, disclaimers, liability limits, indemnities and dispute terms.
The Service is provided “as is” and “as available”. To the maximum extent permitted by law, we disclaim all warranties, express or implied, including warranties of merchantability, fitness for a particular purpose, non-infringement, availability, accuracy and reliability.
We do not warrant that the Service will be uninterrupted, secure, error-free or that content or outputs will be accurate, complete or fit for any particular procurement, staffing, bid, legal, security or operational purpose.
Nothing in these Terms excludes or limits liability that cannot be excluded or limited by law.
To the maximum extent permitted by law, we and our suppliers will not be liable for any indirect, incidental, special, consequential, exemplary or punitive damages, or for loss of profits, revenue, data, goodwill, business opportunity or anticipated savings.
To the maximum extent permitted by law, our aggregate liability for all claims arising out of or relating to the Service or these Terms will not exceed the greater of:
This limitation applies whether the claim is based in contract, tort, negligence, strict liability, statutory duty or any other legal theory.
You will defend, indemnify and hold harmless us, our group companies, officers, directors, employees and suppliers from and against claims, losses, damages, liabilities, costs and expenses arising from:
This indemnity does not apply to the extent a claim is caused by our fraud, wilful misconduct or liability that cannot be excluded by law.
We may update these Terms from time to time. We will post the updated version and revise the “Last updated” date. Continued use of the Service after changes take effect may constitute acceptance where permitted by law.
These Terms are governed by the laws of England and Wales, excluding conflict-of-law rules. Subject to mandatory protections that cannot be waived, the courts of England and Wales will have exclusive jurisdiction.
Questions about these Terms can be sent to legal@sme-procure.com.
This Cookie Policy explains how SME PROCURE LTD (“we”, “us”, “our”) uses cookies and similar technologies when you visit or use SME Procure websites and applications. It should be read with our Privacy Policy and Subprocessors page.
Cookies are small text files stored on your device. Similar technologies include local storage, session storage, pixels, tags, scripts and other tools that store information on or access information from your device.
As of the last updated date, SME Procure does not use non-essential HTTP cookies for third-party analytics, advertising or social media tracking pixels.
We use strictly necessary and functional technologies to operate the Service, including authentication, security, form abuse prevention, session management, user preferences and first-visit notice dismissal.
If we introduce non-essential analytics, advertising or marketing cookies, we will update this policy and seek consent where UK or EEA law requires.
Strictly necessary technologies — we use these to run the Service, including:
Blocking strictly necessary technologies may prevent the Service from working.
Functional technologies — we may use local storage or similar technologies to remember product preferences, interface settings or form state where those features are provided.
Maps and location — when you use features that load Google Maps or Places, Google may set cookies or use similar technologies under its own policies, including for address autocomplete, place details, geocoding and map display.
Analytics and performance — we do not currently use third-party analytics or performance cookies such as Google Analytics, Plausible, PostHog or similar tools. If we add them, we will update this policy and obtain consent where required.
Marketing and advertising — we do not currently use marketing, advertising or retargeting cookies on the Service. If that changes, we will update this policy and seek consent where required.
We use Clerk for sign-in and account management. Clerk may set cookies or use browser storage to maintain sessions and protect accounts. Clerk’s privacy information is available at clerk.com/legal/privacy.
We use Cloudflare Turnstile on selected forms to help prevent spam, abuse and automated submissions. Turnstile may use cookies or similar technologies to verify that a form submission is legitimate. Cloudflare’s privacy information is available at cloudflare.com/privacypolicy.
You can control cookies through your browser settings, including blocking or deleting cookies. If you block strictly necessary cookies or similar technologies, parts of the Service may not work.
Where we ask for consent to non-essential cookies or similar technologies, you can withdraw or change your consent through the mechanism provided or by contacting us.
We may update this Cookie Policy from time to time. We will post the updated version and revise the “Last updated” date.
Questions about this Cookie Policy can be sent to privacy@sme-procure.com.
A subprocessor is a third party that processes personal information on our behalf to help us provide the Service. Examples include providers for hosting, authentication, email delivery, AI processing, maps, security and data storage.
We list the main third-party processors we engage directly. Our subprocessors may use their own subprocessors, subject to their contracts, privacy terms and subprocessor lists. We review subprocessors when our stack changes and update this page for material changes.
The following subprocessors are used in the operation of SME Procure by SME PROCURE LTD.
Some components may be operated by SME Procure or by a group company such as RC Fornax PLC rather than by a separate third-party subprocessor. Where an internal or group-operated document extraction or processing service is used, it is covered by our Privacy Policy and group-company sharing terms. If a third party is appointed to operate that service on our behalf, we will add that provider to this list.
Client-side libraries, UI components and local application dependencies are not listed as subprocessors unless they send personal information to a third-party server on our behalf.
We may update this page when we add or remove subprocessors material to the Service. Material changes may also be reflected in our Privacy Policy.
Questions about subprocessors can be sent to privacy@sme-procure.com.