One Platform. Endless Opportunities.
Legal
This page explains how Strategic Sourcing Consult Limited protects platform access, procurement records, supplier documents, tender submissions, contracts, payments, and user accounts.
Security Scope
Our security approach supports confidentiality, integrity, audit visibility, and accountable platform use across procurement operations.
Strategic Sourcing Consult Limited takes platform security seriously. Our website and procurement platform are designed to support secure access, protected document handling, controlled workflows, audit visibility, and responsible data management.
This Security page explains the safeguards, practices, and user responsibilities that help protect supplier, organization, financier, tender, bid, contract, payment, subscription, and account information.
We are committed to maintaining a secure procurement environment by focusing on:
Security is built into how users access the platform, manage documents, submit bids, publish tenders, approve workflows, and review procurement activity.
User accounts are protected through authentication and access controls. Users are responsible for:
We may restrict, suspend, or review accounts where suspicious activity, misuse, failed verification, or unauthorized access is detected.
The platform supports role-based access so users only access the features and records relevant to their role.
Access may be limited by account type, assigned role, permission level, department or team assignment, subscription plan, tender ownership, bid participation, review or approval responsibility, verification status, and administrative controls.
Roles may include suppliers, organizations, financiers, administrators, team members, reviewers, evaluators, approvers, read-only users, and approval-only users.
Users must not attempt to access pages, files, workflows, records, or accounts they are not authorized to use.
Supplier accounts may contain sensitive information such as company profiles, director details, compliance documents, bids, payment requests, invoices, contracts, and finance documents.
We protect supplier activity through supplier dashboard access controls, document review workflows, file upload restrictions, bid submission timestamps, bid edit and withdrawal rules, bid version history, access controls for supplier documents, notifications for important procurement actions, and audit records for key supplier activities.
Suppliers should keep documents updated and ensure only authorized team members access their account.
Organization accounts may manage tenders, tender drafts, bid evaluations, awards, contracts, payment approvals, procurement teams, and reporting.
We protect organization workflows through organization dashboard access controls, team and permission management, tender draft and review workflows, tender publishing controls, bid access restrictions, evaluation and approval records, award and contract workflow tracking, payment approval controls, and audit logs for sensitive actions.
Organizations are responsible for assigning permissions carefully and reviewing user access regularly.
Tendering and bidding workflows require confidentiality, integrity, and traceability. Security controls may include:
Bid prices, technical proposals, financial proposals, evaluations, and award recommendations should be treated as confidential unless officially published.
Uploaded documents may include company records, compliance files, tender attachments, bid submissions, contracts, invoices, receipts, and finance documents. To help protect uploaded documents, the platform may apply:
Users must not upload harmful, forged, misleading, unauthorized, or infected files.
Payment, billing, and finance workflows may involve invoices, receipts, transaction references, disbursements, repayments, and subscription records.
Security measures may include restricted access to billing records, payment status tracking, invoice and receipt records, transaction reference storage, finance request workflow controls, repayment reminders and records, disbursement approval, reversal, or correction tracking, and audit trails for payment-related activity.
Payment processing may involve third-party payment providers, banks, or financial service providers. Their own security practices and terms may also apply.
The platform may record activity to support transparency, accountability, and security. Audit and activity records may include:
These records help investigate disputes, detect misuse, support compliance, and maintain procurement integrity.
We aim to improve platform security through server-side validation, authorization checks, protected routes, role and permission middleware, secure file access patterns, error handling improvements, regular review of sensitive workflows, backup and recovery planning, dependency and configuration review, and environment-specific security settings.
Where updates are required, we may perform maintenance or temporarily restrict features to protect users and the platform.
Security works together with privacy and data protection.
Our security practices support confidentiality of sensitive procurement data, integrity of documents and workflow records, availability of platform services where possible, controlled access to personal and business data, responsible handling of uploaded files, and protection of tender, bid, contract, payment, and finance records.
Please also review our Privacy Policy and Data Protection Policy for more information.
Users play an important role in keeping the platform secure. You should:
Users must not:
Violation of security rules may result in account restriction, suspension, termination, legal action, or reporting to relevant authorities.
If a security incident is suspected or confirmed, we may take steps to investigate the issue, restrict affected accounts or features, remove or quarantine harmful files, reset credentials where necessary, review logs and audit trails, notify affected users where appropriate, notify authorities where legally required, and strengthen controls to reduce future risk.
Users should report suspected unauthorized access, suspicious activity, data exposure, or harmful files as soon as possible.
We may maintain backups and recovery procedures to support business continuity, platform resilience, and data protection.
Backup and recovery practices may be used to help restore services after technical failures, accidental loss, cyber incidents, or other disruptions.
Backup availability does not guarantee recovery of every individual user action or record in all circumstances.
The platform may use third-party services such as hosting, email, storage, payment processing, analytics, maps, communication tools, or security services.
We aim to work with providers that apply appropriate security practices, but third-party services may have their own terms, policies, and security responsibilities.
Users should also follow the security requirements of any third-party services they use in connection with the platform.
If you believe your account has been compromised, you discover a security issue, or you receive suspicious communication claiming to be from Strategic Sourcing Consult Limited, contact us immediately. Please include:
We may update this Security page from time to time to reflect changes in platform features, security practices, technology, risks, or legal requirements.
Updated versions may be posted on the website or communicated through the platform where appropriate.
For security concerns or questions, contact Strategic Sourcing Consult Limited at Plot 2702, Block 244, Nyangweso Road, Muyenga, Kampala, Uganda.
Email: [email protected]
Phone: +256 759 000 847 or +256 752 432 111
Security concern?
Share enough detail for the team to review the issue, protect affected records, and guide the next steps.
