top of page

Privacy Policy

Last Updated: August 10th, 2023

At CarbonInvoice™, we take data privacy seriously. Your data is integral to you and your business, and to how our product works, so it’s critical we make ensure it is safe. We follow industry best practices and are committed to providing the highest possible standards for our products and services.

Who are we?

When we refer to ‘we’ (or ‘our’ or ‘us’), that means CarbonInvoice Limited. We are based in New Zealand but we operate in other countries too.


We provide a platform for small businesses to take action on climate change and help them win new business.

Privacy Policy

This Privacy Policy describes the information we store and manage and how it is used.

We may update this policy from time to time and any changes changes will be shown on this site. Where appropriate we may notify you of changes via email.

This policy applies to all websites hosted on and, and any others managed by us.

How we collect your data

When you visit our website or use our services, we collect personal data.

Direct from You

When using our website or services we might ask you to provide data to us. This can include personal information like name, phone number, email address, or business data like your accounting and financial data. For business data, we always gather your consent to make a connection to your accounting software provider. This consent is ongoing in order to provide the service but you can disconnect at any time.

This type of data is used to provide our service to you, and used to help us figure out new improvements and enhancements we can make to our website and services.


When you use our website or services we will automatically collect information about you. This can include your IP address and device type. We also collect information when you navigate through our websites and services, including what pages you looked at, what links you clicked on and when. This helps us analyse how our users are using the system so we can continually improve our services.

Some of this information is collected using cookies and similar tracking technologies. You can choose not to accept cookies on our services, but this will mean you won’t be able to use the services.

Indirect via 3rd Party

Most of the information we gather is directly from you, but sometimes we will collect other information from publicly available sources or trusted third parties like our marketing and research partners. For example, we may pull information about your business from LinkedIn to show within our service.


We use this to supplement the other information we gather, and use it to improve the experience of our service for you.

How we use your data

The primary use of storing your personal and business data is to operate our websites and services that you’ve requested or subscribed to.

We also use your personal data for other purposes, which may include the following:

  • Communicating with you about the website and services, asking for feedback, notifying you of changes, marketing

  • Helping you use the website and services, and providing technical support

  • Helping us analyse and understand how we can continue to improve our website and services

  • To allow us to produce aggregated and anonymised reports that we can share publicly, with third parties or use for our own research

  • To publicly acknowledge your use of the website and service - no personal information would be disclosed as part of this

How we share your data

We do not sell, rent or lease your data, but there may be times when we need to share your data with other third-parties in order to provider our website and services.

We will only share your data:

  • with third party providers we use to operate the websites and service, or to market or promote our websites and services to you. These include Amazon Web Services, Hubspot, Auth0, Google, ChargeBee & Stripe

  • in relation to the proposed purchase or acquisition of our business or assets

  • where required by applicable law or any court, or in response to a legitimate request by a law enforcement agency.

  • with other people where we have your direct consent

How we store and protect your data

We are committed to protecting your personal and business information. All information you provide to us is stored encrypted on secure servers hosted within Amazon Web Service in Sydney.


We do not store any passwords directly - these are securely processed by our authentication service provider Auth0, or a third party authentication provider like Xero

We do not store any payment details like credit card data - this is securely processed by our payment service provider, Stripe.

Please see our security page for more details.

Your rights

It’s your data and you have rights under data protection laws in your country to your personal data including, requesting:

  • deletion of any personal and business information we hold about you

  • a copy of any personal and business information we hold about you

  • updates to any personal and business information we hold about you

If we send you any marketing communications, you can ask us at any time to stop.

If you would like to exercise these rights, or have any complaints, please email us at


bottom of page