Emitwise Privacy Policy
EMITWISE.COM
Privacy Policy
1. WHO WE ARE
Emitwise.com (the Website) is operated by Emitwise Limited (Company Number: 12290905; Registered Office Address: Emitwise Ltd, 7 Harp Ln, London, EC3R 6DP) (Emitwise, we, us, our). Our services, offered by our Website, help businesses monitor and manage their carbon footprint (the Services).
There is a small amount of personal data that we process as a result of your use of our Services. Where we process personal data to provide the Services to our customers and their end users, we are acting as a processor of that personal data on behalf of our customer. The controller of that personal data will be your employer, and you should review their privacy policy for details of how they use your personal data. We may also process some personal data to manage our relationships with our customers, provide our Website, and as we promote and improve our Services. We are the ‘controller’ of this data for the purposes of the General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018. This policy explains how we process personal data (the Policy).
If you have any questions about personal data processing by Emitwise, please email contact@emitwise.com.
2. SCOPE & ACKNOWLEDGEMENT
This Policy applies to any personal data you submit to us via the Website or Services or that you generate whilst browsing the Website or through other direct channels (‘directly obtained information’) and also to any other information about you that comes our way during our business development efforts (‘indirectly obtained information’).
By submitting personal data to us, you acknowledge that you have read this Policy and that we expect you to help us maintain your information accurately and up-to-date. We endeavour to bring this Policy to your attention every time we obtain information directly from you. In all other circumstances, we will bring this Policy to your attention the first time we reach out to you.
We would not ask you for any information related to your health, religious/political/philosophical beliefs, or racial background or any other sensitive matters, so please do not submit such information to us.
3. PROCESSING ACTIVITIES
We process the following personal data for the following purposes and on the following legal ground(s):
- Indirectly obtained information: Any publicly available information relating to you or received from your employer (our customer), such as your name, employer, job title, and contact details (including email address and telephone number).
We use this information for:- (1) Business development and marketing.
- Our lawful basis: This processing is necessary for the purposes of the legitimate interests we pursue, namely our pursuit of new business opportunities (Article 6(1)(f) GDPR).
- Directly obtained information: Any information you submit to us via the Website, including your (user)name, password, contact details, job title, how you use the Website and Services, and any other information you decide to submit via web forms or any other means.
We use this information for:- (1) Delivering the Services available via our Website.(2) Responding to enquiries from current or prospective customers.(3) Publishing testimonials.(4) Direct marketing.(5) Analysis and improvement of our Services.
- Our lawful basis:
- (1) If you wish to use our Services, we would need your details to deliver them, so this processing is necessary for the performance of the contract with you (Article 6(1)(b) GDPR).
- (2) If you wish to make an enquiry with respect to our Services, then we would need your details to process your request, so this processing is necessary to take steps to enter into a contract with you (Article 6(1)(b) GDPR).
- (3) If you are pleased with our Services and would like to share your satisfaction, then we would be delighted to receive a recommendation from you that we can publish on the Website. For that, we would need your consent (Article 6(1)(a) GDPR).
- (4) If you decide to opt-in to receive direct marketing from us, then we would generally seek your consent (Article 6(1)(a) GDPR) unless we are exempt from doing so.
- (5) The processing is necessary for our legitimate interests in improving our Services (Article 6(1)(f) GDPR).
- Any information you generate: Information generated whilst you browse the Website, use our Services, or read our direct marketing materials. This information is generated with the help of cookies and similar technologies and may include:
- Browser type and versionOperating systemThe website from which you reach our WebsiteSub-websitesDate and time of access to our WebsiteYour IP addressYour ISPOther similar data
- (1) The correct and efficient delivery of Website content.(2) Ensuring the viability of information technology systems and Website technology.(3) Analysis of the Website, Services, and any direct marketing materials’ performance and engagement.(4) Optimisation of the Website content, including its advertisement on search engines.(5) Delivery (via third parties) of targeted advertising tailored to your interests.
- Our lawful basis:
- (1) and (2): Such technologies are considered ‘essential’, and we process the information derived from them in pursuit of our legitimate interests (Article 6(1)(f) GDPR), namely ensuring the efficient, functional, and safe delivery of the Website and any direct marketing materials.
- (3) to (5): For such processing, we need to have your consent (Article 6(1)(a) GDPR). Please exercise your choice with respect to ‘non-essential’ cookies via the cookies pop-up on the Website. For the technical details of the cookies in use, please see the section on cookies and similar technologies below.
4. PERSONAL DATA SHARING
We may share your personal data with the following recipients for the purposes and on the legal grounds outlined below:
- Suppliers: We may disclose your personal data to our suppliers who help us provide the Services and run our business. Our suppliers may process your personal data on our behalf solely in accordance with our instructions and pursuant to a written contract. For example, we use suppliers for web hosting, secure cloud storage, analytics, email delivery, fonts, and other services.
Legal grounds:- (1) Necessary for us to be able to provide our Services (Article 6(1)(b) GDPR).
- (2) Necessary for the purposes of the legitimate interests that we pursue (Article 6(1)(f) GDPR), namely our pursuit of improving our Services by monitoring their use.
- (3) When none of the above applies, we will seek your permission in order to use a certain supplier with respect to your personal data (Article 6(1)(a) GDPR).
- Advisors: We may disclose your personal data to our professional advisors, such as solicitors or accountants, who are usually regulated by a competent authority, where necessary.
Legal grounds: Necessary for the purposes of the legitimate interests that we pursue (Article 6(1)(f) GDPR), namely the proper administration of our business. - Authorities: We may disclose your personal data to the court service, regulators, or law enforcement agencies in connection with proceedings or investigations where we are compelled to do so.
Legal grounds:- (1) Necessary to comply with a legal obligation (Article 6(1)(c) GDPR).
- (2) Necessary for the purposes of the legitimate interests that we pursue (Article 6(1)(f) GDPR), namely the protection of our business.
- Corporate restructuring: If we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets. If Emitwise or substantially all of its assets are acquired by a third party, personal information about our customers will be one of the transferred assets.
Legal grounds: Necessary for the purposes of the legitimate interests that we pursue (Article 6(1)(f) GDPR), namely the proper administration of our business.
5. TRANSFERS OF PERSONAL DATA OUTSIDE THE EUROPEAN ECONOMIC AREA (‘EEA’)
The very nature of Internet communications means that at least some of the personal data processed by us and the parties we share it with will be processed outside the European Economic Area (EEA). The EEA is composed of countries offering a high standard of personal data protection under the GDPR, which imposes certain restrictions on outbound transfers to most non-EEA territories.
Our primary customer database is physically located in the EU, but many of our suppliers have offices or headquarters located outside the EEA. Please email contact@emitwise.com if you would like further details of the specific safeguards applied to the export of your personal data outside the EEA (where applicable).
6. YOUR RIGHTS UNDER EUROPEAN DATA PROTECTION LAW
We are committed to fulfilling the statutory data protection rights of our customers. If you send us a request regarding your rights under data protection law, we will respond within one month from the day of receipt and, where possible, address your request within that time. Where necessary, this period may be extended by up to a further two months in complex cases.
Please email contact@emitwise.com to exercise the following rights (which apply in certain circumstances) in respect of the personal data about you that we process:
- The right to be informed
- The right to access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to object to profiling
- The right to data portability
- The right to complain to the Information Commissioner’s Office (ICO)
- The right to withdraw consent
Detailed information on the full content of your rights (and the conditions that apply) is provided by the United Kingdom’s Information Commissioner’s Office (ICO) and is available on their website: https://ico.org.uk/your-data-matters/.
Whenever we use our legitimate interests (Article 6(1)(f) GDPR) as justification for the processing of your personal data, we apply a three-stage test to ensure that our interests are not overridden by your interests and rights under data protection law.
We do not engage in profiling which is capable of producing legal or other significant effects on you.
If you wish to receive our Services, please note that you are contractually required to submit to us certain data that may be personal. We need this information so that we know who our customers are and provide our Services. We also need it to provide customer support and to process payments (where applicable).
7. INFORMATION SECURITY
No data transmission over the Internet can be absolutely guaranteed to be secure from intrusion. Nevertheless, we maintain physical, electronic, and procedural safeguards to protect personal data in accordance with data protection legislation requirements. Please visit our trust centre to view Emitwise’s current information security posture.
8. DATA RETENTION PERIOD
We shall retain your personal data until you request us to no longer hold it, unless we are required to keep it by law. If your personal data becomes irrelevant for the purpose for which it was originally collected, we will securely dispose of it. As a general rule, we delete data about users who have not used our Services for more than two years.
In all other cases, to determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process personal data, and whether we can achieve those purposes through other means, as well as the applicable legal requirements.
Please note that the foregoing does not apply to any personal data that has been irreversibly anonymised, meaning data rendered anonymous in such a manner that you are no longer identifiable from such data. Under the applicable law, such data is not deemed ‘personal’ and may be retained indefinitely.
9. COOKIES AND SIMILAR TRACKING TECHNOLOGIES
Some cookies and similar technologies, particularly those that track users’ browsing behaviour across the web are perceived by data protection regulators as privacy-intrusive. We are, therefore, presenting the below information to our Website visitors and direct marketing material recipients in order to explain why and how we use this technology.
| Name of Technology | Type of Technology | Party Serving the Technology | Purpose of Technology | Lifespan of Technology on Users’ Hardware | Link to Privacy Policy of Third Party Serving the Technology |
|---|---|---|---|---|---|
| Session tracking | Script | LogRocket | Bug tracking and fixing | 12 months | LogRocket Privacy Policy |
| Usage analytics | Cookies | Google Analytics | Analytics | 12 months | Google Analytics Privacy Policy |
| Usage analytics | Script | Mixpanel | Usage analytics | 12 months | Mixpanel Privacy Policy |
In addition to the controls provided on our Website via the pop-up, you can choose to block cookies by activating the settings on your browser that allow you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies), you may not be able to access parts of the Website. Your browser settings also allow you to delete all cookies stored on your device whenever you wish.
The UK Information Commissioner’s Office provides the following guidance on controlling cookies:
- A number of websites provide detailed information on cookies, including AboutCookies.org and AllAboutCookies.org.
- The European Interactive Digital Advertising Alliance website Your Online Choices allows you to install opt-out cookies across different advertising networks.
- Google has developed a browser add-on to allow users to opt-out of Google Analytics across all websites which use it. This is also available in the Chrome web store.
- Some browsers include a feature known as ‘Do Not Track’ or DNT. This allows you to indicate a preference that websites should not track you. However, whilst DNT is available in many browsers, websites are not required to recognise its request, so it may not always work. You can get help on how to use DNT in Microsoft Edge, Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, and Opera.
- For more information on how private browsing works as well as its limitations, visit the support pages for your browser: Microsoft Edge, Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Safari (iOS and desktop), and Opera.
If you are concerned about online tracking then we recommend:
- Installing a privacy-friendly browser on your device, such as Mozilla Firefox, Firefox Focus, or Brave.
- Installing anti-tracking and ad-blocking plug-ins on that browser, such as Ad Block Plus, Ghostery, or PrivacyBadger.
- Using privacy-friendly web search engines, such as DuckDuckGo or Qwant.
If you have any questions about the cookies or similar technologies in use on our Website or in any direct marketing material, please use the get in touch section of our Website.
Personal data of website visitors will be used for the personalisation of Google Ads, and cookies may be used for personalised and non-personalised advertising. You can find out more about how Google uses your data on Google’s Privacy & Terms site.
Date of Last Amendment: 30 December 2024