Privacy Policy
This privacy policy explains how Greenprint Technologies Pte. Ltd. (“Gprnt” or “we”) processes your personal data when you use our website and/or web application (“Website”, “Platform” or “Service(s)”). In general, Gprnt:
- Clearly specifies the purposes before we process personal data, by using this privacy policy or other appropriate forms of notification;
- Limits the collection of personal data to only the personal data needed for the relevant purposes;
- Obtains your consent to process your personal data in cases where your consent is required;
- Takes appropriate security measures to protect your personal data and demands the same from parties who process personal data on our behalf;
- Respects your rights over your personal data.
By using our Service(s), submitting information to us or interacting with us, you agree that we may process your personal data in the manner described in this privacy policy. If you provide us with any personal data about a third party (e.g. information about an employee), by providing such personal data to us, you represent to us that you have obtained the consent of the third party to provide their personal data to us and for their personal data to be processed in the manner set out in this privacy policy.
1. Purposes and bases for processing personal data
Gprnt generally processes your personal data to provide, improve, and administer our Service(s) (including to maintain and manage user accounts and to authenticate users by verifying it against information from third-party sources such as government databases), communicate with you, for security and fraud prevention, and to comply with law. The table below sets out our processing purposes in more detail. We may also process your personal data for other purposes with your consent or as otherwise permitted under applicable law.
If the General Data Protection Regulation (“GDPR”) applies to you, Gprnt will rely on the following legal bases to process your personal data, as more fully detailed below:
- Consent
- Execution of an agreement with you
- Legitimate interest of the Gprnt or a third party. The legitimate interests of Gprnt include for example: research in relation to our Service(s), IT management and security and maintaining customer relationships with users.
Processing purposes and grounds for processing under the GDPR
- To facilitate user account creation and authentication and otherwise manage user accounts: Based on grounds of (1) Execution of an agreement with the user and/or (2) Legitimate interest of Gprnt or a third party
- To deliver and facilitate delivery of Service(s) to users, including offering customer service or technical support and processing requests relating to the Service(s): Based on grounds of (1) Execution of an agreement with the user and/or (2) Legitimate interest of Gprnt or a third party
- Improvement of the Service(s) offered, including by analysing their use: Based on grounds of (1) Execution of an agreement with the user and/or (2) Legitimate interest of Gprnt or a third party
- To enable user-to-user communications: Based on grounds of (1) Legitimate interest of Gprnt or a third party
- Entering and maintaining a customer relationship with the users, for example to send informative messages about products or Service(s) or to respond to questions and requests from the users: Based on grounds of (1) Execution of an agreement with the user and/or (2) Legitimate interest of Gprnt or a third party
- Providing targeted advertisements based on the interests of users, using cookies and similar technologies to collect relevant information about users: Based on grounds of (1) Consent
- Sharing of users personal and disclosure performance data with selected partners: Based on grounds of (1) Consent (2) Legitimate interest of Gprnt or a third party
2. What personal data do we process?
Personal data concerns information about an identified or identifiable natural person. Gprnt may process the following personal data of users such as:
- Employer’s and/or employee’s name(s)
- Work contact information
- (Business) email address
- Business address
- Data relating to user’s device, such as an IP address
- Browsing history
3. How do we store and secure your personal data?
Gprnt takes appropriate technical and organisational security measures to limit misuse of, and unauthorised access to your personal data. For example:
Secure & Restricted Access
Application access to databases is restricted. Gprnt does not allow direct access to production database by any team member, except to resolve a critical incident.
Encrypted At Rest
All data storage services within the Service(s) are, by default, encrypted at rest by Microsoft-managed keys.
4. How long do we keep your personal data?
Gprnt retains your personal data for as long as it is necessary for the purposes set out in this privacy policy, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).
5. Disclosure of personal data
We may disclose your personal data to:
- Our affiliated entities, including subsidiaries and other group companies;
- Our professional advisers, consultants and auditors;
- Our service providers, agents, contractors, suppliers, third parties or sub-contractors appointed to provide services in connection with our Services;
- Relevant government or regulatory authorities, as required by applicable laws.
Gprnt only shares your personal data with third parties in accordance with applicable laws. We may disclose your personal data to third parties, because:
- We have engaged them to process certain personal data;
- It is necessary to carry out the agreement with you, such as where your personal data has been requested by data consumers like utilities, certifications and other companies that are required for ESG data reporting;
- You have given consent;
- We have a legitimate interest todo so;
- We are legally obliged to do so.
Gprnt will ensure that appropriate and required agreements are in place with these third parties where required by applicable laws.
6. Marketing
Gprnt would like to send you information about products and Service(s) that we think may be interesting to you. We will only send you marketing communications if you provide your consent. You can always withdraw your consent by opting out of receiving such marketing communications at any time.
If you no longer wish to be contacted for marketing purposes, please email us at: data@gprnt.ai.
7. Your rights
Depending on applicable local laws, you may have certain rights in relation to your personal data under applicable law, such as the right to request access and correction of your personal data.
In certain jurisdictions, you may have the following rights:
- The right to access - You have the right to request Gprnt for copies of your personal data. We may charge you a small fee for this service where permitted by applicable laws.
- The right to rectification - You have the right to request that Gprnt corrects any information you believe is inaccurate. You also have the right to request Gprnt to complete information you believe is incomplete.
- The right to be forgotten - You have the right to request that Gprnt erases your personal data, under certain conditions.
- The right to restrict processing - You have the right to request that Gprnt restricts the processing of your personal data, under certain conditions.
- The right to object - You have the right to object to Gprnt’s processing of your personal data, under certain conditions.
- The right to data portability - You have the right to request that Gprnt transfers the data that we have processed to another organization, or directly to you, under certain conditions.
If you would like to exercise any of your rights, please contact us at our email: data@gprnt.ai.
8. Privacy policy of other websites
This privacy policy covers processing of personal data undertaken by Gprnt. The Gprnt Website may include links to external sites operated by third parties. If you navigate to another site via links on our website, any processing of your personal data by the third-party website operator does not fall under this privacy policy, and you should review that website’s privacy policy.
9. Changes to this privacy policy
Gprnt has the right to change this privacy policy from time to time. Changes will be published on our Website. Subject to applicable laws, you agree to be bound by the prevailing version of this privacy policy as updated from time to time. You should check this privacy policy on a regular basis for updates.This privacy policy was last updated on 21 August 2024.
10. File a complaint
If you wish to file a complaint about our use of your personal data, you can contact us via the contact details below. We will handle every question and request internally and communicate about it with you.However, if you do not agree with us, you may have the right to file a complaint with a competent supervisory authority responsible for the protection of personal data.
11. How to contact us
If you have any questions about this privacy policy, the personal data we hold about you, or you would like to exercise one of your data protection rights, please do not hesitate to contact our data protection officer via email: data@gprnt.ai.