PRIVACY POLICY.
How we collect, use, and protect your personal and business data under EU General Data Protection Regulation (GDPR).
GreenActions is committed to data transparency. This policy explains our practices regarding the data you provide and what we collect automatically.
Last updated: November 2025Scope & Controller
This Policy applies to all users of the GreenActions platform, website, and related services.
ZITA CH Single Member Private Company
Promitheos 33, 54629 Thessaloniki, Greece
Email: support@greenactions.io
Data We Collect
a) Data you provide
- Account information (name, email, password)
- Business and product data entered into the platform
- Billing and payment details (handled securely via payment processor)
b) Automatically collected
- Device and browser information, IP address, usage logs
- Cookies and similar technologies for session management
c) Business activity data
Operational or environmental data (e.g., electricity use, production volumes) remains the user's property; we process it solely to provide calculations.
Purpose & Legal Bases
| Purpose | Legal Basis |
|---|---|
| Provide and maintain Service | Contract Art. 6 (1)(b) GDPR |
| Billing and payments | Contract + Legal obligation |
| Communications and support | Legitimate interest |
| Platform analytics | Legitimate interest |
| Marketing (optional) | Consent |
| Compliance with law | Legal obligation |
Sharing & Transfers
We share data only with hosting, infrastructure, and payment providers; professional advisors; and authorities when legally obliged. All third-party processors are GDPR-bound.
If data is transferred outside the EU/EEA, we use Standard Contractual Clauses (SCCs) or equivalent safeguards.
Retention & Security
We keep personal data only as long as necessary for operation, legal retention, or security. Data is anonymized or erased within 90 days of termination unless legally required otherwise.
We employ encryption, access controls, and monitoring. Users are responsible for maintaining password confidentiality.
Your GDPR Rights
- • Access your data
- • Rectify inaccuracies
- • Request erasure
- • Restrict processing
- • Data portability
- • Object to processing
To exercise these rights, email support@greenactions.io. You can also contact the Hellenic Data Protection Authority (https://www.dpa.gr).
Liability & Cookies
GreenActions processes user-provided data and third-party factors. All results are estimates for informational purposes and must not be represented as externally audited unless verified.
We only use essential session tokens required for secure authentication and functionality.