Privacy Policy

Carboledger is dedicated to the lawful and ethical management of Personal Information and upholding the highest standards of professionalism and responsibility. We have provided the information below to provide you with insight into Carboledger's practices concerning the collection, utilization, and disclosure of Personal Information and how you can exercise choices and rights over your Personal Information.

When you engage with Carboledger’s websites, apps, other online services, or Products that link to this Privacy Policy (collectively referred to as “Sites”), you are bound by the terms and conditions outlined in this Policy. When we refer to “Carboledger,” “our,” “we,” or “us,” we mean Carboledger Inc, a company incorporated under the laws of the United States of America, having its offices at Delaware and its parent, subsidiary and affiliate companies all of which determine the methods and reasons behind the processing 1 of Personal Information. In some cases, specific products, applications or services might have different or additional privacy terms. Should these terms conflict with the present Privacy Policy, the terms pertinent to the given product, application, or service will take precedence.

Definitions

“Services” means online and offline offerings by Carboledger including but not limited to Product carbon footprint data sharing solutions.

“Personal Information” shall have the meaning as provided in Clause 1.1.

“Sensitive Information” shall have the meaning as provided in Clause 1.4.

“Publicly Available” shall have the meaning as provided in Clause 1.2.

“Consumer” means a natural person or any legal entity.

“Purpose” shall have the meaning as provided in Clause 3.

“Customer(s)” shall mean any consumer who opts for or utilizes the Services of Carboledger, whether paid or unpaid.

1. Processing Personal Information

1.1. “Personal Information” means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal Information includes, but is not limited to, the following if it identifies, relates to, describes, is reasonably capable of being associated with, or could be reasonably linked, directly or indirectly, with a particular consumer or household:

(A) Identifiers such as a real name, alias, postal address, unique personal identifier , online identifier, Internet Protocol address, email address, account name, social security number, driver's license number, passport number, or other similar identifiers.

(B) Any Personal Information described in subdivision (e) of Section 1798.80 of California Privacy Rights Act of 2020.

(D) Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

(E) Biometric information .

(F) Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer's interaction with an internet website, application, or advertisement.

(G) Geolocation data.

(H) Audio, electronic, visual, thermal, olfactory, or similar information.

(I) Professional or employment-related information.

(J) Education information, defined as information that is not publicly available personally identifiable information as defined in the Family educational Rights and Privacy Act (20 U.S.C. section 1232g, 34 C.F.R. Part 99).

(K) Inference s drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

(L) Sensitive Personal Information.

1.2. Personal Information does not include Publicly Available information or lawfully obtained, truthful information that is a matter of public concern. For purposes of this paragraph, “ Publicly Available ” means: information that is lawfully made available from federal, state, or local government records, or information that a business has a reasonable basis to believe is lawfully made available to the general public by the consumer or from widely distributed media, or by the consumer ; or information made available by a person to whom the consumer has disclosed the information if the consumer has not restricted the information to a specific audience. Publicly Available does not mean biometric information collected by a business about a consumer without the consumer's knowledge. Personal Information does not include consumer information that is deidentified or aggregate consumer information.

1.3. The types of Personal Information that we process are determined by how you engage with us and the particular Services that we provide. The types of Personal Information that we process include:

Identifiers, such as name, email address, username, IP address, institution identification number (e.g. student ID) or government-issued identification number;
Contact information, such as email address, postal address, phone number;
Demographic information, such as age or gender;
Commercial information about how individuals engage with us, such as purchase history and subscription information;
Academic or Professional information, work history, education details, expertise, and affiliations
Engagement information, such as comments, feedback, posts, enquiries, and communications;
Images, such as CCTV footage if visiting our office locations;
Website activity information, This section is elaborated further in the "Information Collected Through Automated Technologies"
Preferences, communication choices, language preferences, and marketing-related preferences are part of this category.

1.4. It's important to note that certain types of Personal Information we handle could be classified as sensitive personal information. “ Sensitive Personal Information ” means:

(1) Personal Information that reveals

(A) a consumer's social security, driver's license, state identification card, or passport number;

(B) a consumer's account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account;

(D) a consumer's racial or ethnic origin, religious or philosophical beliefs, or union membership;

(E) the contents of a consumer's mail, email and text messages, unless the business is the intended recipient of the communication;

(F) a consumer's genetic data; and

(2)

(A) the processing of biometric information for the purpose of uniquely identifying a consumer ;

(B) Personal Information collected and analyzed concerning a consumer's health; or

Sensitive Personal Information that is Publicly Available pursuant to paragraph (2) of subdivision (v) of Section 1798.140 shall not be considered Sensitive Personal Information or Personal Information .

1.5. Processing such Sensitive Personal Information is limited to specific and legitimate purposes.

1.6. This Privacy Policy is not applicable to the handling of any Personal Information that we manage on behalf of our Customers when they utilize our Services (referred to as "Customer Data"). Our treatment of Customer Data is governed by the contractual agreements we have established with our Customers, which take precedence over the provisions of this Privacy Policy. Separately, the collection and utilization of Customer Data by our Customers are regulated by their respective privacy policies, rather than this Privacy Policy. We kindly request that you ensure your utilization of the Services adheres to the terms specified in our contracts with our Customers, as well as any guidelines we may provide to them. For any inquiries or requests regarding Customer Data, please direct your communication to our respective Customer. Please note that when our software, Services or Site is deployed by our Customer the Customer shall maintain the sole ownership of any Customer Data so provided or stored by the Customer while utilizing the Services.

2. Where We Collect Personal Information From

2.1. Information provided directly: We collect 2 Personal Information directly from Customers who interact with our Sites or Services, visit our office locations, or communicate with us. All information that we ask for is mandatory unless indicated as being optional. If mandatory information is not furnished, the requested Service cannot be provided.

2.2. Information collected through automated technologies: We collect Personal Information when our Sites are used, either directly or through our third-party 3 analytics providers.

2.2.1. Log Data: Log Data includes your Internet Protocol (IP) address, internet service provider, device identifier details, browser type and settings, browser ID, the date and time of your visit/request, and how you interacted with the Site(s), the time you spent on the Site(s) and if any errors or bugs that may occur during your visit. Our system also records any Personal Information/business information that you type into our Sites, even if you do not choose to submit it.

2.2.2. Cookie Data: Please check our Cookie Policy on how we use cookies.

2.2.3. Location Data: We derive your general geographical location using your IP address.

2.2.4. Usage Data: We collect information about how you use our Services, such as the types of content that you view or engage with,the features you use, the actions you take, and the time, frequency, and duration of your activities.

2.3. We may combine this information with other information that we hold. We use this information to enable Site functionality, understand Site interaction trends, gather demographic insights about our user base, personalize user experiences, and otherwise administer and improve our Sites and Services.

2.4. Do Not Track (“DNT”) is a privacy preference that Customers can set in certain web browsers. Please note that except as otherwise described in this Privacy Policy, we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.

2.5. Information we receive from other sources: Personal Information is also obtained from third-party sources. This includes business partners with whom we collaborate to provide our services; advertising, marketing, digital and social media agencies; data brokers; analytics providers; search information providers; and credit reference agencies. Additionally, we also receive information from publicly accessible sources, such as public databases or social media platforms. Should you opt to register or sign in via a third-party account (such as Facebook or Google), said third party manages your account authentication. Consequently, Carboledger collects your name, email, address, and other shared information as approved during the linking of your Carboledger account with the third-party account.

3. Utilization of Personal Information

How we employ Personal Information is determined by the nature of interactions you have with Carboledger. We utilize Personal Information when it is necessary to perform contractual obligations, where consent has been granted, where legal or regulatory compliance is required, or where we or a third party have a legitimate and lawful business need, in accordance with applicable laws in the USA. This encompasses a range of purposes for which Personal Information is processed (“Purpose”):

3.1. Administration of Products and Services

3.1.1. Performing contracts or other transactions that we enter into;

3.1.2. Providing, managing and supporting our products and Services;

3.1.3. Identifying and authenticating Customer's access to the Services;

3.2. Marketing and communication

3.2.1. Program and Event Communication: This includes relaying information about our or our partners' programs or events, such as webinars, conferences, contests, or surveys.

3.2.2. Marketing Initiatives: We market our Sites, products, and Services through methods such as commercial emails, newsletters, targeted advertisements, phone calls, and SMS messages.

3.2.3. Inquiries and Requests: Addressing inquiries, requests, and comments from Customers;

3.2.4. Personalization: Personalizing our Sites, Services, products, and communications.

3.2.5. Responding to queries regarding our Services.

3.3. Development of products and services

3.3.1. Business Enhancement: Evaluating and improving our business operations which encompasses enhancing our Sites, Services, products, and communications; developing new Sites, Services, and products; and assessing the effectiveness of our promotions and advertising;

3.3.2. Data Analytics: Performing data analytics for internal research 4 or other business purposes 5.

3.3.3. Obtaining your feedback with regard to the Services;

3.3.4. Improving our software and Services

3.3.5. Supporting and troubleshooting our software

3.4. Business management and administration

3.4.1. Security and Compliance: Detecting and investigating fraudulent and suspicious activity, ensuring the safety and Security of our Sites and adhering to legal and regulatory obligations (e.g., violations of our Terms of Use );

3.5. The information gathered through automated technologies serves the purposes described in the “Information Collected Through Automated Technologies” section above.

3.6. Carboledger avoids using solely automated means to reach decisions that would have legal or significant consequences on individuals without affording the opportunity for human review. Should such decisions occur, we furnish information about the decision-making process, its implications, and the procedure for requesting human review.

3.7. We may employ Personal Information for other purposes that we inform you of as long as we have your prior consent, a legitimate business interest, or another lawful justification to do so.

3.8. We may aggregate or anonymise information to render it incapable of identifying the source of such information in the interest of maintaining confidentiality of such information. In compliance with relevant laws in the USA, this information may be utilized for analytical purposes such as enhancing our Services, product development, identifying industry trends, and benchmarking. In cases permissible by law, aggregated or de-identified 6 data might be shared with third parties, as described in the "Sharing Personal Information" section below.

4. Sharing Personal Information

We do not disclose your Personal Information to third parties except as described in this Privacy Policy, or as permitted by applicable laws in the USA.

4.1. Within Corboledger. We may share Personal Information with our parent, subsidiary and affiliate companies aligning with the Purposes outlined in the “Utilization of Personal Information” section above.

4.2. With our trusted service providers. We may share Personal Information with service providers 7 that perform services on our behalf for the purpose of:

4.2.1. Storing Personal Information on our behalf (e.g., cloud computing service providers).

4.2.2. Assisting us with our business operations and software and improving it (e.g., processing and analyzing Customers' Feedback); and

4.2.3. Performing research, technical diagnostics and analytics with regard to the software.

4.3. Prior to sharing 8 Personal Information with any service provider, Carboledger shall take measures to ensure the service providers agree and commit to complying with applicable laws in the USA, uphold strong data security, and handle Personal Information solely as per our instructions.

4.4. With partner organizations. We may share Personal Information with specific partners, as outlined below:

4.4.1. In instances when a third party, such as a, business or other entity grants you access to a Carboledger product or Service, we may share information concerning your usage, assessment outcomes, and inputted data not including confidential information regulated by separate express agreement;

4.4.2. When you partake in a program or event where we have partnered or collaborated with third parties (such as a webinar, conference, or promotional event), we may share your information with the program/event sponsor;

4.4.3. Where you have access to our content or Sites, or you have chosen to receive electronic alerts about blogs, or your contribution to one of our blogs or other works has been accepted for publication, we may share your information (such as your name, organization and email id), pursuant to your express consent, when such content is published on the Site.

4.4.4. We may engage advertising partners to display ads and/or gather certain information when you visit our Sites. This information helps us provide advertisements tailored to your potential interests;

4.4.5. In situations not covered above, if you have consented to disclosure or we have a lawful and legitimate business reason for disclosure, we may share your Personal Information.

4.5. With other third parties. We will share Personal Information with external third parties under circumstances where we hold a sincere belief that such disclosure is imperative to adhere to legal obligations or legal procedures. This action is, to safeguard and uphold our rights and property, to protect the safety or property of our Consumers, Customers or the general public, or to protect and counteract any misuse or unauthorized utilization of our Sites and Services. We may also share Personal Information in connection with corporate transactions, such as a

4.6. Carboledger does not sell 9 Personal Information to other organizations without express consent of the Customer.

5. International Information Transfers

5.1. Given Carboledger’s international scope, we want to emphasize that we primarily focus on demonstrating compliance with U.S. laws. Personal Information may be transferred, stored or processed in any country where Carboledger or its service providers operate. This includes the United States, India, South Asian Region and European Union. We are committed to taking all requisite measures to ensure that Personal Information is handled securely and in compliance with applicable data protection laws with a primary focus on compliance with U.S. regulations.

6. Retention of Personal Information

6.1. Personal Information is retained by us for as long as necessary to carry out the Purposes and objectives described above, to resolve disputes, and for any additional period required reasonably or by law.

7. Safeguarding Personal Information

7.1. Carboledger places utmost significance on upholding the security, integrity, and confidentiality of Personal Information. To achieve this we have implemented a range of technical, administrative, and physical security measures. These measures are meticulously designed to prevent unauthorized access, disclosure, use, modification and destruction of Personal Information.

8. Protection of Children and Students

8.1. Carboledger is committed to refrain from knowingly collecting, using, or disclosing information from or about children under 14 years old without the prior consent of their parent or lawful guardian. If you are a child under applicable law of the USA, you should refrain from using Carboledger’s Sites for any purpose unless you obtain consent from your parent or lawful guardian. If you are parent whose child has used Carboledger’s Sites for any purpose by which Personal Information of your child might have been collected you are requested to immediately inform Carboledger so that we may assist you with examining, reviewing or removing any Personal Information that we may have accumulated from your child, to prevent further collection or use of your child’s information, or if you have inquiries concerning these information practices, please reach out to us at support@carboledger.com.

8.2. In the United States, certain information relating to students is governed by the Family Educational Rights and Privacy Act (FERPA).

9. Your Rights

9.1. The rights bestowed by data privacy regulations differ across geographical locations, and we will address requests in accordance with applicable laws in the USA. Should you choose to exercise any of these rights, we assure you that no discriminatory treatment will result from your decision.

9.2. These laws typically grant you the following rights:

Right to access your Personal Information held by us;
Right to receive an electronic copy of the Personal Information we have about you;
Right to rectify any inaccuracies in your Personal Information;
Right to know what Personal Information is being sold or shared and to whom (if at all)
The right to update, correct or delete your Personal Information; and
Right to impose restrictions or raising objections to the processing of your Personal Information by us.
Right to opt out of sale or sharing of Personal Information.

9.3. You also have the right to lodge a complaint with a supervisory authority. However, we would encourage and recommend that you reach out to us first, and allow us the opportunity to resolve your concerns.

9.4. You also have the right to have readily available means of grievance redressal provided by us in respect of any act or omission regarding the performance of our obligations in relation to your Personal Information. For any grievances, we encourage you to review our Grievance Policy.

9.5. You can initiate the exercise of your rights by submitting a request to the Data Privacy Team by email at support@carboledger.com. Such requests can only be made by you, your duly authorized representative, or you on behalf of your child. To ensure protection of Customers’ Personal Information, we will only proceed with your request upon reasonable verification of your identity or your representation of the Customer whose Personal Information we hold.

9.6. When you submit a request, we may seek additional information to confirm and verify your identity and facilitate the fulfillment of your request. If,for any reason, we are unable to fulfil your request, an explanation will be provided. While we typically do not impose charges for the exercise of your rights, we reserve the right to levy a charge in exceptional circumstances where a business necessity exists and where such levy is in compliance with relevant data privacy laws.

9.7. If you have granted consent to data processing, you can withdraw that consent at any time. To review or modify your marketing preferences, you can utilize the “opt-out” or unsubscribe mechanism within the communications that you receive from us. Alternatively, you can submit a request via email to support@carboledger.com. It is important to note that you may still receive necessary transaction communications if you engage with our products or services.

10. Queries and Grievances

10.1. For inquiries or remarks regarding the handling of your Personal Information by Carboledger, or should you intend to lodge a complaint, please email us at support@carboledger.com. Alternatively, you can connect with Carboledger’s Data Protection Officer using the provided contact information below:

Data Protection Contact -

10402 W 168th Terr
Overland Park, KS 66221
United States of America

11. Third Party Website Links

11.1. Carboledger’s Sites may incorporate links to websites operated/owned by third-parties . While navigating through these links, it is important to acknowledge and note that each third-party website is subject to its own privacy and data protection policies. These policies are distinct from the coverage provided by this Privacy Policy.

12. Updates and Modification to This Privacy Policy

12.1. We routinely evaluate and review this Privacy Policy to ensure it is up to date. Any revisions to the Privacy Policy will be published on this page and will take effect from the specified Effective Date above. In the event of a substantial alteration to the way we collect, use, or share Personal Information, we will display a conspicuous notification or issue appropriate notice as required by law. If required, we may seek your updated consent to enable us to continue processing. We recommend and encourage that you intermittently review this page for recent details regarding our privacy protocols.

13. Supplemental Notice For California Residents

13.1. This supplemental notice is specifically intended for individuals residing in California and serves to elucidate our data management procedures in accordance with the relevant privacy regulations in California, notably the California Consumer Privacy Act (CCPA). If you happen to be a California resident, and we gather “personal information" as defined by the CCPA, the following provisions are pertinent to you. Please note that this section does not pertain to or govern our treatment of publicly accessible information or personal data that qualifies for exemptions under the CCPA.