Close

Our Data Security Policy

Your security is our priority

At Greenly, we understand the importance of protecting our customers' data. That's why we have implemented rigorous security measures to ensure the privacy and safety of your sensitive information. We adhere to the most stringent security standards to ensure that our practices meet the highest data protection requirements.

F808d875 5e17 455f 9908 962562d4b6aa lock

Trusted by 3000+ companies committed to fighting climate change

Ee70aff3 8d57 4b63 814e 794d017e9ce0 Tier
7c56e350 f0b6 44e4 936c 7f67e5fd7f81 Qonto
329adda3 5fca 4c45 8c0e 41ccd91c9111 TheFork
8c3e03e4 829c 4292 8ece afa4e10cec69 BNP+PARIBAS+Logo
E5a10085 3371 447c b07d 35ea8f2f00e9 gorgias
8a221284 4cdf 4768 9454 f7784464260f Pernod Ricard
592100c8 b8de 4ee5 ba21 472fc414f330 ecovadis
985b64ea 63a6 4275 a8fa f01c03490265 AXA
9de27093 5a86 49b5 9dbd 5fd275e04b49 siapartners
A262424d 3f91 4d1d b358 ca6ffa723cd4 Payfit
3f85a4a4 abc6 4f9e 8848 1d5bf8319696 alterway
Cea5e45f b027 4066 8175 ca4bb0ee8594 Tripadvisor
0cd7fbd3 e0a3 406c ac7d 32d45ceea416 Symbole

We believe it is our duty to keep your data secure

We apply the strictest standards in the market. Working with Greenly means working with a vetted, secure solution and partner who understands that you expect your data to be well-guarded — from double authentication to SoD, to data encryption at every step of the data process”

See the official report

We’re here to help

  • What actions has Greenly taken for data security? What is the Security Policy of the company?

    Personal data is processed exclusively by Offspend, hosted by Amazon Web Service within the EU. We implement technical and organisational security measures to ensure the confidentiality, integrity and availability of your personal data. In addition, we are regularly audited by security specialists.

    To improve the security of our customers' data, Greenly has established a processing register listing all of our subcontractors. You can access our security policy by clicking on this link.

    Furthermore, Greenly is certified SOC2 & ISO27001. The trust of many customers such as BNP Paribas, Arkea, RCI, etc. attests to our security policy as these customers have audited our security systems. We have also been audited by the CNIL, who concluded that all our practices were compliant - something that is rarely noted. We're also happy to sign a confidentiality agreement (NDA) at your convenience

  • What data do you collect about employees?

    The main function of the SAAS is to allow the realisation of the carbon footprint and the GHG report.

    This is done by conducting a questionnaire on employee habits.


    - Identification data: e-mail address, residence
    - Transportation data: transportation means the method of work related travel and distance

    To the extent such information directly or indirect allows one to identify a natural person (e.g., Customer employees):


    - Meal habits: number of vegan and meat meals per week
    - Work location habits: Remote, co-working, or working sites

  • What enterprise data do you collect?

    The main function of the SAAS is to allow the realisation of the carbon footprint and the GHG report.

    This is done by carrying out various analyses.

    Data collection is made up of several main components :

    - The collection of the accounting entries file or accounting data for the extraction of expenses.
    - The collection of information via specific modules for physical analysis.
    - The collection of data from the company's employees for the calculation of commuting emissions.

    Greenly manually or automatically collects information on the client's company activity in order to produce a relevant carbon footprint measurement.


    Company data collected :


    - Expense data collected via accounting transactions
    - General company information (number of employees, revenue, region of activity, sector)
    - Data related to the company's buildings
    - Data related to the company's energy consumption
    - Data related to the consumption of equipment used indirectly by the company (data centers, networks etc.)
    - Any other data that allows us to characterise or refine the understanding of an internal process of the company (construction, manufacturing, marketing, distribution)
    - The quantity and quality of materials used in the construction of the company's products
    - The characteristics of the equipment used for the company's activity Information to characterise the company's internal logistic chains (in order to calculate the intermediate impacts)
    - Any other relevant information in pursuit of the objective of refining the accuracy of the carbon footprint calculation Action plans implemented in the company as part of the carbon footprint reduction project
    - The transportation data of the company's employees, as well as the meals habits of the employees.

  • Does Greenly have access to the data I store?

    Employees do not have access to the content of your spaces unless you give us specific permission, we are only required to access them as part of an active abuse or fraud investigation or where access is necessary to comply with a valid legal process.

  • What kind of events are logged/audited?

    - Log In / Log Off
    - Failed login attemps
    - Session Creation / Session Termination
    - Password Change
    - All Administrative actions and configuration changes performed
    - User Create / Read / Update / Delete actions, Document or Object Create / Read / Update
    - Delete actions
    - Metadata Create / Read / Update / Delete actions
    - Identifying users and the actions they performed
    - Integration logs: API call successes and failures
    - Infrastructure logs Hypervisor / OS
    - Database Log+Transaction Logs
    - Source IP address of the actor

530679ef 3bdc 40ba 86be 6f59c3211687 IMG+%282%29