Contents
1. Introduction and scope
Greenr Global Pty Ltd (ABN 70 644 562 014) (“Greener,” “we,” “us,” or “our”) is dedicated to safeguarding the privacy of our customers, users, and stakeholders. We acknowledge the trust placed in us when handling ESG-related data, and we handle that responsibility with care and openness.
This Privacy Policy explains how we collect, use, store, disclose, and safeguard your personal information when you use our websites, applications, platforms, or services (collectively, the “Services”).
Greener is based in Australia and complies with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Where necessary, and where applicable, we aim to align our practices with international frameworks such as the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act (CCPA/CPRA), and the EU Artificial Intelligence Act. In case of any inconsistency, Australian law will take precedence unless otherwise agreed in writing.
Our Services include Greener for Enterprise, Greener Connect, and related tools that assist organisations in meeting climate-related disclosure obligations, including Mandatory Climate Reporting (MCR) under frameworks such as the Australian Sustainability Reporting Standard (AASB S2), the Greenhouse Gas Protocol (GHG), and the Partnership for Carbon Accounting and Financials (PCAF).
This Policy applies when:
You access or use our Services in any capacity, such as an employee, administrator, or consultant.
Your organisation or a partner firm supplies your data to us.
You upload content, interact with AI agents, or engage with any part of the Greener platform.
What’s Included
This Policy covers how we handle:
Information you provide to us directly
Information your organisation provides on your behalf
Information generated or inferred from your use of the platform (e.g. usage logs, classification results)
Information processed through our AI assistant and classification systems
Interactions with our infrastructure and subprocessors
What’s Not Covered
This Policy does not apply to:
Personal information relating to employment with Greener (covered under our HR privacy policy)
Third-party platforms or services that integrate with Greener are governed by their own privacy policies. If you choose to connect Greener to these platforms, they will handle your data according to their own terms, which we do not control. We recommend reviewing their privacy policies before using such integrations.
Aggregated or de-identified data that can no longer reasonably identify an individual.
Greener is a B corporation committed to transparency, stakeholder accountability, and responsible innovation. We see privacy as a fundamental part of ethical technology, especially when supporting climate governance, supply chain transparency, and enterprise readiness for ESG compliance.
If you have questions or need more details, please contact us using the information in Section 13.
2. Types of Personal Information We Collect
The types of personal information Greener collects depend on how you interact with our Services and your role within your organisation. We collect information directly from you, from your organisation, and automatically through your use of the platform. We may also process information embedded in documents uploaded by your company, ESG advisor, or authorised users
We collect the following categories of personal information:
Identifiers and Contact Details: Your name, business email address, phone number, company name, job title, and unique user ID.
Information your organisation provides on your behalf
Information generated or inferred from your use of the platform (e.g. usage logs, classification results)
Information processed through our AI assistant and classification systems
Interactions with our infrastructure and subprocessors
What’s Not Covered
This Policy does not apply to:
Personal information relating to employment with Greener (covered under our HR privacy policy)
Third-party platforms or services that integrate with Greener are governed by their own privacy policies. If you choose to connect Greener to these platforms, they will handle your data according to their own terms, which we do not control. We recommend reviewing their privacy policies before using such integrations.
Aggregated or de-identified data that can no longer reasonably identify an individual.
Greener is a B corporation committed to transparency, stakeholder accountability, and responsible innovation. We see privacy as a fundamental part of ethical technology, especially when supporting climate governance, supply chain transparency, and enterprise readiness for ESG compliance.
If you have questions or need more details, please contact us using the information in Section 13.
The Greener team develops AI-powered tools to assist with ESG and enterprise compliance decisions. We take our responsibilities seriously, ensuring our use of artificial intelligence remains safe, fair, transparent, and in line with evolving regulations. This policy applies to all Greener solutions, including Greener for Enterprise and Greener Connect.
We deploy advanced, multi-agent AI systems to support our platform workflows. These systems consist of specialised AI agents working together, under strict privacy and security measures, to perform tasks based on customer-provided data. Each agent functions within the same Responsible AI framework outlined in this policy.
1. Scope and Applicability
This policy applies to all AI features developed or deployed by Greener, including those integrated with third-party providers such as Microsoft, OpenAI, and Anthropic. It is intended for customers, partners, and stakeholders who want to understand our approach to ethical and responsible AI.
2. How We Use AI
We use AI to support, not replace, human judgment. Our use cases include.
2.1 Data Classification:
Automatically tagging general-ledger entries, corporate risks, and policy documents.
2.2 Conversational Chatbot:
A virtual assistant that helps users navigate ESG and compliance-related questions.
2.3 Semantic Document Search:
Enables intelligent, context-aware search over stored documentation.
2.4 Model Improvement:
We may use aggregated, de-identified general-ledger data to improve classification performance over time.
2.5 Agentic Workflows:
Multi-agent AI systems that use secure tenant data to complete ESG, compliance, and reporting-related functions. In the future, these systems may be extended to include autonomous orchestration agents, real-time document summarisation, adaptive policy checkers, and domain-specific copilots, each governed by the same privacy, security, and oversight controls defined in this policy.
2.6 Automated Sustainability Report Generation:
We plan to leverage AI to support the automated creation of documents aligned with major ESG and climate-related disclosure frameworks. This includes Australia’s Sustainability Reporting Standards (ASRS), the EU Corporate Sustainability Reporting Directive (CSRD), and the International Sustainability Standards Board (ISSB) frameworks. These capabilities will help customers streamline compliance workflows, improve report accuracy, and reduce the time and effort required to meet mandatory climate reporting obligations.
2.7 Content Generation:
Greener intends to use AI tools internally to support drafting policy templates, compliance content, marketing content and educational materials. All content generated will be subject to internal review before distribution.
3. Key Principles
Greener’s Responsible AI approach aligns with national and international ethical frameworks. Specifically, we adhere to:
- Australia’s AI Ethics Principles set out eight key values: human, social and environmental wellbeing; human-centred values; fairness; privacy protection and security; reliability and safety; transparency and explainability; contestability; and accountability.
- OECD AI Principles promote inclusive growth, human-centred values, transparency, robustness, security, and accountability in AI development and deployment.
3.1 Human-Centred AI
AI features assist users; they do not override or automate final decisions without human review options.
3.2 Privacy and Data Protection
Where applicable, we follow the Australian Privacy Act 1988 (APPS 1–13) and GDPR. We collect only the minimum data necessary, de-identify data where feasible, and ensure secure handling at every stage.
3.3 Fairness and Non-Discrimination
We regularly test AI systems to detect and reduce bias. Performance is monitored across datasets and user contexts to maintain equity.
3.4 Transparency and Explainability
Users are clearly informed when AI is in use. We provide understandable explanations for automated outcomes.
3.5 Security and ReliabilityAll systems follow best-practice security controls, including rest and transit encryption, and role-based access management. We use Microsoft Azure, OpenAI, and LangSmith monitoring tools to identify anomalies or model drift. We also implement Microsoft’s Azure Content Filter to reduce the risk of harmful or inappropriate content generation by our AI systems.
4. Data Governance and Model Training
4.1 Data Classification
Data is categorised into operational, training, and customer-specific tiers, each with defined access controls and retention policies. All data is reviewed for its purpose and necessity, and classification determines applicable minimisation and protection measures.
4.2 Data Minimisation and Purpose Limitation
We only gather the data necessary for clear, legitimate purposes. These include providing core platform functions, boosting ESG and compliance analysis, improving AI model performance, and ensuring secure cross-solution compatibility between Greener Connect and Greener for Enterprise (G4E). Data is not reused beyond its initial purpose unless re-consented or re-justified. Whenever possible, we use de-identified or aggregated data to protect privacy while responsibly improving models and features evolution.
4.3 Access Control and Security
Access to data is role-based and tightly restricted. Engineering teams implement least-privilege permissions and conduct regular reviews. Encryption is enforced for data in transit and at rest.
4.4 Model Tuning
Only aggregated, de-identified data may be used to enhance our models. We do not permit customer-specific training unless explicitly authorised. Model inputs and improvement datasets are recorded for traceability.
4.5 Third-Party ServicesWe collaborate with reputable AI providers Microsoft, OpenAI, and Anthropic. All third-party use adheres to our vendor due diligence and contractual safeguards, including privacy, retention, and responsible use.
5. Risk Management
5.1 Pre-deployment Risk Assessments
We perform assessments before deploying AI features to evaluate the likelihood and impact of bias, privacy risks, or misuse.
5.2 Risk Categories
Risks are classified into categories: bias exposure, privacy risk, automation failure, and legal sensitivity.
5.3 Review Frequency
A structured risk review process occurs quarterly, with ad hoc reviews for high-impact changes.
6. Monitoring and Auditing
6.1 Early-Stage Monitoring
As a growing company, Greener performs manual reviews of AI system behaviour and output before launching new features, and periodically as usage increases. We actively monitor for user feedback and partner reports to spot potential issues.
6.2 Risk and Performance Checks
Before deploying new AI features, we evaluate key risks, including fairness, accuracy, and reliability. As resources allow, we review these checks based on customer feedback and major platform updates. Continuous Improvement
We update our AI systems and controls based on real-world usage, user feedback, and legal or ethical standards changes. Our leadership team reviews major issues or incidents and informs our roadmap for improvement.
6.3 Looking Forward
As Greener grows, we intend to implement more formal and automated monitoring, audit, and improvement processes in line with industry standards and customer expectations.
7. User Rights and Controls
7.1 Access and Portability
Users may request access to the data we hold about them.
7.2 Opt-Out of Model Tuning
Users may opt out of having their de-identified data used for AI model improvement.
7.3 Deletion Requests
We honour deletion requests in line with applicable data protection laws.
7.4 Contestability and Appeals
Users can request a human review for decisions heavily influenced by AI. When possible, we offer a way to explain and, if appropriate, override or challenge AI-generated outcomes. Although our solutions do not yet feature a fully automated contestability process, we are dedicated to human oversight and intend to develop structured procedures for users to flag and seek review of high-impact decisions as our platform advances.
8. Contact
To exercise these rights, contact: ai-ethics@greener.com.au
9. Employee Training
Greener team members receive AI ethics, privacy and compliance training at onboarding and annually.
10. Employee Training
11. Reviewed Periodically
This policy is reviewed periodically and when there are regulatory or system changes. Major updates will be communicated to affected customers via our website when relevant. Regulatory oversight is performed by the Chief Legal Counsel, who monitors developments in Australian and international AI law, including the GDPR, EU AI Act, and any upcoming Australian regulations. Emerging risks and legal updates are highlighted to the AI Governance team for inclusion in internal controls, policy updates, or system modifications as needed.
12. Definitions
- AI Feature: Any product capability using machine learning or automated decision-making.
- De-identified Data: Data stripped of identifiers such that individuals or organisations cannot be reasonably identified.
- Model Drift: Decline in AI model performance due to changing input patterns.
- Bias Testing: Evaluation of output consistency across demographic or contextual groups.
- Agentic AI / Multi-Agent Systems: AI architectures where multiple specialised agents interact with secure customer data to perform defined workflows or analysis tasks collaboratively.
13. Further Reading
Australia’s AI Ethics Principles
EU AI Act Summary
GDPR Overview (EDPB)
