Privacy Policy

This Privacy Policy explains how GreenSight collects, uses, stores, discloses, and protects personal data and organization data when you access greensight.ph and related services.

GreenSight is built for organization registration, sustainability data intake, emissions reporting, dashboard analytics, AI-generated insights, billing administration, and platform governance. By registering or using GreenSight, you acknowledge the processing described in this Privacy Policy.

• Registration and account data, such as organization name, user name, email address, role, password hash, verification status, and consent timestamps.
• Workspace data, such as departments, emissions records, uploaded or manually entered sustainability metrics, alerts, and AI insight outputs.
• Subscription and commercial data, such as plan, billing cycle, payment references, quota usage, and related account status.
• Security and technical data, such as login attempts, audit events, IP-based anti-abuse checks, session activity, and email token workflows.
• Optional marketing preferences, such as whether a registrant separately opted in to receive promotional or product update emails.

• To create and administer organization workspaces and user accounts.
• To authenticate users, verify email addresses, prevent abuse, and enforce role-based permissions and quotas.
• To store, analyze, visualize, and report sustainability and emissions information.
• To generate AI-powered summaries, forecasts, anomaly analysis, recommendations, and related insight outputs where AI features are enabled.
• To manage subscriptions, retention rules, payment records, support issues, compliance requests, and internal security reviews.
• To send transactional notices such as verification, activation, password reset, service, and billing-related messages.
• To send product news or promotional emails only where the relevant user has separately opted in, or where otherwise permitted by applicable law.

• GreenSight processes data where necessary to provide the requested service, fulfill account and subscription obligations, maintain security, and comply with law.
• Where consent is used, GreenSight seeks consent through clear, specific, and separate actions, including a distinct optional checkbox for promotional emails.
• Operational, security, and billing processing may continue where necessary even if optional marketing consent is not given.

• Cloud or infrastructure providers may host GreenSight systems and backups.
• Email delivery providers may process verification, activation, reset, and service communications.
• AI processing providers may receive selected workspace data needed to generate authorized AI insight outputs.
• Security providers may process anti-bot, anti-abuse, logging, or fraud-prevention requests.
• Payment or billing providers may process subscription-related transactions where paid billing workflows are enabled.
• GreenSight may also disclose data where required by law, court order, lawful government request, or to protect rights, safety, and platform integrity.

• Account, billing, security, and audit records may be retained as needed for support, fraud prevention, legal compliance, dispute handling, and platform governance.
• Emissions and AI insight history may be retained according to the organization’s subscription plan, approved overrides, backup schedules, and retention enforcement rules.
• Marketing opt-in data may be retained to evidence consent status or opt-out status where required for compliance.

• Access to personal data held by GreenSight.
• Correction of inaccurate or incomplete personal data.
• Objection, restriction, withdrawal of optional consent, or deletion/blocking where legally applicable.
• Portability or a copy of relevant personal data where applicable.
• Lodging a complaint with the National Privacy Commission of the Philippines.

For privacy requests, contact [email protected]. GreenSight may verify identity and authority before acting on a request.

• Role-based access, session management, CSRF protection, secure headers, verification tokens, and rate limiting are used to protect accounts and forms.
• GreenSight may use anti-bot tools, audit logs, password hashing, and email verification to reduce abuse and unauthorized access.
• No system is perfectly secure, but GreenSight works to detect, contain, and respond to security issues promptly.

Where cross-border processing occurs, GreenSight seeks to use providers and safeguards appropriate to the service, the sensitivity of the data, and applicable privacy obligations.

Material updates may be posted on the website, in-product, or through account communications. Continued use after an update takes effect means the updated policy will apply to future use of the service.