Last Updated: April 18, 2025
Website: https://greenm.io
Company Name: GreenM LTD
Company Address: 11 Shpytalna Street, Lviv, Ukraine
Contact: hello@greenm.io
Introduction
GreenM respects your privacy and is committed to protecting the personal data that you share with us. This Privacy and Data Protection Policy explains how we collect, use, store, share, and protect your personal data when you interact with our website, specifically through forms used to request consultations or information.
We aim to comply with global data protection laws such as the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and security practices aligned with ISO/IEC 27001, HIPAA. Our goal is to maintain a high standard of data privacy, security, and transparency for all users of our digital platforms.
This policy ensures that all individuals interacting with GreenM’s website and services understand:
- What personal data is collected
- Why and how it is processed
- What rights users have over their data
- What safeguards are in place
By accessing our website or using our services, you agree to the terms outlined in this Privacy Policy. If you do not agree with these practices, we kindly ask you to refrain from using our services and to contact us for further clarification.
Authorization and Enforcement
Authorization
This policy is approved by the GreenM CEO and enforced by the appointed Information Security Officer, where applicable.
Enforcement
All employees, contractors, and service providers of GreenM who handle personal data are required to comply with this policy. Violations may result in disciplinary action, contractual penalties, or legal liability.
Audits and Reviews
Regular audits will be performed by the security team to verify compliance. The policy will be reviewed annually or in the event of regulatory changes or significant business updates.
Definitions
To ensure clarity, we define key terms used in this policy:
- Personal Data: Any information relating to an identified or identifiable person. This includes names, email addresses, IP addresses, and any other data that could directly or indirectly identify you.
- Data Subject: The individual whose personal data is collected and processed — typically our website visitor, client, or job applicant.
- Data Controller: GreenM LTD is the legal entity that determines the purposes and means of processing personal data.
- Data Processor: Any third party that processes personal data on behalf of GreenM, such as cloud providers, email platforms, or analytics services.
- Processing: Any operation performed on personal data, such as collection, recording, organization, structuring, storage, alteration, retrieval, use, disclosure, or deletion.
Legal Basis for Processing
GreenM only processes your personal data when there is a lawful basis to do so. These are defined under Article 6 of the GDPR and are also consistent with data protection principles under other laws such as HIPAA:
- Consent: You have provided explicit consent for specific processing, such as submitting your name and email to receive a consultation.
- Contractual Necessity: We may process your data if it is required to fulfill a contract with you, such as organizing a meeting or delivering services.
- Legitimate Interests: We may process your data to pursue our legitimate interests, such as improving our services, provided these interests do not override your fundamental rights and freedoms.
- Legal Obligation: We may need to process your data to comply with applicable laws or lawful requests from public authorities.
Using one or more of these lawful bases ensures that your data is handled responsibly, legally, and ethically.
Why We Collect and Use Your Data
We collect and process your personal data for the following reasons:
- To Respond to Your Requests: When you fill out a contact or consultation form, we use your data to reply to your inquiry, schedule a meeting, and follow up.
- To Improve Our Website: By understanding how visitors use our site, we can enhance navigation, content, and usability.
- To Deliver Marketing (if you opt-in): We may send you relevant information about our services, news, or events if you give explicit consent. You can opt out at any time.
- To Ensure Security and Prevent Fraud: Technical logs help us detect unauthorized access or malicious behavior on our site, ensuring its integrity and availability.
- To Comply with Legal Obligations: We may be required to retain certain data or disclose it to authorities in response to lawful requests.
We never use your data for automated decision-making or profiling without informing you and obtaining your consent when required.
Whose Personal Data We Process and Where We Process It
Data Subject Categories
We process personal data belonging to a variety of individuals, depending on the context. These may include:
- Website visitors: individuals who browse or interact with our website or contact forms.
- Clients and prospective clients: individuals or organizations interested in our services.
- Suppliers and vendors: individuals representing organizations that provide products or services to GreenM.
- Event attendees: individuals who register for or attend GreenM-hosted or -sponsored events.
- Employees and contractors: individuals working for GreenM or engaged in project-based collaborations.
- Employees of our clients: particularly in B2B settings, we may process data of employees working on behalf of our customers.
- Job applicants: individuals who apply for a role at GreenM via direct submission or recruitment platforms.
How We Store and Protect Your Data
GreenM uses advanced security measures and best practices to protect your personal data against unauthorized access, loss, or misuse:
- Data Encryption: All data in transit is encrypted using HTTPS (TLS 1.2 or higher). Sensitive information at rest is also encrypted using industry-standard algorithms (e.g., AES-256).
- Access Control: Only authorized employees have access to your data based on their role and responsibilities. All access is logged and monitored.
- Multi-Factor Authentication (MFA): Admin-level systems require MFA for added security.
- Backups: Data is regularly backed up and stored securely with strict access controls.
All service providers and processors we work with are contractually obligated to implement equivalent security and confidentiality measures.
Where Your Data Is Stored
Your data is securely stored in:
- Information systems owned and operated by GreenM
- Cloud-based platforms and services under our control (e.g., CRM, analytics, secure file storage)
- Environments that adhere to international data protection standards and security certifications such as ISO/IEC 27001 or SOC 2
International Transfers
GreenM operates globally, and as such, personal data may be processed or transferred across borders. In particular:
- If you are located within the European Economic Area (EEA), your data may be transferred to countries outside the EEA, including to the United States or Ukraine, where some of our infrastructure or service providers are located.
- Such transfers are only made where adequate protections are in place, including the use of:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Data Processing Agreements (DPAs) with all processors
- Technical and organizational security measures that ensure ongoing confidentiality and integrity of your data
We ensure that these safeguards are reviewed regularly and that any international data transfers respect your rights and freedoms under applicable law.
What Information Do We Collect and How Do We Use It
Overview
We collect and process personal data only when it is relevant, necessary, and lawful. The information we collect depends on your interaction with GreenM — for example, whether you submit a contact form, subscribe to updates, engage with marketing material, or attend an event.
We collect this information under one or more of the following legal bases:
- Consent, when you voluntarily provide data (e.g., for consultations or newsletters).
- Legitimate interests, such as internal analytics, business communication, and service improvement.
- Contractual necessity, where data is needed to perform pre-contractual or contractual actions.
- Legal obligations, where specific data retention or reporting is required by law.
All personal data you provide must be accurate, truthful, and current. You are responsible for notifying us of any changes to your data.
Data You Provide Directly
We may collect the following types of personal information that you voluntarily submit via website forms, email communication, event registration, or direct business contact:
- First and last name
- Email address
- Phone number
- Company name, department, and role
- Postal address (if applicable for invoicing or delivery)
- Passwords or hints for authentication (if used for system access)
- Preferences and feedback (e.g., responses in surveys, polls, or event registrations)
- Information you provide while reporting technical or service issues
- Any personal information submitted on behalf of someone else (e.g., as a company representative)
We may also process any other personal data that you intentionally disclose to us through our communication channels, which may include phone calls, emails, chat messages, or social media platforms.
Automatically Collected Information (Technical Data)
When you visit our website, we collect limited technical data to ensure secure, functional, and optimized operation. This includes:
- Internet Protocol (IP) address
- Browser type and version
- Operating system and platform
- Device identifiers (if mobile or tablet)
- Referring and exit URLs
- Time zone and language settings
- Website visit history and interaction behavior (e.g., pages viewed, clicks, scrolling, hover events, time on page)
- Server error responses and page load times
- Contact actions triggered (e.g., clicked phone icon or social media buttons)
This data is processed strictly for internal analytics, security monitoring, error detection, and performance improvements. It is not used for profiling or automated decision-making without your knowledge and consent.
Data Collected for Events and Marketing
If you register for a GreenM-hosted or -sponsored event, we may collect:
- Your name, email, and company affiliation
- Event preferences or dietary restrictions
- Participation history
- Feedback after the event
From time to time, and only where permitted by law or where you have opted in, we may contact you via email to share:
- Special offers or promotional campaigns
- New services and product updates
- Invitations to participate in surveys or feedback loops
- Educational newsletters and case studies
Sharing Your Data
We share your personal data only when necessary and only with trusted entities, under the following conditions:
- With Service Providers: These may include CRM platforms, analytics tools, hosting services, email platforms, and consultants. All service providers sign Data Processing Agreements (DPAs) that limit their use of your data to our instructions only.
- With Legal or Regulatory Authorities: If required by law or court order, we may disclose your data to law enforcement or government agencies.
- Within GreenM Group: If your request is better handled by another entity within our corporate group, your data may be shared internally with the same privacy safeguards.
- During Business Transfers: If we are involved in a merger, acquisition, or asset sale, your data may be transferred, but only with appropriate notice and protection.
We never sell, rent, or trade your personal data to third parties for marketing or profit.
Use of Cookies and Tracking Technologies
Our website uses cookies and similar technologies for multiple purposes:
- Essential Cookies: Required for basic site functionality, such as navigation and session management.
- Analytics Cookies: Used to understand how users interact with the website (e.g., Google Analytics).
- Marketing Cookies: With your permission, we use cookies to deliver personalized ads via platforms like LinkedIn or Facebook.
We honor your choice regarding cookies. Upon visiting our site, you will be prompted to accept or reject non-essential cookies. You can also adjust your browser settings at any time to control cookie behavior.
Disabling cookies may limit the functionality of some pages but will not prevent you from accessing core services.
Data Retention
We retain your data only for as long as needed to fulfill the purpose it was collected for, or to comply with legal obligations.
- Contact/consultation form submissions are stored for 12 months after the last communication.
- Analytics and cookie-related data are retained for a maximum of 6 months.
- Backup data is retained per our disaster recovery and business continuity protocols and stored securely.
Once the retention period expires, data is either deleted or anonymized, unless legally required otherwise.
Data Concerning Children
GreenM does not knowingly collect or process personal data of individuals under the age of 18. Our services are intended for a general business audience. If we become aware that we have collected data from a minor, we will promptly delete it and take necessary steps to prevent future collection.
Parents or guardians who believe that their child has provided us with data are encouraged to contact us immediately at hello@greenm.io.
Your Privacy Rights
Under GDPR and similar regulations, you have the right to:
- Access the personal data we hold about you
- Rectify inaccurate or incomplete data
- Withdraw consent at any time
- Request erasure of your data (“right to be forgotten”)
- Restrict or object to data processing
- Request data portability in a structured, machine-readable format
- Lodge a complaint with your local data protection authority
We will respond to requests within 30 days. To exercise your rights, email us at hello@greenm.io.
Data Breach Notification
We take breaches seriously. If there is a personal data breach that poses a risk to your rights or freedoms, we will:
- Notify the supervisory authority within 72 hours (as required under GDPR)
- Inform you directly if the breach could result in significant harm
- Take immediate containment and mitigation measures
Our breach response plan includes audit trails, forensics procedures, and internal reporting mechanisms.
International Data Transfers
GreenM may transfer your data outside the European Economic Area (EEA) to countries that may not have the same level of data protection. When this happens, we ensure appropriate safeguards such as:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Data Processing Agreements with all non-EU service providers
- Additional technical and organizational measures
We regularly assess these safeguards to ensure ongoing compliance.
Changes to This Policy
This policy may be updated to reflect changes in technology, legal requirements, or our practices. Updates will be published on our website with a revised “Last Updated” date. If material changes are made, we will notify users via email or a notice on our homepage.
We encourage you to periodically review this policy.
Contact Us
For questions, requests, or complaints regarding this Privacy Policy or your personal data, contact us:
GreenM LTD
11 Shpytalna Street, Lviv, Ukraine
Email: hello@greenm.io
You can also request a full copy of the data we process about you, or ask for deletion, correction, or restriction of specific data elements.