GreenChain Eco-ReceiptMerchant sign-in

Privacy policy

We respect customer privacy and avoid vague promises. This document explains what we collect, why, and how to reach us with questions.

No customer PII

We hash order identifiers with a project salt and never ingest customer names, email addresses, phone numbers, or addresses.

Transparent metrics

We store aggregated order data (weight, city pairs, adoption status) solely to calculate CO₂ estimates and show dashboard trends.

Optional communications

We email merchants about account activity (new sign-ins, key rotations, invoices). Marketing emails are opt-in.

Data we process

Merchant account information (email, optional name), project metadata, hashed order identifiers, shipment weight/distance inputs, API usage logs, and fund ledger entries. We store them in a managed Postgres database hosted in the EU.

Retention

We keep operational data for the lifetime of an active project. When a merchant cancels we retain receipts and ledger data for audit purposes for 24 months, then purge.

Security

API secrets are hashed, dashboards require email-based authentication, and all endpoints enforce HTTPS. We monitor failed sign-ins and rate limit ingestion endpoints.

Your rights

Merchants may request exports or deletion of their project data by emailing privacy@greenchain.site. We respond within seven days.

Last updated: 20 April 2024.