Skip to main content

Privacy Policy

Last updated: June 12, 2026

1. Introduction

Developer312 ("we," "us," or "our") operates the Eco-Auditor platform, a carbon accounting and emissions management service. This Privacy Policy describes how we collect, use, disclose, and protect information when you use our service.

By accessing or using Eco-Auditor, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this policy, please do not access the service.

This policy applies to all users of Eco-Auditor, including account holders, team members invited by account holders, and visitors to our website.

2. Who We Are

Developer312 is a subsidiary of NIGHT LITE USA LLC. We provide the Eco-Auditor platform from the United States.

Contact information:

3. Information We Collect

We collect information in several categories to provide and improve our service:

4. Information You Provide Directly

When you create an account or use our service, you may provide:

  • Account details: Name, email address, password, company name, and role
  • Company information: Organization name, industry, facility locations, and operational details
  • Billing and contact information: Payment details, billing address, and designated billing contacts
  • Support communications: Messages, attachments, and correspondence submitted through our support channels
  • Uploaded documents and data: Utility bills, invoices, freight records, supplier spreadsheets, and other files you upload for emissions processing
  • Configuration choices: Organizational boundaries, emission factors, methodology selections, and reporting preferences

We process this information to deliver the service you requested, maintain your account, and communicate with you about our platform.

5. Information Collected Automatically

When you interact with our service, we may automatically collect:

  • Usage and log data: Pages visited, features used, click patterns, session duration, and interaction timestamps
  • Device and connection data: Browser type, operating system, IP address, screen resolution, and referring URL
  • Performance data: Load times, error reports, and system performance metrics

We collect this information to ensure platform stability, diagnose issues, and improve user experience. We do not sell this data.

6. Information from Integrations and Third Parties

When you connect third-party services to Eco-Auditor, we may receive:

  • Data from accounting integrations (e.g., QuickBooks, Xero) such as transaction records relevant to emissions calculations
  • Data from shipping and logistics providers (e.g., UPS, FedEx) such as shipment records for freight emission estimates
  • Data from cloud service providers for Scope 3 ICT emission calculations

We only access data you explicitly authorize through these integrations, and we process it solely for the purpose of generating emissions estimates within your account.

7. How We Use Information

We use the information we collect to:

  • Provide, operate, and maintain the Eco-Auditor platform
  • Process and organize uploaded documents and data into emissions records, estimates, and reports
  • Operate AI-assisted features such as the Carbon Assistant for methodology guidance and classification suggestions
  • Communicate with you about your account, billing, support requests, and product updates
  • Improve our service, develop new features, and conduct internal analytics
  • Detect, prevent, and address technical issues, security threats, and fraud
  • Comply with applicable legal obligations

Where we process personal data of individuals in the European Economic Area or the United Kingdom, we rely on the following legal bases:

  • Contract performance: Processing necessary to deliver the service you subscribed to
  • Legitimate interests: Improving our service, preventing fraud, and ensuring security, where those interests are not overridden by your rights
  • Consent: Where you have provided explicit consent for specific processing activities, such as optional marketing communications
  • Legal obligation: Processing required to comply with applicable law

8. How We Share Information

We do not sell your personal data. We may share information in the following circumstances:

Service Providers and Subprocessors

We engage third-party service providers who process data on our behalf to deliver our service. These providers are contractually obligated to process data only as instructed and to maintain appropriate security measures. Categories include:

  • Cloud hosting: Infrastructure providers that host our application and data
  • Payments and billing: Payment processors such as Stripe, Inc. to handle subscription billing
  • Analytics: Service-level monitoring and aggregated usage analytics
  • Communications: Email delivery and notification services
  • Support: Customer support platforms that process support communications

Our current subprocessor list is available upon request. We will notify customers of material changes to our subprocessors.

Compliance and Legal Requirements

We may disclose information when required by law, regulation, legal process, or governmental request, or when we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.

9. Data Retention

We retain your information for as long as your account is active or as needed to provide our services. After account termination:

  • Account and billing data is retained for up to 90 days to allow reactivation and export
  • Emissions records, reports, and audit trails are retained for the period specified in your subscription agreement, after which they are securely deleted unless you request earlier deletion
  • We may retain anonymized, aggregated usage data indefinitely for service improvement
  • Some data may be retained longer where required by law or for legitimate business purposes such as fraud prevention

10. Data Security

We implement appropriate technical and organizational measures to protect your information, including:

  • Encryption of data in transit using TLS 1.2+
  • Encryption of data at rest
  • Role-based access controls and least-privilege principles
  • Regular security assessments and vulnerability management
  • Incident response procedures
  • Employee confidentiality obligations

While we strive to protect your information, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security.

11. International Data Handling

Eco-Auditor is operated from the United States. If you are accessing our service from the European Economic Area, the United Kingdom, or other regions with data protection laws, please be aware that your information may be transferred to and processed in the United States.

Where required, we implement appropriate safeguards for international transfers, including Standard Contractual Clauses where applicable. EU-facing customers can request a Data Processing Addendum from our legal page.

12. Your Privacy Choices and Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete personal data
  • Deletion: Request deletion of your personal data, subject to lawful retention requirements
  • Portability: Request transfer of your data in a structured, commonly used format
  • Restriction: Request restriction of processing in certain circumstances
  • Objection: Object to processing based on legitimate interests or for direct marketing
  • Withdrawal of consent: Withdraw consent you have previously provided, without affecting the lawfulness of processing based on consent before its withdrawal

To exercise any of these rights, please contact us using the information in the Contact section below. We will respond within the timeframe required by applicable law.

13. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the CPRA:

  • Right to know: You can request information about the categories of personal information we have collected, the purposes, and the categories of third parties with whom we share it
  • Right to delete: You can request deletion of personal information we have collected, subject to certain exceptions
  • Right to correct: You can request correction of inaccurate personal information
  • Right to opt out of sale or sharing: We do not sell personal information. Marketing cookies that may involve sharing for cross-context behavioral advertising are used only with your consent, and you can opt out at any time through the cookie preferences settings; we also honor Global Privacy Control signals
  • Right to limit use of sensitive personal information: We do not collect or use sensitive personal information beyond what is necessary to provide our service

We are not a data broker and do not sell personal information. Our service is directed at businesses, and the personal information we process is primarily business-related rather than consumer-oriented.

Authorized agents may submit requests on your behalf, subject to verification.

14. How to Submit a Privacy Request

To submit a privacy request, exercise your rights, or ask questions about this policy, you may contact us through:

Developer312 Privacy Team

Email: hello@developer312.com

Phone: (510) 401-1225

We will verify your identity before processing your request and respond within the timeframe required by applicable law, typically within 30 days. If more time is needed, we will notify you of the reason and the expected timeline.

15. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to operate our service, maintain session state, and analyze usage patterns. Categories of cookies we use include:

  • Essential cookies: Required for authentication, security, and basic service functionality
  • Analytics cookies: Help us understand how users interact with our service so we can improve it
  • Preference cookies: Remember your settings such as theme preferences
  • Marketing cookies: Used only with your consent to support marketing activities such as personalized advertising; these are off by default

Analytics, preference, and marketing cookies are set only if you consent to them. You can grant or withdraw consent at any time through the cookie preferences settings on our site or manage cookies through your browser settings. We also honor Global Privacy Control (GPC) and Do Not Track browser signals. Disabling essential cookies may affect service functionality.

16. Children's Privacy

Our service is intended for business use and is not directed at individuals under the age of 16. We do not knowingly collect personal information from children. If we learn that we have collected personal data from a child under 16, we will take steps to delete it promptly. If you believe we have inadvertently collected such information, please contact us.

17. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, features, vendors, or legal requirements. When we make material changes, we will:

  • Update the "Last updated" date at the top of this page
  • Provide notice through our service or by email for significant changes
  • Obtain your consent where required by applicable law

Continued use of the service after changes become effective constitutes acceptance of the updated policy.

18. Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact:

Developer312

Developer312 is a subsidiary of NIGHT LITE USA LLC.

Email: hello@developer312.com

Phone: (510) 401-1225

We value your privacy

We use cookies to keep you signed in and to understand how the site is used. We do not use cookies for personalized advertising and we do not sell your data. Learn more