Data security is central to how Green Project operates. Your information is encrypted both in transit and at rest, and all systems use industry-standard security protocols. Green Project complies with GDPR, CCPA, and other applicable data protection regulations. Only authorised personnel with a legitimate business need can access your data, and regular security audits and penetration testing keep systems secure.
What Data Is Collected and How It's Used
Green Project collects emissions data, company profile information, and sustainability metrics from your submissions. This data is used to calculate your carbon footprint, provide benchmarking insights, and support your decarbonisation journey. Your sustainability profile is also shared with your Green Project buyers so they can account for their supply chain emissions.
Your data remains your property. Green Project never sells your information to third parties.
Your revenue is never shared, and the primary data you provide to calculate your footprint, such as your spend and activity data, stays private; customers see the calculated emissions results (your Scope 1, 2 and 3 emissions and your emissions intensity), not your raw inputs. Commercially sensitive details, including your spend breakdown and internal cost data, are never shared with customers, and benchmarking data about other companies is always anonymised.
Your Control Over Data Sharing
By default, your corporate sustainability profile is visible to your Green Project buyers. You decide how this works: you can keep your profile public, or switch it to request-only so that customers must ask for access and you approve them individually.
You choose what's included in your profile, you can update or modify your data at any time, and you can contact the support team if you have specific concerns about how your data is being used. For the full detail on what customers can and cannot see, see What Data Does Green Project Share with Customers?
