Skip to main content

Privacy Policy

How we collect, use, and protect your data

Information We Collect

We collect information necessary to provide our carbon footprint calculation services.

Account Information

When you create an account, we collect your name, email address, and company affiliation. Your account credentials are securely hashed and never stored in plain text.

Business Data

To calculate carbon footprints, we collect company information (name, VAT number, registration number), product specifications, supply chain data, and emissions calculations. This data is essential for generating accurate Carbon Footprint Reports.

Usage Data

We automatically collect standard log data including IP addresses, browser type, and pages visited to improve our service and ensure security. We also track feature usage patterns to enhance user experience.

How We Use Your Information

Your information enables us to provide comprehensive carbon footprint services.

We use your data to calculate product carbon footprints, generate Carbon Footprint Reports, and facilitate secure data sharing between supply chain partners. This information helps us improve our services, develop new features, and communicate important updates. We also use it to ensure platform security, prevent fraud, and comply with legal obligations.

Data Sharing and Disclosure

We do not sell your personal or business data. We share information only in these specific circumstances.

With Your Consent

When you explicitly approve data sharing with supply chain partners or other authorized users within your organization.

Service Providers

We work with trusted third parties who assist in operating our service, all bound by strict confidentiality agreements.

Legal Requirements

We may disclose information when required by law or to protect rights and safety.

Data Security

We implement industry-standard security measures to protect your data.

All data is encrypted in transit using HTTPS and at rest using modern encryption standards. We maintain secure authentication with session management, conduct regular security audits, and provide comprehensive employee training. Our infrastructure is hosted on secure, EU-based cloud servers with robust access controls.

Your Rights Under GDPR

You have comprehensive rights regarding your personal data.

Access & Portability

Request a copy of your data in a portable format

Rectification & Erasure

Correct inaccurate data or request complete deletion

Restriction

Limit how we process your data

Objection

Object to certain types of processing

To exercise these rights, contact us at privacy@carboninsight.win.tue.nl

Data Retention

We retain your data only as long as necessary.

Account data is kept until you delete your account. Product and emissions data is retained for 5 years after last modification to support historical reporting. Usage logs are kept for 12 months for security and performance analysis. Any data required for legal compliance is retained as mandated by law.

Cookies and Tracking

We use only essential cookies necessary for the service to function properly. These include authentication tokens for secure login, user preferences for theme and language settings, and security tokens for CSRF protection. We do not use tracking cookies or third-party analytics services.

Contact Information

Data Controller

Brainport Industries / TU Eindhoven

Address

Eindhoven, North Brabant, Netherlands

Last Updated: Loading...

Updates to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last Updated" date. Significant changes will be communicated via email to all registered users.