Privacy and Data Protection Policy 

​This Privacy Notice ("Notice") applies to personal data collected by Alga and its affiliated entities ("Alga", "we", "our", or "us") through its digital platforms, including but not limited to alga.earth and related subdomains (collectively, the "Websites"), applications, and services. This Notice outlines how we collect, use, share, and protect your personal information, in accordance with data protection laws including the General Data Protection Regulation (GDPR).

​

Who We Are

Alga is a platform that connects organizations of any size to a curated portfolio of global climate solutions. We are committed to protecting your privacy and ensuring transparency in handling your data. If you have questions about our data practices, please contact:

Alga (CNDD Consulting BR LTDA)
Rua Francisco Rocha 198, Batel, Curitiba - PR, Brazil. 80420-130
Email: contact@alga.earth

​

Changes to This Notice

This policy was last updated in April 2025. We may update this Notice periodically and will post any changes on our Website. If we have an ongoing

relationship with you, we will notify you directly.

​

Personal Information We Collect

We may collect the following types of data:

​

• Identity Information: Full name, job title, employer

• Contact Information: Email address, phone number, company address

• Financial Information: Payment details (if transacting)

• Technical Information: IP address, browser type, device details

• Usage Data: Interaction with our website, services, and features

• Marketing Preferences: Communications and opt-in data

​

How We Collect Data

We collect personal data:

• Directly from you when you fill forms, subscribe, or contact us

• Automatically via cookies and similar technologies on our Website

• From third-party sources, including marketing and analytics partners, and social media (subject to your settings) . 

 

How We Use Your Data

We use your data to:

• Deliver services, including climate portfolio matchmaking and reporting

• Respond to inquiries and manage accounts

• Improve user experience across our platforms

• Process transactions and issue certificates (e.g. VCU Retirements)

• Send relevant updates or opportunities, only with your consent

• Comply with legal or regulatory requirements

​

Legal Basis for Processing

Under GDPR, we rely on the following legal bases:

• Consent, when you opt in to communications

• Contract, when necessary for providing a service

• Legitimate interests, such as platform security or analytics

• Legal obligation, to comply with applicable laws

 

Data Sharing

We do not sell your personal data. We may share data with:

• Verified suppliers and partners for project certification purposes

• Regulators or authorities when legally required

• Service providers (e.g. cloud storage, analytics tools) under strict agreements

​

Retention Periods

We retain personal data only as long as necessary to fulfill the purposes outlined in this Notice or as required by law. For example, data linked to carbon certificate issuance may be retained to meet auditing and verification requirements.

 

Your Data Rights (GDPR)

You have the right to:

• Access your data

• Correct inaccurate information

• Request deletion (“right to be forgotten”)

• Object or restrict processing

• Withdraw consent

• Data portability

• Lodge complaints with a supervisory authority

 

To exercise these rights, reach our legal team at: contact@alga.earth

 

Security Measures

We protect your data using encryption, access controls, and regular audits. While no system is 100% secure, we take every reasonable step to prevent misuse or unauthorized access.

​

Children’s Privacy

Our services are intended for business use only and are not designed for individuals under the age of 18. We do not knowingly collect personal data from minors.

​

Contact Us

If you have questions or concerns about this policy or your personal data, please reach out: 📧 contact@alga.earth