Welcome to Digiai Carbon Privacy Policy

Last updated: 18 April 2026

Digiai Carbon ("Digiai Carbon", "we", "us", or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, store, and protect your personal data when you visit our website, use our platform, or interact with our services.

  1. Who We Are
    1. Digiai Carbon is a digital platform focused on carbon data, carbon tax and pricing compliance, CBAM-related automation, carbon measurement, carbon accounting, and related digital services.
    2. Our platform may support manufacturers, importers, declarants, service providers, financial institutions, and other authorised participants in carbon-related ecosystems.
    3. If you have any questions about this Privacy Policy or our data practices, you may contact us through the contact details published on our website.
  2. Scope of This Privacy Policy
    1. This Privacy Policy applies to personal data collected through our website, platform, digital tools, communications, and related services.
    2. It also applies where we collect personal data from users, business partners, clients, suppliers, professional advisers, and other persons who interact with us.
    3. This Privacy Policy does not necessarily apply to third-party websites, platforms, or services that may be linked from our website or integrated into our services. Those third parties may have their own privacy policies.
  3. Types of Personal Data We Collect
    1. Identity data, such as name, job title, company name, and professional role.
    2. Contact data, such as email address, telephone number, business address, and correspondence details.
    3. Account and access data, such as login credentials, user ID, account preferences, authentication records, and security-related information.
    4. Technical data, such as IP address, browser type, device information, operating system, time zone, language settings, referral source, and website usage data.
    5. Transactional and service data, such as service requests, platform activity, filings, submissions, declarations, uploaded records, and communications related to carbon compliance or related operations.
    6. Business and operational data, including information relevant to carbon measurement, emissions, supply chain records, trade flows, verification records, certification data, and financial integration workflows, where such data contains or is linked to personal data.
    7. Compliance and verification data, such as supporting documents, declarations, audit trails, identity verification materials, and records required for regulatory, compliance, due diligence, or fraud prevention purposes.
    8. Communication data, such as enquiries, feedback, meeting notes, support messages, and other correspondence with us.
    9. Cookie and analytics data collected through website technologies and similar tools.
  4. How We Collect Personal Data
    1. Directly from you when you fill in forms, create an account, request a demo, contact us, subscribe to updates, or use our services.
    2. From your organisation, employer, service provider, declarant, importer, manufacturer, or authorised representative where they provide your information in connection with our services.
    3. Automatically through cookies, logs, analytics tools, and other tracking technologies when you access our website or platform.
    4. From third parties, such as public registries, blockchain-based records, government-authorised sources, financial institutions, verification providers, data partners, and compliance-related ecosystems, where permitted by law.
    5. From integrations, APIs, and connected systems used to support compliance, reporting, automation, or validation of carbon-related and business data.
  5. How We Use Personal Data
    1. To provide, operate, maintain, and improve our website, platform, and services.
    2. To create and manage accounts, authenticate users, and provide access control.
    3. To support carbon measurement, carbon accounting, CBAM reporting, certificate-related workflows, and carbon pricing or tax compliance processes.
    4. To process submissions, automate workflows, generate reports, and facilitate digital compliance activities.
    5. To validate, reconcile, and audit data across production, trade, consumption, and related operational stages.
    6. To connect carbon-related data with financial, audit, and capital market workflows where applicable.
    7. To respond to enquiries, provide support, manage relationships, and communicate with users and business contacts.
    8. To monitor security, detect fraud, prevent misuse, and protect the integrity of our systems.
    9. To comply with legal, regulatory, tax, audit, reporting, and compliance obligations.
    10. To carry out analytics, research, testing, platform development, and service optimisation.
    11. To send administrative notices, service updates, and other necessary communications.
    12. To send marketing or promotional communications where permitted by law or where you have consented, and to manage your communication preferences.
  6. Legal Bases for Processing
    1. We may process personal data where it is necessary to perform a contract or take steps at your request before entering into a contract.
    2. We may process personal data where it is necessary for our legitimate interests, including operating and improving our platform, maintaining security, preventing fraud, supporting business operations, and developing our services, provided such interests are not overridden by your rights.
    3. We may process personal data to comply with legal or regulatory obligations.
    4. We may process personal data based on your consent where consent is required by law.
    5. We may also process personal data where otherwise permitted under applicable law.
  7. Cookies and Similar Technologies
    1. We may use cookies, pixels, tags, and similar technologies to operate the website, remember preferences, improve functionality, analyse traffic, and enhance security.
    2. Some cookies may be necessary for core website operation, while others may be used for analytics, performance measurement, or communications.
    3. You may manage cookies through your browser settings. However, disabling certain cookies may affect website functionality.
  8. Disclosure of Personal Data
    1. We may disclose personal data within our corporate group where necessary for internal administration, service delivery, compliance, security, or operational purposes.
    2. We may disclose personal data to service providers, cloud providers, IT providers, analytics providers, verification providers, compliance support providers, auditors, insurers, legal advisers, and other professional advisers.
    3. We may disclose personal data to government authorities, regulators, courts, law enforcement agencies, tax authorities, customs authorities, or other official bodies where required or permitted by law.
    4. We may disclose personal data to business partners, authorised ecosystem participants, financial institutions, market infrastructure participants, certification bodies, or data validation partners where necessary to provide the service or complete a relevant workflow.
    5. We may disclose personal data in connection with mergers, acquisitions, financing transactions, asset transfers, restructuring, or sale of all or part of our business.
    6. We may disclose personal data where needed to establish, exercise, or defend legal claims, or to protect rights, property, systems, users, or the public.
  9. International Data Transfers
    1. Your personal data may be transferred to, stored in, or accessed from countries outside your country of residence.
    2. Where we transfer personal data internationally, we will take reasonable steps to ensure that appropriate safeguards are in place, as required by applicable law.
    3. Such safeguards may include contractual protections, internal controls, access restrictions, encryption, or transfers to jurisdictions recognised as providing adequate protection under applicable law.
  10. Data Security
    1. We implement reasonable technical, organisational, and administrative measures to protect personal data against unauthorised access, misuse, loss, destruction, or alteration.
    2. These measures may include encryption, authentication controls, role-based access restrictions, system monitoring, logging, backup procedures, and other security safeguards appropriate to the nature of the data.
    3. Where relevant to our services, blockchain or immutable logging technologies may be used to record or support verification of key records, transactions, or compliance events.
    4. Although we take reasonable steps to protect personal data, no method of transmission, storage, or processing can be guaranteed to be completely secure.
  11. Data Retention
    1. We retain personal data for as long as reasonably necessary for the purposes described in this Privacy Policy.
    2. We may retain personal data for longer where required for legal, regulatory, tax, accounting, audit, dispute resolution, security, or recordkeeping purposes.
    3. Retention periods may vary depending on the type of data, the context in which it was collected, and applicable legal requirements.
    4. When personal data is no longer required, we will take reasonable steps to delete, anonymise, or securely dispose of it.
  12. Your Rights
    1. Depending on applicable law, you may have the right to request access to your personal data.
    2. You may have the right to request correction of inaccurate or incomplete personal data.
    3. You may have the right to request deletion of your personal data in certain circumstances.
    4. You may have the right to object to or request restriction of certain processing activities.
    5. You may have the right to withdraw consent where processing is based on consent, without affecting the lawfulness of processing before withdrawal.
    6. You may have the right to request portability of personal data where applicable.
    7. You may have the right to lodge a complaint with a competent supervisory authority or data protection regulator.
    8. We may request information necessary to verify your identity before responding to a rights request.
  13. Children’s Privacy
    1. Our website and services are generally intended for business and professional use and are not directed at children.
    2. We do not knowingly collect personal data from children except where explicitly permitted by law and necessary for a lawful purpose.
    3. If you believe a child has provided personal data to us without appropriate authority, please contact us so that we can take appropriate action.
  14. Third-Party Services and Links
    1. Our website or services may contain links to third-party websites, tools, exchanges, registries, data providers, or financial and compliance infrastructure.
    2. We are not responsible for the privacy, security, or content practices of third-party services that are not controlled by us.
    3. You should review the privacy policies of those third parties before providing personal data to them.
  15. Changes to This Privacy Policy
    1. We may update this Privacy Policy from time to time to reflect legal, regulatory, technical, or business changes.
    2. Any updated version will be posted on this page with a revised "Last updated" date.
    3. Where required by law, we will provide additional notice or obtain consent in relation to material changes.
  16. Contact Us
    1. If you have any questions, concerns, or requests relating to this Privacy Policy or our handling of personal data, please contact us through the contact details provided on our website.
    2. When contacting us, please provide sufficient information for us to understand and respond to your request.

© Digi AI Carbon 2026