Privacy Policy

Climate Passport Privacy Policy

This policy explains how Climate Passport collects, uses, shares, retains, and protects personal data across applications, programs, credentials, and identity services.

1. Our Privacy Commitment

Climate Passport is a trusted digital identity and sustainability record platform for the climate era. We process personal data with respect, protection, and accountability.

  • Lawful, fair, and transparent processing
  • Purpose limitation and data minimization
  • Security controls and user rights pathways

2. Scope

This policy applies to Climate Passport website features, applications, events, learning programs, credentials, and related communications.

Project-specific privacy notices may also apply. Where they differ, the more specific notice applies.

3. Controller / Processor Roles

  • Climate Passport for platform account and identity processing
  • SHCW hosts/organizers for project operations
  • Necessary delivery partners and technical processors

4. Data We Collect

CategoryExamplesPrimary purpose
Identity & contactName, email, phoneAccount and communication
Education backgroundSchool, grade, experienceApplication review
Application materialsForms, essays, portfolioSelection and operations
Platform recordsClimate Passport ID, login logsSecurity and verification

5. Purposes & Legal Bases

  • Account and Climate Passport ID management
  • Program application, review, admission, and waitlist operations
  • Operational communications and certificate issuance
  • Platform security and compliance obligations

6. Children and Minors

If the applicant is a minor, parent or legal guardian awareness and consent is required before submission.

7. AI and Automated Processing

AI may support categorization and operations, but meaningful human review remains in decisions with significant impact.

8. Sharing and Processors

We do not sell personal data. Sharing is limited to necessary project delivery, legal compliance, or your explicit consent.

9. Cross-Border Transfers

Where transfers occur, we use legally valid mechanisms and require equivalent safeguards from recipients.

10. Retention

We retain data only as long as necessary for stated purposes or legal obligations.

11. Security

We use encryption, access controls, logging, monitoring, and incident response measures.

12. Your Rights

  • Access
  • Correction
  • Deletion
  • Withdraw consent
  • Objection / Restriction
  • Complaint

13. US/California Notice

Where applicable, you may have additional rights under state privacy laws.

14. Cookies

Cookies and similar technologies may be used for security, session management, and performance.

15. Updates

We may update this policy and will provide notice for material changes.