Privacy Policy

This Privacy Policy is used to inform you of how and why we obtain, collect, store and transfer your information and how you can access, manage, delete and update that information. A version of this policy is available on our websites. The International Carbon Registry (ICR) is committed to protecting your privacy and provide a safe online experience. This Privacy Policy applies to the website, registry platform, and any other web properties owned or operated by ICR (collectively, the “Site”) and governs data collection and usage by ICR.  By using the Site, you consent to collecting, storing, and disclosing your personal information as described in this Privacy Policy.  If you do not agree to the practices in this Privacy Policy, please do not use this Site.  Each time you use this Site, the current version of the Privacy Policy will govern your use.  Accordingly, when you use this Site, you should check the date of this Privacy Policy (which appears at the top) and review any changes since the last version.

This Privacy Policy only applies to information collected through the Site; it does not apply to any information that other Site users may collect, such as through email communications between you and another user.  If you disclose your information to other Site users, different rules may apply to their use or disclosure of your personal information.  ICR does not guarantee the privacy or security of the personal information you provide to others.  We, therefore, encourage you to evaluate the privacy and security policies of the other Site user before sharing your information.  You should also review the privacy statements of websites that have links within the Site and which you choose to navigate from the Site to understand how those websites collect, use, and share your information.  ICR is not responsible for the privacy statements or other content on websites outside of the Site.

Who are We? This Privacy Policy applies to International Carbon Registry (ICR).

Jurisdiction This Privacy Policy has been implemented to comply with the following regulation:

Regulation (EU) 2016/679 the (European Union) General Data Protection Regulation (GDPR). The GDPR is effective as of 25 May 2018.

What Information do We Collect? We collect several types of information and data. Unless otherwise stated, all the personal data we obtain has been supplied by you, having given your consent.  We use this information to provide you with information, updates, services, and for business administrative purposes. We do not sell your information or data to third parties (other than in the course of a business sale, purchase, or similar event).

Personal Information We collect the following types of information that you supply to us, depending on the kind of service you require. The data we collect may include your name, address, email address, contact number, dates of services provided, type of service provided.

Newsletters and Updates Through our websites, you have the option of receiving updates, newsletters, and occasional marketing material from relevant third parties and us. You can also sign up to receive information by contacting us, or on occasion, passing on your business card or details at events. You will be notified via email of your preferences, and you able to unsubscribe immediately if you choose to do so.

Cookies and Tracking We use cookies and web beacons to provide services to you and analyze how users interact with our website. We use cookies to save your preferences and login information and to personalize your visit. We may use cookies to collect, store and track interactions with our website for statistical and performance purposes. You can change your browser settings to block and remove cookies, but this may affect how our website performs on your device. Click here for Cookies information and instructions on how to change your browser settings. Web beacons are used in the emails we send out from our Third-party email provider. Web beacons measure information on how people interact with our emails. This provides us with information on how to create valuable and relevant information. We also use Google Analytics to track traffic statistics from our website anonymously. To find out what information Google collects, how it operates and how to control the information sent to Google, see their Privacy Policy. The information collected is used to provide an overview of how people access and use our websites. It is not used for profiling purposes.

Membership sign up When signing up for an ICR Registry Account, we collect personal data on you and your business, including but not limited to you, your business partners, directors. This information supplied to us by you can include full legal name, DOB, address, email, contact details, business name, and registered address, identification documents, bank account details, IP Address and any other Know Your Client (KYC) information that we collect to process your application.

Disclosure of your Personal Information ICR will disclose your personal information if required to do so by law or in the good faith belief that such action is necessary to:

  • conform to legal requirements or comply with legal process served on ICR or the Site;
  • protect and defend the rights or property of ICR;
  • enforce our policies;
  • respond to claims that a listing or other content violates the rights of others;
  • protect the personal safety of users of ICR or the public; or
  • to report suspected illegal activity. 

All such information will be disclosed in accordance with applicable laws and regulations.

Third-Party Information supplied to us Occasionally we obtain information about you from third parties. This is only done when we need to complete due diligence checks on you and your business when signing up for an ICR Registry Account. For further information, see the Terms and Conditions supplied to you when applying for a Registry account. Occasionally, to verify the information we hold about you or obtain missing information, we might obtain information about you from certain publicly accessible sources in the EU and non-EU.

Transfer and Storage of your Information ICR may share your personal information with service providers under contract with ICR to help with our business operations. Such service providers will be required to maintain the privacy of your information in a manner at least as restrictive as this Privacy Policy.

Your Rights Regarding Your Information You have the right to:

  • Access your information and receive information on how it is used;
  • Have your information corrected and/or completed;
  • To have your information deleted (within reason);
  • To restrict and object to the use and processing of your information;
  • To receive your information in a portable format (within reason);
  • To withdraw your consent to the use of your information.

Verifying your identity where you request access to your information Where you request access to your information, we use all reasonable measures to verify your identity before doing so. We will use any measure necessary to protect your information, reduce the risk of identity theft and any general unauthorized access to your information. We will endeavor to fulfill your request to access your data, but we will be unable to process those requests under certain circumstances. These may include nuisance requests, unauthorized requests, or exposing another individual’s information if releasing your information.

Sensitive Personal Information We do not knowingly or intentionally collect “sensitive personal information,” which includes information that may identify your racial or ethnic origin, political opinions, religious or philosophical beliefs, genetic information, biometric information, information about sex life, sexual orientation, or health. Please do not submit your personal information to us. We will use all reasonable efforts to delete any data that we may have erroneously collected.

Data Security and Retention We use multiple security measures to protect your personal data. These include but are not limited to: physical, electronic, internal, and external policies and procedures. All personal data is collected and stored on a secure server.

We retain personal data only for as long as necessary to provide the services you have requested. Due to the nature of our services, we may retain your personal data for a longer period. These reasons may include but are not limited to:

  • Safeguard the transparency, integrity of the Registry.
  • They are mandated by law.
  • For resolving, defending, or enforcing our legal/contractual rights.
  • They are needed to maintain financial records.

Changes We may change this Privacy Policy from time to time. The most recent version of this policy is reflected in the version date at the beginning of this policy. All changes are effective immediately unless otherwise stated. We encourage you to review this Privacy Policy page from time to time to ensure you are kept updated on any changes.

Age Restrictions Our services and the interactions with our websites are not intended to be used, nor have they been designed to entice individuals under 18 years old. If you know of or have reason to believe anyone under the age of 18 has provided us with personal data, please contact us. We will use all reasonable efforts to delete any data that we may have erroneously collected on behalf of anyone under 18.

Contact us

If you have any questions or concerns, you can contact us as below

International Carbon Registry (ICR)
phone: +354 864 2388
post: Sundagarðar 2, 104 Reykjavík, Iceland

We will respond to your request or concerns within thirty (30) days.

Data Protection Authority If you are a resident of the European Economic Area (EEA) and you have any concerns about how we collect and process your data, you have the right to contact the lead supervisory authority in the EEA.