Privacy Policy
Effective Date: May 2026 | Last Updated: May 2026
This Privacy Policy applies to the website https://www.carbonpass.com.cn/en/ (the “Website”) operated by CARBONPASS GROUP PTE.LTD. (“we”, “us”, “our”). This policy explains how we collect, use, store, protect and share your personal data when you visit our Website, and sets out your rights under the General Data Protection Regulation (GDPR) (EU 2016/679).
By using the Website, you consent to the practices described in this Privacy Policy.
1. Data Controller
CARBONPASS GROUP PTE.LTD.
Website: https://www.carbonpass.com.cn/en/
Contact Email: arthur@carbonpassgroup.com
If you have any questions, requests or concerns regarding your personal data, please contact us at the email above.
2. Personal Data We May Collect
We collect only the minimum necessary information for operating the Website and providing our services. This may include:
- Technical Data: IP address, browser type and version, device information, operating system, referring website, pages visited, time and date of visit, and navigation paths.
- Voluntarily Provided Data: If you contact us via contact forms, email or other means, we may collect your name, email address, company name, and any information you choose to provide.
- Cookies and Similar Technologies: We use essential and analytical cookies to improve user experience and website performance.
We do not collect sensitive personal data (such as racial origin, political opinions, religious beliefs, health information) unless you explicitly provide it.
3. How We Use Your Personal Data
We use your data only for the purposes stated in this policy and in compliance with GDPR. Purposes include:
- To operate, maintain and improve the Website and its functionality.
- To respond to your inquiries, requests or communications.
- To send you information or updates related to our services (only with your explicit consent).
- To ensure website security, prevent fraud and troubleshoot technical issues.
- To comply with legal obligations or protect our legal interests.
We will not sell, rent or lease your personal data to any third parties for marketing purposes without your explicit consent.
4. Legal Basis for Processing (GDPR Article 6)
We rely on the following legal bases:
- Consent (Art. 6(1)(a)): For analytics cookies and marketing communications (you may withdraw consent at any time).
- Legitimate Interests (Art. 6(1)(f)): For essential website operation, security, and improvement of our services, provided these interests do not override your rights.
- Compliance with Legal Obligations (Art. 6(1)(c)): Where we are required by law to process your data.
5. Data Retention
We retain personal data only as long as necessary for the purposes for which it was collected:
- Technical / analytics data: retained for 12 months, then aggregated or anonymized.
- Contact inquiry data: retained for 36 months after last communication, unless a longer retention is required by law.
- Data you request us to delete: erased or anonymized as soon as reasonably possible.
6. Cookies and Similar Technologies
Our Website uses cookies and similar tracking technologies to enhance your browsing experience.
- Essential Cookies: Required for basic website functions; cannot be disabled.
- Analytical / Performance Cookies: Help us understand how visitors use the site.
- Marketing Cookies: Not used unless you explicitly consent.
You can manage or disable cookies via your browser settings. Please refer to our independent Cookie Notice for full details.
7. Data Security
We implement reasonable industry-standard technical and organizational measures to protect your personal data against unauthorized access, loss, theft, alteration or destruction.
However, no electronic transmission or storage is 100% secure; we cannot guarantee absolute security of your data.
8. Sharing of Personal Data
We do not share your personal data with third parties except in the limited circumstances below:
- Service Providers: We may share data with trusted third-party vendors (e.g., hosting providers, IT support) who process it only on our instructions and in compliance with GDPR.
- Legal Requirements: We may disclose data if required by law, court order or government request, or to protect our legal rights.
- Business Transfer: In the event of a merger, acquisition or asset sale, your data may be transferred as part of the transaction.
9. International Data Transfers
Our Website is operated from Singapore and China. If your data is transferred outside the European Economic Area (EEA), we will take appropriate safeguards (e.g., Standard Contractual Clauses (SCCs)) as required under GDPR.
10. Your Rights under GDPR
If you are a resident of the EEA, you have the following rights:
- Right of Access: Request a copy of the personal data we hold about you.
- Right to Rectification: Request correction of inaccurate or incomplete data.
- Right to Erasure (“Right to be Forgotten”): Request deletion of your data (where legally permitted).
- Right to Restriction of Processing: Request restriction of data processing under certain conditions.
- Right to Data Portability: Request transfer of your data to you or another controller.
- Right to Object: Object to processing based on legitimate interests or direct marketing.
- Right to Withdraw Consent: Withdraw any consent you previously gave.
To exercise any of these rights, contact us at arthur@carbonpassgroup.com. We will respond within 30 days as required by law.
11. Children’s Privacy
Our Website is not intended for persons under the age of 16. We do not knowingly collect data from children. If you become aware that a child has provided us with personal data, please contact us.
12. Changes to This Privacy Policy
We may update this policy from time to time. The “Last Updated” date will be revised accordingly. Material changes will be posted on the Website. Your continued use of the Website after changes constitutes acceptance of the updated policy.
13. Contact Us
For questions, concerns, or requests regarding this Privacy Policy or your personal data: