Privacy Policy

Last Updated: 13th May 2026

At crp.eco, we are committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, and protect your information when you use our carbon accounting platform and services.

1. Information We Collect

To provide our carbon reporting and PPN 006 compliance services, we collect:

• Account Information: Name, email address, job title, and company name.
• Carbon Accounting Data: Information extracted from utility bills (electricity, gas, water), fuel receipts, travel logs, and flight details.
• Automated Data: IP address, browser type, and usage data via cookies to improve platform performance.
• Payment Information: If applicable, processed securely via third-party providers (e.g., Stripe).

2. How We Use Your Information

We use the data collected to:

• Calculate your organization’s carbon footprint (tCO2e).
• Generate PPN 006-compliant reports and reduction plans.
• Allow "Carbon Accountants" to manage client data (if you are using the expert/affiliate portal).
• Communicate updates about your account or changes to environmental regulations.

3. Data Processing and AI

Our platform uses AI-powered tools to extract usage data from uploaded documents.

• Data Security: Uploaded documents are processed securely and are only used to generate your specific emissions insights.
• No Third-Party Selling: We do not sell your raw utility data or personal information to third parties.

4. Sharing of Information

We may share your information only in the following circumstances:

• Public Sharing: If you choose to use our "Share Publicly" feature to demonstrate your sustainability goals.
• Collaborators: If you invite team members or carbon consultants to view your dashboard.
• Service Providers: With trusted vendors who help us run the platform (e.g., cloud hosting, email delivery).

5. Data Retention

We retain your data for as long as your account is active or as needed to provide you with historical carbon tracking. You may request the deletion of your data at any time by contacting us.

6. Your Rights (GDPR/UK GDPR)

Depending on your location, you have the right to:

• Access the personal data we hold about you.
• Request the correction or deletion of your data.
• Object to the processing of your data for marketing purposes.
• Withdraw consent for data processing at any time.

7. Security

We implement industry-standard security measures (encryption, secure servers) to protect your uploaded bills and carbon reports from unauthorized access.

8. Data Isolation and Security

We employ a "Siloed Data Architecture" to ensure your company’s information remains private and secure.

• Logical Isolation: Each customer’s data is stored in a dedicated, logically isolated environment. This ensures that your data is never commingled with that of other users, preventing any risk of cross-tenant data leakage.
• Encryption at Rest: All sensitive information, including uploaded utility bills and calculated carbon reports, is encrypted at rest using AES-256 encryption. This means that even if the physical storage were accessed, the data would remain unreadable.
• Encryption in Transit: All data moving between your browser and our servers is protected using TLS (Transport Layer Security), ensuring that your information is shielded from interception during transmission.

9. Contact Us

If you have any questions about this Privacy Policy, please contact us at: Email: ops@crp.eco Website: crp.eco

‍