1. Who we are
GreenTrack AI is a carbon footprint management platform for UK SMEs. References to "we", "us", or "GreenTrack AI" refer to the operator of this service.
2. Data we collect
- Account data: your name, email address, and company name when you register.
- Utility bill data: usage figures, costs, and emission calculations you upload.
- PDF files: utility bills stored securely in Supabase Storage (eu-west-2, London).
- Payment data: handled entirely by Stripe — we never see your card details.
- Usage analytics: anonymous page views (only with your consent).
3. Legal basis (UK GDPR)
We process your data under contract (to deliver the service you signed up for) and legitimate interests (to improve the product). Where we use analytics cookies we rely on your consent.
4. Data storage & security
All data is stored in the United Kingdom (AWS eu-west-2, London) in compliance with UK GDPR Article 44. Data is encrypted at rest and in transit (TLS 1.2+). Row-level security restricts access so each organisation can only see its own data.
5. Data retention
We retain your data for as long as your account is active. When you delete your account, personal identifiers are anonymised within 30 days. Aggregated emissions data may be retained for benchmarking.
6. Your rights
- Access — request a copy of your data.
- Rectification — correct inaccurate data.
- Erasure — delete your account from Billing settings.
- Portability — export your bills as CSV from Bill History.
- Object — opt out of analytics cookies at any time.
7. Third-party services
- Supabase — database and file storage (London region).
- Stripe — payment processing (PCI DSS Level 1).
- Mindee — OCR processing of uploaded PDFs.
- Resend — transactional email delivery.
8. Contact
For any privacy questions or to exercise your rights, email privacy@greentrack.ai.