Privacy Policy

Effective Date: 12 February 2026

Last Updated: 16 February 2026

Ecompare Ltd (“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website emissions.dev and use our API services (collectively, the “Service”).

We are registered in England and Wales under company number 11155291. For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, we are the Data Controller.

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Service.

1. Information We Collect

We collect information that identifies, relates to, describes, or is reasonably capable of being associated with you (“Personal Data”). The types of information we collect include:

1.1. Information You Provide to Us

  • Account Registration: When you register for an account, we collect your full name, email address, company name, and password.
  • Billing Information: If you subscribe to a paid plan, we collect your billing address and VAT number. Note that we do not store credit card details; these are processed securely by our third-party payment processor, Stripe.
  • Customer Support: We collect information contained in any correspondence you send to us, such as support emails or feedback.

1.2. Information We Collect Automatically

  • Usage Data: We automatically collect data regarding your use of the API, including the endpoints accessed, request volume, timestamp of requests, and response status codes.
  • Log Data: Our servers automatically record information sent by your browser or API client. This may include your IP address, browser type and version, and operating system.
  • Cookies and Tracking: We use cookies and similar tracking technologies to track the activity on our Service and hold certain information (e.g., keeping you logged into the dashboard).

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To Provide the Service: To create and manage your account, authenticate your API requests, and deliver the carbon calculation data you request.
  • Billing and Administration: To process payments, send invoices, and manage your subscription tier.
  • Security and Fraud Prevention: To monitor API usage patterns for abuse, detect security incidents, and protect against malicious activity.
  • Communication: To send you technical notices, updates, security alerts, and administrative messages.
  • Improvement: To analyse usage trends and improve the functionality and performance of our API.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.

3. Legal Basis for Processing

Under the UK GDPR, we rely on the following legal bases to process your Personal Data:

  • Contractual Necessity: We need to process your data to perform the contract we have with you (e.g., to provide the API service and process payments).
  • Legitimate Interests: We process data for our legitimate business interests, such as network security, fraud prevention, and product improvement, provided these interests are not overridden by your rights.
  • Legal Obligation: We may need to process data to comply with a legal obligation (e.g., tax and accounting records).

4. Disclosure of Your Information

We do not sell your Personal Data. We may share your information with:

  • Payment Processors: We use Stripe for payment processing. We do not store your full credit card details. That information is provided directly to Stripe, whose use of your Personal Data is governed by their Privacy Policy (https://stripe.com/privacy). Stripe may use your data for fraud prevention and to comply with legal obligations.
  • Service Providers: We share data with third-party vendors who help us operate the Service, such as cloud hosting providers (e.g., AWS, DigitalOcean), payment processors (Stripe), and email delivery services. These parties are authorised to use your Personal Data only as necessary to provide these services to us.
  • Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).
  • Business Transfers: If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your Personal Data may be transferred as part of that transaction.

5. Data Retention

We will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy.

  • Account Data: Retained for as long as your account is active. If you delete your account, we generally delete your personal data within 30 days, subject to the below.
  • Legal and Accounting: We may retain certain data (such as billing records) for up to 6 years to comply with tax and accounting obligations.
  • Usage Logs: API access logs are retained for a limited period for security auditing and performance monitoring before being anonymised or deleted.

6. International Data Transfers

Your information, including Personal Data, may be processed on computers located outside of the United Kingdom. If we transfer data to service providers outside the UK or the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as the UK International Data Transfer Agreement (IDTA) or the EU Standard Contractual Clauses (SCCs).

7. Your Data Protection Rights

Under the UK GDPR, you have the following rights:

  • The right to access: You have the right to request copies of your Personal Data.
  • The right to rectification: You have the right to request that we correct any information you believe is inaccurate.
  • The right to erasure: You have the right to request that we erase your Personal Data, under certain conditions.
  • The right to restrict processing: You have the right to request that we restrict the processing of your Personal Data.
  • The right to object to processing: You have the right to object to our processing of your Personal Data.
  • The right to data portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you.

To exercise any of these rights, please contact us at [email protected].

8. Security

We use administrative, technical, and physical security measures to help protect your Personal Data. These measures include encryption of data in transit (TLS/SSL), access controls, and regular security assessments. However, please be aware that no electronic transmission or storage method is 100% secure.

9. Third-Party Links

The Service may contain links to third-party websites. We are not responsible for the privacy practices or content of those third-party sites. We encourage you to review the privacy policies of any third-party sites you visit.

10. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top of this policy. You are advised to review this Privacy Policy periodically for any changes.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us:

Ecompare Ltd
Company Number: 11155291
Email: [email protected]