• English
  • Português
Login

GREENOLE PRIVACY POLICY

Last Updated: March 2, 2026

1. SCOPE OF THIS PRIVACY POLICY

Greenole (“Greenole”, “we”, “us”, or “our”) is committed to protecting privacy and handling data responsibly.

This Privacy Policy describes how we collect, use, process, and disclose:

(i) personal data collected through the Greenole public website (including greenole.com), the Greenole Platform (including app.greenole.ai), GreenEdge hardware devices, and related applications, integrations, and services (collectively, the “Services”); and

(ii) building telemetry and operational data generated within customer environments through Greenole devices, software, Green Clusters, and Green Nodes.

For purposes of this Policy, “personal data” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to an identified or identifiable natural person, as defined under applicable data protection laws.

Building telemetry and environmental data (such as HVAC metrics, IoT sensor readings, energy consumption data, and equipment performance data) are generally not personal data. However, to the extent such information can be linked to an identifiable individual, it will be treated as personal data in accordance with this Policy.

Depending on the context in which data is collected and processed, Greenole may act as a data controller or as a data processor/service provider on behalf of its customers, as further described in applicable agreements.

By accessing or using the Services, you acknowledge that your information will be processed in accordance with this Privacy Policy and the applicable Terms of Use.

2. THE CATEGORIES OF DATA WE COLLECT

To provide our PaaS solution, we collect various types of information, including personal data, usage data, and telemetry data. The categories collected include:

  • Contact and Identifier Information: Information used to communicate with you and provision your System Account or User Account, such as first and last name, job title, company name, corporate email address, recovery email, telephone number, and postal address.
  • Account and Commercial Information: Information maintained in association with your account, such as your username/user ID, hashed and securely stored password, GreenCoins balance, subscription tier (e.g., Base, Advanced, Enterprise), billing history, and support inquiries.
  • Internet or Network Activity (Action Logs): Information collected when you visit our website or interact with the Platform, including IP address, browsing history, login sessions, audit logs (tracking User clicks, dashboard creations, or modifications to alert rules), browser type, and operating system.
  • Telemetry and IoT Data: Data transmitted continuously by your physical devices, connected GreenEdge controllers, and third-party API integrations (such as BACnet, Modbus, or MQTT protocols). This includes temperature, humidity, energy consumption, vibration metrics, and equipment runtimes.

We do not intentionally collect sensitive personal data (e.g., religious beliefs, racial origin, or genetic data). If such data is inadvertently processed or required, we will process such data only where permitted by applicable law and with your consent.

3. HOW WE COLLECT DATA (SOURCES OF DATA)

Greenole collects data directly from you, automatically through our infrastructure, and from third-party partners:

  • Directly from You: When you create a System Account or User Account, configure an Environment (Green Cluster/Node), register devices, set up Continuous Commissioning rules, or contact our Customer Success team for support.
  • Automatically via Technology: We collect telemetry data directly from the GreenEdge gateways and IoT sensors installed at your facilities via secure protocols (e.g., MQTT). We also collect platform usage data via cookies, local storage, and analytics instruments (such as New Relic and Google Analytics) to monitor user behavior and platform performance.
  • From Third Parties: We may receive user provisioning data from our authorized System Integrators (Partners) who deploy Greenole solutions in your facilities, or via Single Sign-On (SSO) integrations if you choose to log in via third-party systems like Google or Microsoft.

4. HOW WE USE (PROCESS) YOUR DATA

Greenole uses the collected data for the following business purposes:

  • Service Delivery & Authentication: To verify your identity (including Multi-Factor Authentication), provision your access to specific Green Clusters, and maintain session state to ensure the security of your account.
  • Platform Operations & Features: To deliver real-time dashboards (Single Pane of Glass), trigger user-defined alerts, perform Fault Detection and Diagnostics (FDD), and generate automated operational reports based on your telemetry data.
  • Billing and Administration: To monitor your resource consumption (including data storage size, attributes updated per hour, and GreenCoins utilization), in order to manage subscriptions, calculate billing, and enforce SLA terms.
  • Security and Troubleshooting: To track unauthorized access, diagnose platform errors, maintain system uptime, and log user actions for compliance and auditing purposes.

5. DATA OWNERSHIP, AGGREGATION, AND GREEN AI

While the raw telemetry data originating from your building systems belongs to you, Greenole invests significant resources into the collection, consolidation, transformation, and processing of this data.

  • Consolidated Data Rights: The user grants Greenole the right to aggregate, anonymize, and de-identify your building telemetry data. Greenole retains ownership of these consolidated, anonymized datasets.
  • Green AI & Market Benchmarking: We utilize anonymized data to train our proprietary Green AI agents, improve our Continuous Commissioning algorithms, and generate macro-level analytics. This allows us to provide vertical market benchmarking (e.g., comparing a school’s energy efficiency against the national average for educational facilities). No personally identifiable information or specific organizational identifiers will ever be exposed in these aggregated market comparisons.

6. HOW WE DISCLOSE (SHARE) YOUR DATA

Greenole does not sell your personal information. We may disclose your data in the following scenarios:

  • Business Partners and Service Providers: We share data with trusted third-party sub-processors that support our operations, such as cloud hosting providers (Amazon Web Services – AWS), transactional email services, and payment processors. These providers are strictly bound by confidentiality agreements.
  • System Integrators (Partners): If your account is managed by an authorized Greenole Partner (System Integrator), their designated administrators may have access to your telemetry data and user roles to provide localized support and maintenance.
  • Legal Compliance: We may disclose data as required by law, regulation, or legal process, or to protect the rights, property, and safety of Greenole, our users, or the public.
  • Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, user data and telemetry datasets may be transferred to the acquiring entity under appropriate confidentiality protections.

7. COOKIES AND OTHER TECHNOLOGY

We use cookies, local storage, and similar tracking technologies to enhance your experience on our platform:

  • Required Cookies: Essential for platform functionality, maintaining secure login sessions, and navigating between environments without needing to re-authenticate.
  • Functional & Performance Cookies: Used to analyze how you interact with the platform (e.g., measuring dashboard load times, tracking the most-used widgets) to improve UI/UX and overall platform performance.

You can manage your cookie preferences through your browser settings, though disabling required cookies may severely impact your ability to use the Greenole Platform.

8. YOUR RIGHTS AND CHOICES (LGPD, GDPR, CCPA)

Greenole is committed to adhering to the most stringent data protection frameworks, taking the Brazilian General Data Protection Law (LGPD) as a baseline for protecting our users’ rights globally, alongside the GDPR and CCPA.

Subject to applicable law, you have the right to:

  • Access & Portability: Request a copy of the personal data we hold about you.
  • Correction: Edit your personal information, contact details, and platform preferences directly through the “User Account Settings” in the Platform.
  • Erasure (Deletion): Request the deletion of your personal data. Please note that for security and auditing purposes, platform usage logs and anonymized telemetry datasets may be retained where required for security, compliance, or legal obligations, but your personal identifiers will be removed.
  • Restriction & Objection: Object to or restrict certain processing activities.

To exercise any of these rights, please contact us at the details provided below.

9. VERIFICATION

Before responding to a request regarding your personal data, we must verify your identity to protect your information. We may ask you to confirm details associated with your account or require you to submit the request from the email address registered in the Greenole Platform.

10. HOW WE STORE AND PROTECT YOUR INFORMATION

Your data is securely stored on cloud infrastructure (AWS) located in the United States and other applicable regions.

Greenole implements robust physical, administrative, and technical safeguards. Our platform relies on encrypted data transmission, token-based authentication (JWT/OAuth), and strict Role-Based Access Control (RBAC).

Furthermore, we continuously monitor our cloud environments and strive to maintain high compliance standards to ensure maximum security.

Data Retention: When a Partner Account or Green Cluster is paused or expired, user access is blocked immediately. After a predefined configurable period, telemetry data is moved to cold storage in accordance with our retention policies.

11. CROSS BORDER DATA TRANSFERS

Greenole operates globally. Your personal data and telemetry information may be transferred to and processed in countries other than the country in which you are resident (including the United States). We utilize standard contractual clauses and appropriate technical safeguards to ensure that your data remains protected according to this Policy and applicable international laws.

12. CHANGES TO THIS PRIVACY POLICY

As our Platform and Green AI capabilities evolve, we may update this Privacy Policy. We will notify you of material changes by updating the date at the top of this document, providing a notice upon your next login, or sending a notification via your registered email address.

13. HOW TO CONTACT US

If you have any questions, concerns, or requests regarding this Privacy Policy, our data practices, or the terms of our service, please contact our Legal and Compliance team:

Email: legal@greenole.com
Address: Avenida das Nações Unidas, 14.401, Torre Tarumã C2, Cj. 1707, Chácara Santo Antônio, São Paulo – SP, CEP: 04794-000.