Your security is our priority

Personal data is processed exclusively by Offspend, hosted by Amazon Web Service within the EU. We implement technical and organisational security measures to ensure the confidentiality, integrity and availability of your personal data. In addition, we are regularly audited by security specialists.

To improve the security of our customers' data, Greenly has established a processing register listing all of our subcontractors. You can access our security policy by clicking on this link.

Furthermore, Greenly is in the process of obtaining both SOC2 & ISO27001 certifications. The trust of many customers such as BNP Paribas, Arkea, RCI, etc. attests to our security policy as these customers have audited our security systems. We have also been audited by the CNIL, who concluded that all our practices were compliant - something that is rarely noted. We're also happy to sign a confidentiality agreement (NDA) at your convenience

The main function of the SAAS is to allow the realisation of the carbon footprint and the GHG report.

This is done by conducting a questionnaire on employee habits.


- Identification data: e-mail address, residence
- Transportation data: transportation means the method of work related travel and distance

To the extent such information directly or indirect allows one to identify a natural person (e.g., Customer employees):


- Meal habits: number of vegan and meat meals per week
- Work location habits: Remote, co-working, or working sites

The main function of the SAAS is to allow the realisation of the carbon footprint and the GHG report.

This is done by carrying out various analyses.

Data collection is made up of several main components :

- The collection of the accounting entries file or accounting data for the extraction of expenses.
- The collection of information via specific modules for physical analysis.
- The collection of data from the company's employees for the calculation of commuting emissions.

Greenly manually or automatically collects information on the client's company activity in order to produce a relevant carbon footprint measurement.


Company data collected :


- Expense data collected via accounting transactions
- General company information (number of employees, revenue, region of activity, sector)
- Data related to the company's buildings
- Data related to the company's energy consumption
- Data related to the consumption of equipment used indirectly by the company (data centers, networks etc.)
- Any other data that allows us to characterise or refine the understanding of an internal process of the company (construction, manufacturing, marketing, distribution)
- The quantity and quality of materials used in the construction of the company's products
- The characteristics of the equipment used for the company's activity Information to characterise the company's internal logistic chains (in order to calculate the intermediate impacts)
- Any other relevant information in pursuit of the objective of refining the accuracy of the carbon footprint calculation Action plans implemented in the company as part of the carbon footprint reduction project
- The transportation data of the company's employees, as well as the meals habits of the employees.

Employees do not have access to the content of your spaces unless you give us specific permission, we are only required to access them as part of an active abuse or fraud investigation or where access is necessary to comply with a valid legal process.

- Log In / Log Off
- Failed login attemps
- Session Creation / Session Termination
- Password Change
- All Administrative actions and configuration changes performed
- User Create / Read / Update / Delete actions, Document or Object Create / Read / Update
- Delete actions
- Metadata Create / Read / Update / Delete actions
- Identifying users and the actions they performed
- Integration logs: API call successes and failures
- Infrastructure logs Hypervisor / OS
- Database Log+Transaction Logs
- Source IP address of the actor