Privacy Policy

We take your privacy seriously.

In order to provide you (as a registered user) and your employer (the “Account Holder”) with personalized data a collection solution (“DigiESG”, composed of its web service and “GDL Collect Mobile App”), Green Data Lab Ltd needs you to provide us with certain Personal Information (defined below) about yourself. We take the privacy of this Personal Information very seriously. We provide this policy (“Privacy Policy”) so that you can understand how we collect Personal Information from you, what Personal Information we collect, and how we use the Personal Information you provide.

Last Modified: May 29, 2023; This Privacy Policy is effective as of the date last modified.

From time to time, we may change this Privacy Policy to accommodate new technologies, industry practices, regulatory requirements, or for other purposes. If we make material changes to this policy, we will notify you here or by means of a notice on our homepage so that you are aware of any changes with relation to what information we collect, how we use it, and under what circumstances, if any, we disclose it.

This Privacy Policy applies to information provided to us about or relating to you, and from which, either alone or when connected with other information to which we may have access, you can be individually identified (“Personal Information”). That Personal Information is described in more detail below.

Green Data Lab Privacy Principles

Green Data Lab follows these principles in order to protect your privacy:

  • We do not collect any more Personal Information about you than is necessary;

  • Unless you agree otherwise, we only use your Personal Information for the purposes we specify in this Privacy Policy;

  • We do not keep your Personal Information if it is no longer needed; and

  • Other than as we specify in this Privacy Policy, we do not share your Personal Information with third parties.

This Privacy Policy addresses the following questions:

  1. What type of data do we control?

  2. How do we use your data?

  3. How do we protect your data?

  4. How could we be contacted about your data?

1. What type of data do we control?

This Privacy Policy distinguishes between data that is controlled by Green Data Lab and data that is processed by Green Data Lab.

Green Data Lab “DigiESG” solution is:

  • A data controller of very limited data about account holders and their registered users (i.e. we determine the purposes, conditions and means of the processing of personal data). Green Data Lab only collects information from registered users. This information is composed of e-mail and basic information as part of the registration process and stores users’ preference in their profile (e.g. language).

  • A data processor of data collected by account holders (i.e. processes data on behalf of a data controller). Green Data Lab stores the information related to the forms sent and data collected by the account holder (i.e. submissions) and their registered users. This includes data submitted by participants completing forms designed by registered users and can include personal information.

2. How do we use your data?

Green Data Lab takes very seriously the privacy, confidentiality and security of personal information and any data collected or stored using GDL Collect.

  • Data that we control:
    Data under our control which may include site visitors data (website analytics) and registration data (username, password and profile) is used in aggregated ways to monitor usage and growth of Green Data Lab. Personal information from registered users is used to provide services to registered users and communicate with registered users about our services. Registered users can view, edit, and delete their personal information stored in their profile, unregister from communication emails, or delete their account. Personal information is never shared or sold to third parties.

  • Data that we process:
    Green Data Lab processes data on behalf of registered users as agreed in the end-user licence agreement and the service contract with the Account Holder. The Account Holder fully own the data of their registered users and their application data. Green Data Lab does not use, share, or sell that information. Metadata about projects may be used in aggregated ways to analyse usage with the permission of the Account Holder. This metadata does not include personal information.

The Account Holder is the data controller of the data they and their registered users collect using Green Data Lab’s DigiESG solution and are responsible for the safe management of personal information, including compliance with the General Data Protection Regulation (GDPR). Green Data Lab allows users to share application data publicly or with selected users. Information shared publicly is visible to anyone and can be indexed by search engines. Green Data Lab is not responsible for how registered users handle forms participants’ personal information. We may assist individual respondents in contacting the Account Holder with regards to GDPR requests.

3. How do we protect your data?

Green Data Lab is committed to protecting the data you entrust to us. We employ industry standard best practices (both technical and administrative) to protect against unauthorized access of your data. We cannot guarantee, however, its absolute security. To protect from loss of data, we do frequent system and incremental backups which are stored encrypted in various locations. To further protect your data, we encourage you to never to share your login information and to change your passwords regularly. If you have any questions regarding our security and backup procedures, please contact us.

4. How could we be contacted about your data?

If you are uncertain about our data privacy policy or have requests with regards to general compliance, including GDPR rights, please contact us. We respond to requests within 30 days.