Skip to main content

AI

S
Written by Support

How Greenly Uses AI: Security, Privacy, and Governance

At Greenly, our mission is to make carbon accounting fast, accurate, and accessible. While our core calculation engine is built on deterministic, science-based rules (ADEME, GHG Protocol), we use Assistive AI (EcoPilot) to help you manage data more efficiently.
This article outlines how we govern these technologies to protect your data and ensure compliance with European regulations.

1. Our AI Principles

Our use of Artificial Intelligence is guided by four core pillars defined in our 2026 AI Governance Framework:

  • Human-in-the-Loop (HITL): AI never makes final decisions. It produces suggestions (e.g., categorizing an expense) that must be reviewed and explicitly validated by a user before being applied to your carbon footprint.

  • Purpose Limitation: AI is used for data preparation—cleaning, structuring, and matching—not for the actual emission factor calculations, which remain fully transparent and auditable.

  • Data Sovereignty: We prioritize local language models hosted in the EU (Google Cloud Paris) to minimize data transfers and ensure compliance with GDPR and the EU AI Act.

  • Energy Efficiency: We select and optimize models to minimize the carbon footprint of the AI itself.

2. Security & Data Privacy

We treat AI-processed data with the same rigor as any other sensitive information within our platform:

  • No Third-Party Training: By default, your data is never used to train the general models of our sub-processors (like OpenAI or Google).

  • Encryption: All data processed by AI modules is encrypted at rest and in transit (AES-256 and TLS 1.3).

  • Tenant Isolation: Your data remains within your dedicated environment. AI queries are stateless and do not "leak" context between different Greenly customers.

3. Compliance with the EU AI Act

Based on our assessment, Greenly’s AI functionalities are not classified as "high-risk" under the EU AI Act (Annex III).

  • Because our AI acts as a suggestion engine for environmental reporting rather than a critical infrastructure or legal decision-maker, it falls into the low/minimal risk category.

  • We maintain an AI Governance Committee that reviews our models annually to ensure we remain compliant as regulations evolve.

4. Customer Controls: You Are in Charge

We provide granular settings so you can align the platform with your company's internal AI policy:

  1. AI Training Opt-Out: You can choose to disable the use of your validated data for Greenly's internal model refinement.

  2. Feature Toggle: Specific AI features, like the "EcoPilot" chat or automated expense mapping, can be enabled or disabled at the organization level.

  3. Audit Logs: Every AI-generated suggestion that is validated by a user is logged in your audit trail, identifying which user approved the data.


Security Tip: For a deep dive into our sub-processor list and technical safeguards, customers can request access to our Vanta Trust Center or download our latest SOC 2 Type 2 Report.Need more details? If your legal or security team has specific questions about our AI deployment, please contact your Account Manager to receive our full Greenly AI Governance White Paper.

Did this answer your question?