Last updated: 27 May 2026. This policy explains how DJRD Ltd collects, uses, and protects your personal data when you use the Emissio platform. Please read it carefully.
The data controller is DJRD Ltd, a company registered in England and Wales, operating the Emissio carbon reporting platform at emissio.tech.
DJRD Ltd is not required to appoint a Data Protection Officer. If you have questions about how we handle your data, please contact us at hello@emissio.tech.
You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection, at ico.org.uk. We would however appreciate the opportunity to address your concerns directly first.
We collect the following categories of data when you use Emissio:
(a) Contact information — your email address, collected when you request to save your progress or download a report.
(b) Company information — your company name, sector, employee band, and reporting year, collected during the calculator flow.
(c) Operational data — energy consumption, fuel use, travel data, and supply chain spend that you enter into the calculator. This data is used solely to generate your carbon report.
(d) Payment information — payment is processed by Stripe. We do not store your card details. We receive confirmation of payment and a transaction reference from Stripe.
(e) Usage data — standard server logs including IP address, browser type, and pages visited. Used for security and performance monitoring only.
(f) Session data — a session identifier stored in your browser to allow you to save and resume your progress. This contains only your profile settings until payment is completed.
(g) Cookie data — see our Cookie Policy section below for full details.
(a) To generate your carbon report — your operational data is used to calculate your emissions and produce your PDF report.
(b) To deliver your report — your email address is used to send you your completed report and any session recovery links you request.
(c) To process payment — your payment details are passed directly to Stripe for secure processing.
(d) To maintain an audit trail — we log each calculation with its input data, emission factors applied, and results. This audit trail is included in your report and stored securely.
(e) To improve the platform — anonymised, aggregated usage data may be used to improve sector default values and the Emissio service generally. No individual carbon data is used for this purpose without anonymisation.
We will never use your data for marketing purposes without your explicit consent. We do not use your data to train artificial intelligence models. We do not sell your data to third parties under any circumstances.
(a) Contract performance — processing your operational data and delivering your report is necessary to fulfil the contract between us when you purchase a report.
(b) Legitimate interests — maintaining security logs, preventing fraud, and improving the platform are in our legitimate interests, provided these do not override your privacy rights.
(c) Consent — where you choose to save your progress by providing your email address, or where we set non-essential cookies, we process that data on the basis of your consent. You may withdraw this consent at any time by contacting hello@emissio.tech.
(d) Legal obligation — we may process data where required to comply with a legal obligation, including HMRC requirements for financial records.
(a) Carbon reports and the operational data used to generate them are retained for 7 years from the date of generation, in line with UK business record-keeping requirements.
(b) Email addresses collected for session recovery are deleted after 90 days if no report is purchased.
(c) Payment transaction records are retained for 7 years in accordance with financial record-keeping requirements.
(d) Server logs are retained for 90 days.
You may request deletion of your data at any time by contacting hello@emissio.tech. We will comply unless retention is required by law.
We do not sell your data. We share your data only with the following service providers who process it on our behalf under data processing agreements:
(a) Supabase — our database provider, used to store your report data securely. Data is stored in the EU (eu-west-1, Ireland).
(b) Stripe — our payment processor. Stripe processes your payment details under their own privacy policy and PCI DSS compliance framework.
(c) Resend — our email delivery provider, used to send you your report and session links.
(d) Vercel — our hosting provider, used to serve the Emissio platform. Data may be processed in the US under standard contractual clauses.
We do not share your operational data with any other third parties. We do not use your data for advertising. We do not pass your data to AI service providers or use it to train machine learning models.
Vercel may process data outside the UK. Where this occurs, we ensure appropriate safeguards are in place including standard contractual clauses approved by the UK Information Commissioner. Supabase stores data within the EU under UK GDPR adequacy arrangements.
Under UK GDPR, you have the following rights regarding your personal data:
(a) Right of access — you may request a copy of the personal data we hold about you.
(b) Right to rectification — you may request correction of inaccurate data.
(c) Right to erasure — you may request deletion of your data, subject to our legal retention obligations.
(d) Right to restriction — you may request that we restrict processing of your data in certain circumstances.
(e) Right to portability — you may request your data in a machine-readable format.
(f) Right to object — you may object to processing based on legitimate interests.
(g) Right to withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, please contact hello@emissio.tech. We will respond within 30 days.
Emissio uses the following cookies and browser storage:
(a) Strictly necessary — essential for the platform to function. These cannot be disabled. They include session identifiers used to maintain your calculator progress and security tokens.
(b) Performance cookies — used to understand how visitors use the site so we can improve it. These are only set with your consent. We use Vercel Analytics for this purpose.
(c) Local storage — we use your browser's local storage to save your calculator progress locally on your device. This data is not transmitted to our servers until you complete payment.
We do not use advertising cookies, tracking pixels, social media cookies, or any cookies for the purposes of targeting or profiling. You can manage your cookie preferences at any time using the cookie settings panel on this site, or by clearing your browser cookies and local storage.
For more information about cookies generally, visit allaboutcookies.org.
(a) All data transmitted to and from Emissio is encrypted using TLS.
(b) Database access is restricted to authorised service accounts only, with row-level security enforced.
(c) Stripe handles all payment processing — we never see or store your card details.
(d) We conduct regular reviews of our security practices.
Despite these measures, no system is completely secure. If you become aware of a security issue, please contact hello@emissio.tech immediately.
We do not send marketing emails. We will only contact you in relation to your carbon report, session recovery links you have requested, or responses to enquiries you have made. If this changes in future, we will obtain your explicit consent before sending any marketing communications.
The Emissio platform is intended for business use only and is not directed at individuals under the age of 18. We do not knowingly collect data from children.
We may update this privacy policy from time to time. The date at the top of this page indicates when it was last updated. We will notify users of material changes by email where we hold your email address.