Privacy Policy

Last Updated: December 4, 2025

1. Introduction

greenbit.io ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website greenbit.io and use our services.

This policy complies with the General Data Protection Regulation (GDPR) for users in the European Economic Area (EEA), the California Consumer Privacy Act (CCPA), and other applicable US privacy regulations.

2. Information We Collect

2.1 Information You Provide to Us

We collect information that you voluntarily provide when you:

  • Complete our AI Health Check assessment: Name, email address, and assessment responses
  • Contact us: Name, email address, company name, phone number, and message content
  • Subscribe to our newsletter: Email address and preferences

2.2 Information Collected Automatically

When you visit our website, we automatically collect certain information through cookies and similar technologies:

  • Usage Data: Pages viewed, time spent on pages, click data, referral source
  • Device Information: Browser type, device type, operating system, IP address
  • Analytics Data: We use Google Analytics 4 to understand how visitors interact with our site

2.3 Cookies and Tracking Technologies

We use the following types of cookies:

  • Essential Cookies: Required for website functionality
  • Analytics Cookies: Google Analytics (GA4) to measure site performance
  • Security Cookies: Google reCAPTCHA v3 to prevent spam and abuse

You can control cookies through your browser settings. Note that disabling certain cookies may affect website functionality.

3. How We Use Your Information

We use the collected information for the following purposes:

  • Provide Services: To respond to your inquiries, process assessment results, and deliver requested services
  • Communication: To send you information about our services, updates, and marketing communications (with your consent)
  • Analytics: To understand how our website is used and improve user experience
  • Security: To detect and prevent fraud, spam, and abuse
  • Legal Compliance: To comply with applicable laws and regulations

4. Legal Basis for Processing (GDPR)

For users in the EEA, we process your personal data based on:

  • Consent: When you voluntarily provide information or accept cookies
  • Legitimate Interests: To operate our business, improve services, and analyze website usage
  • Contractual Necessity: To provide services you request
  • Legal Obligation: To comply with applicable laws

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information with:

  • Service Providers: AWS (hosting), Google (Analytics, reCAPTCHA), Amazon SES (email delivery)
  • Legal Requirements: When required by law, court order, or government authority
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

All third-party service providers are contractually obligated to protect your data and use it only for specified purposes.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law. Specifically:

  • Assessment Data: Retained for 3 years or until you request deletion
  • Contact Form Submissions: Retained for 2 years or until you request deletion
  • Analytics Data: Retained according to Google Analytics retention settings (26 months)

7. Your Rights

7.1 GDPR Rights (EEA Users)

If you are located in the EEA, you have the following rights:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time
  • Right to Lodge a Complaint: File a complaint with your local data protection authority

7.2 CCPA Rights (California Residents)

If you are a California resident, you have the following rights:

  • Right to Know: Request disclosure of personal information we collect, use, and share
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt-out of the sale of personal information (we do not sell personal information)
  • Right to Non-Discrimination: Not be discriminated against for exercising your rights

7.3 How to Exercise Your Rights

To exercise any of these rights, please contact us at:

We will respond to your request within 30 days (GDPR) or 45 days (CCPA).

8. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • SSL/TLS encryption for data transmission
  • Secure AWS infrastructure with access controls
  • Google reCAPTCHA v3 for bot protection
  • Regular security audits and updates
  • Honeypot fields and rate limiting to prevent abuse

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

9. International Data Transfers

Your information may be transferred to and processed in countries outside your country of residence, including the United States. We ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Data Processing Agreements with service providers
  • Compliance with EU-US Data Privacy Framework principles

10. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately, and we will delete it.

11. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these sites. We encourage you to review their privacy policies.

12. Do Not Track Signals

Some browsers have "Do Not Track" features. Our website does not currently respond to these signals. You can disable tracking through browser settings and opt-out of Google Analytics using the Google Analytics Opt-out Browser Add-on.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on this page with a new "Last Updated" date
  • Sending an email notification (if you have provided your email address)

Your continued use of our services after changes constitutes acceptance of the updated policy.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

greenbit.io

Email: privacy@greenbit.io

Contact Form: greenbit.io/#contact

15. Data Protection Officer

For GDPR-related inquiries, you may contact our Data Protection Officer at:

Email: dpo@greenbit.io

16. Supervisory Authority

If you are located in the EEA and believe we have not addressed your concerns adequately, you have the right to lodge a complaint with your local data protection supervisory authority.

Return to Homepage