Privacy Policy
Last updated: June 12, 2026
1. Introduction
Developer312 ("we," "us," or "our") operates the Eco-Auditor platform, a carbon accounting and emissions management service. This Privacy Policy describes how we collect, use, disclose, and protect information when you use our service.
By accessing or using Eco-Auditor, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this policy, please do not access the service.
This policy applies to all users of Eco-Auditor, including account holders, team members invited by account holders, and visitors to our website.
2. Who We Are
Developer312 is a subsidiary of NIGHT LITE USA LLC. We provide the Eco-Auditor platform from the United States.
Contact information:
- Email: hello@developer312.com
- Phone: (510) 401-1225
3. Information We Collect
We collect information in several categories to provide and improve our service:
4. Information You Provide Directly
When you create an account or use our service, you may provide:
- Account details: Name, email address, password, company name, and role
- Company information: Organization name, industry, facility locations, and operational details
- Billing and contact information: Payment details, billing address, and designated billing contacts
- Support communications: Messages, attachments, and correspondence submitted through our support channels
- Uploaded documents and data: Utility bills, invoices, freight records, supplier spreadsheets, and other files you upload for emissions processing
- Configuration choices: Organizational boundaries, emission factors, methodology selections, and reporting preferences
We process this information to deliver the service you requested, maintain your account, and communicate with you about our platform.
5. Information Collected Automatically
When you interact with our service, we may automatically collect:
- Usage and log data: Pages visited, features used, click patterns, session duration, and interaction timestamps
- Device and connection data: Browser type, operating system, IP address, screen resolution, and referring URL
- Performance data: Load times, error reports, and system performance metrics
We collect this information to ensure platform stability, diagnose issues, and improve user experience. We do not sell this data.
6. Information from Integrations and Third Parties
When you connect third-party services to Eco-Auditor, we may receive:
- Data from accounting integrations (e.g., QuickBooks, Xero) such as transaction records relevant to emissions calculations
- Data from shipping and logistics providers (e.g., UPS, FedEx) such as shipment records for freight emission estimates
- Data from cloud service providers for Scope 3 ICT emission calculations
We only access data you explicitly authorize through these integrations, and we process it solely for the purpose of generating emissions estimates within your account.
7. How We Use Information
We use the information we collect to:
- Provide, operate, and maintain the Eco-Auditor platform
- Process and organize uploaded documents and data into emissions records, estimates, and reports
- Operate AI-assisted features such as the Carbon Assistant for methodology guidance and classification suggestions
- Communicate with you about your account, billing, support requests, and product updates
- Improve our service, develop new features, and conduct internal analytics
- Detect, prevent, and address technical issues, security threats, and fraud
- Comply with applicable legal obligations
Where we process personal data of individuals in the European Economic Area or the United Kingdom, we rely on the following legal bases:
- Contract performance: Processing necessary to deliver the service you subscribed to
- Legitimate interests: Improving our service, preventing fraud, and ensuring security, where those interests are not overridden by your rights
- Consent: Where you have provided explicit consent for specific processing activities, such as optional marketing communications
- Legal obligation: Processing required to comply with applicable law
9. Data Retention
We retain your information for as long as your account is active or as needed to provide our services. After account termination:
- Account and billing data is retained for up to 90 days to allow reactivation and export
- Emissions records, reports, and audit trails are retained for the period specified in your subscription agreement, after which they are securely deleted unless you request earlier deletion
- We may retain anonymized, aggregated usage data indefinitely for service improvement
- Some data may be retained longer where required by law or for legitimate business purposes such as fraud prevention
10. Data Security
We implement appropriate technical and organizational measures to protect your information, including:
- Encryption of data in transit using TLS 1.2+
- Encryption of data at rest
- Role-based access controls and least-privilege principles
- Regular security assessments and vulnerability management
- Incident response procedures
- Employee confidentiality obligations
While we strive to protect your information, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security.
11. International Data Handling
Eco-Auditor is operated from the United States. If you are accessing our service from the European Economic Area, the United Kingdom, or other regions with data protection laws, please be aware that your information may be transferred to and processed in the United States.
Where required, we implement appropriate safeguards for international transfers, including Standard Contractual Clauses where applicable. EU-facing customers can request a Data Processing Addendum from our legal page.
12. Your Privacy Choices and Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you
- Correction: Request correction of inaccurate or incomplete personal data
- Deletion: Request deletion of your personal data, subject to lawful retention requirements
- Portability: Request transfer of your data in a structured, commonly used format
- Restriction: Request restriction of processing in certain circumstances
- Objection: Object to processing based on legitimate interests or for direct marketing
- Withdrawal of consent: Withdraw consent you have previously provided, without affecting the lawfulness of processing based on consent before its withdrawal
To exercise any of these rights, please contact us using the information in the Contact section below. We will respond within the timeframe required by applicable law.
13. California Privacy Rights
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the CPRA:
- Right to know: You can request information about the categories of personal information we have collected, the purposes, and the categories of third parties with whom we share it
- Right to delete: You can request deletion of personal information we have collected, subject to certain exceptions
- Right to correct: You can request correction of inaccurate personal information
- Right to opt out of sale or sharing: We do not sell personal information. Marketing cookies that may involve sharing for cross-context behavioral advertising are used only with your consent, and you can opt out at any time through the cookie preferences settings; we also honor Global Privacy Control signals
- Right to limit use of sensitive personal information: We do not collect or use sensitive personal information beyond what is necessary to provide our service
We are not a data broker and do not sell personal information. Our service is directed at businesses, and the personal information we process is primarily business-related rather than consumer-oriented.
Authorized agents may submit requests on your behalf, subject to verification.
14. How to Submit a Privacy Request
To submit a privacy request, exercise your rights, or ask questions about this policy, you may contact us through:
We will verify your identity before processing your request and respond within the timeframe required by applicable law, typically within 30 days. If more time is needed, we will notify you of the reason and the expected timeline.
16. Children's Privacy
Our service is intended for business use and is not directed at individuals under the age of 16. We do not knowingly collect personal information from children. If we learn that we have collected personal data from a child under 16, we will take steps to delete it promptly. If you believe we have inadvertently collected such information, please contact us.
17. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, features, vendors, or legal requirements. When we make material changes, we will:
- Update the "Last updated" date at the top of this page
- Provide notice through our service or by email for significant changes
- Obtain your consent where required by applicable law
Continued use of the service after changes become effective constitutes acceptance of the updated policy.
18. Contact Information
If you have any questions about this Privacy Policy or our data practices, please contact:
Developer312
Developer312 is a subsidiary of NIGHT LITE USA LLC.
Email: hello@developer312.com
Phone: (510) 401-1225