Green Claims Audit EU Dir. 2024/825
Privacy Policy

Privacy Policy

Effective date: 9 July 2026

Green Claims Audit (a screening of your marketing claims against the EU Empowering Consumers Directive (2024/825)) is operated at greenclaimsaudit.com. This policy explains what personal information we collect, how we use it, and the choices you have. We keep the data footprint of this product deliberately small.

What we collect

We collect only what we need to deliver the report you pay for:

  • The claims text and details you type (the marketing and packaging copy you paste, plus context such as your markets and certifications). We use these solely to generate your report.
  • Your email address, so we can deliver the finished report and send your receipt.
  • Payment details are processed by Stripe. We never see or store your full card number, CVC, or expiry. Stripe is a PCI-DSS Level 1 certified payment processor; your card data goes directly to Stripe. We receive only a confirmation that payment succeeded and a limited record (such as the last four digits and a transaction ID) for our records and refunds.

Your claims text is used only to generate the report

The marketing and packaging copy you paste is used for one purpose: to produce your screening report. We do not sell it, publish it, share it with third parties, or use it to train models. It is not disclosed to anyone outside the delivery of your report.

Analytics: cookieless, no personal data

We measure aggregate traffic with Fathom Analytics, a privacy-first, cookieless analytics service. Fathom sets no cookies, collects no personal data, does no cross-site or cross-device tracking, and does not build advertising profiles. Because it collects no personal data and sets no cookies, it is compliant with the GDPR, the CCPA/CPRA, and the UK PECR without requiring a cookie-consent banner. We cannot use Fathom data to identify you.

We do not sell or share your personal information

We do not sell your personal information, and we do not share it for cross-context behavioral advertising, as those terms are defined under the California Consumer Privacy Act (CCPA) as amended by the CPRA. We do not have, and will not create, any such data-sale program.

Global Privacy Control (GPC)

We honor the Global Privacy Control (GPC) browser signal. Because we do not sell or share personal information in the first place, a GPC signal does not change what we do — but we treat any GPC signal as a valid opt-out request and will continue to not sell or share your data.

How we use your information

  • To generate and deliver the report you ordered.
  • To email you the report, a receipt, and any delivery follow-up.
  • To process refunds and respond to support requests.
  • To keep basic, non-identifying records required for accounting and fraud prevention.

We do not use your email for marketing newsletters unless you explicitly opt in.

Data retention

We keep your report inputs and email only as long as needed to deliver the report and provide support, and to meet legal, tax, and accounting obligations (typically up to the period required by applicable tax law). Payment records held by Stripe are retained under Stripe's own policies. You may ask us to delete your data at any time (see below), subject to records we are legally required to keep.

Your rights

Depending on where you live, you may have the right to access, correct, delete, or port your personal information, and to opt out of sale/sharing (we do neither). To exercise any of these rights, email hello@greenclaimsaudit.com and we will respond within the timeframe required by applicable law. We will not discriminate against you for exercising your privacy rights.

Children's privacy

This service is intended for adults and is not directed to children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us personal information, email hello@greenclaimsaudit.com and we will delete it.

Data security

Data is transmitted over encrypted HTTPS connections. Payment card data is handled entirely by Stripe. No method of transmission or storage is perfectly secure, but we limit the personal data we hold precisely to reduce risk.

International users

We operate from the United States. If you access this service from outside the US, you understand your information will be processed in the US and other jurisdictions where our processors (such as Stripe and Fathom) operate.

Changes to this policy

We may update this policy from time to time. When we do, we will revise the effective date above. Material changes will be reflected on this page.

Contact

Questions about this policy or your data? Email hello@greenclaimsaudit.com.

Terms of Service · Accessibility Statement