Privacy Policy

V1.5 (29/01/2026)

Published on 29 January 2026

This privacy policy (the “Policy”) describes how, when and why Treefera Operations Limited and its affiliates (“Treefera”, “we”, “us” or “our”) might collect, store, use, share or otherwise process your information. This may be when you access our website at www.treefera.com (“Website”), engage with us through email, events and social media or when you subscribe to and use our platform, through which we provide Treefera solutions and content, including our APIs, application(s), the underlying cloud infrastructure used by us, plugins, connectors, extensions, scripts and interfaces (collectively, the “Platform”). We may change this Policy from time to time, to reflect changes to our Platform or other reasons. We will keep this Policy up to date and accessible.


1. Clear Data, Clear Decisions, Clear Impact.

Transparency of data is at the core of what we do at Treefera so we strongly value, respect and strive to protect your data privacy. We are committed to keeping secure any information which we obtain from or about you. We only process your personal data when we believe it is strictly necessary or that we have a valid reason to do so, namely:

  • to fulfil contractual obligations: We may need certain personal data to fulfil our services contracts, such as in order to enter into a contract with you;
  • to comply with laws and regulations: In some cases, Treefera has a legal responsibility to collect and store your personal data (such as for anti money-laundering purposes, audit requirements, legal obligations);
  • for legitimate interests: Treefera may collect and use your personal data, or share it with other organisations, as necessary to provide, maintain and improve the Platform and/or our Website, including to improve security and protect against fraud; and
  • with your consent: Where you agree to Treefera collecting your personal data by providing consent, such as when you expressly accept the terms and conditions presented to you (through a tick-box or similar method) indicating that you are happy for us to use your personal data in a certain way.

Our duty to you: Treefera acts as a controller with respect to your personal data processed under this Policy (unless we say otherwise). This means we determine the ways in which we hold and use your personal data, as detailed in the Policy. While we may comply with and rely on local laws and regulations, we are committed to upholding the rigorous data protection standards under the “GDPR” (namely, the EU General Data Protection Regulation (Regulation (EU) 2016/679 and the UK GDPR ) across all of the Treefera entities, irrespective of their location, to ensure the highest level of data privacy for you. Throughout this Policy, terms such as 'personal data,' 'processor,' 'processing,' 'controller,' 'data subject,' and other defined terms used, align with the corresponding definitions provided by the GDPR, and are employed in conformity with the GDPR's definitions.

If you have any concerns or questions about your privacy rights and choices, please contact - privacy@treefera.com

2. How, why and when do we collect and use personal data?

a. When you access our Website

Monitoring visits to the website: When you visit our Website, we will request your consent to collect your personal data such as your IP address, browser information, device information and connection, user experience on the website, name, email, phone number, job level, industry, field expertise, employer, country, relevant persona(s). We will also automatically collect information about your use of the Website such as what type of content you engage, features you use and actions you take. We will use this information to provide you with relevant communications, improve overall experience on our Website or respond to your inquiries submitted through our Website, troubleshooting, data analysis, system maintenance, as well as in our legitimate interest to know our customers and continuously improve the Platform.

Analytics: We use third-party online analytics products (such as Google Analytics and Microsoft Clarity) which place third-party cookies and pixel tags to help us analyse and enhance the experience of those using our website, and to better market our Platform. Technical analytics such as your visit times, which pages you engage with, and session replays, will be included in this. For more information on how those third-party products may process your personal data, we encourage you to look at such third party’s own privacy policies.

Log information: We also collect log information (information that your browser automatically sends you when you use our website) such as internet protocol address, browser type and settings, data/time of visit, time zone setting, operating system and platform.

Report of abuse and incidents: If you report an abuse or security incident, or request the deletion of your account(s) through our website, we will process your name, email address and location information in order to respond to the request.

Cookies: When you access our Website, we use cookies to collect information about your navigation on our Website and to improve the Platform and online presence. Some of these cookies are necessary for the proper functioning of the Website, and other cookies are optional and assist us in enhancing and customising the Platform, and gaining insights into Website usage patterns. These cookies may identify you either directly (name, address, email) or indirectly (IP address) and also gather information and aggregated data relating to user actions, navigation and device information. For a full description of what type of cookies we use and how we use them, have a look at our Cookie Policy on www.treefera.com/cookie-policy.

b. when you subscribe to and use the Platform

Platform account creation and management: When you (on behalf of yourself or your company) create a new account with Treefera or upgrade an existing account, we will request certain information in order to grant your access and to maintain the account with up to date, accurate information. We will also use this information to contact you in relation to your order of Treefera solutions, invoices or a user management query. The personal data requested in this context includes but is not limited to the customer’s name (if applicable, ie the customer is typically an entity, not an individual or sole trader even where the End User(s) are individuals) and users’ name(s), email address, business address, contact number, country, language, job title(s), relevant industries, persona(s), and project manager details (where applicable). Treefera shall collect and store this information securely. Due to the nature of the Platform, a limited part of the customer’s account information (such as industry, country) may be visible to other users of the Platform.

When you subscribe to the Platform by entering into a Data Platform Licensing Agreement with us, we may collect and process billing information such as your bank name, bank number, country and other information. Any payment data will be processed in line with any third party payment processor’s own privacy notice.

Monitoring your use of the Platform: When you subscribe to the Platform, we collect and process certain information regarding your activity such as:

  • Log data (Information that your browser automatically sends when you use our Platform (internet protocol address, browser type and settings, data/time of request, how you interact with our Platform, which insights you access, and your downloads);
  • your usage data, including your User ID and details about how you interact with our Platform;
  • location data such as information about your device’s location (which may be precise or imprecise).

This data is collected for the legitimate purposes of ensuring the accessibility and functionality of, and improving, our Platform. How much information we collect will depend on the account type and device(s) being used to access the Platform. You can opt out of this at any time by refusing access to the information. Please note that if you choose to opt out of location data, you may experience reduced functionality on certain aspects of the Platform.

Beta or trial users: Please note that if you are a user of the Platform in any trial, free, Beta or similar version, please exercise caution and refrain from using sensitive data as these versions may have specific limitations concerning the use of personal data or other sensitive information.

Information collected through your ongoing use of the Platform: As a customer, depending on the applicable Treefera solutions and use cases which you subscribe to in your order(s) with us, we may collect and process (either directly from you, third party sources or other open sources), certain types of data which, either inadvertently or combined with other data, may personally identify you. These can include:

  • Project location data including project location details, areas of interest (AOI);
  • Land ownership details in the form of land boundaries and any related documentation provided by you;
  • Satellite data and images;
  • Drone data: (light detection and ranging (LiDAR) images;
  • Drone data: optical images;
  • Jurisdiction and Boundary data (open source commodity data for the areas within the jurisdictional boundaries);
  • Commodity characteristics (e.g. tree height, species, location);
  • Asset and carbon credit ownership details;
  • AI model output data.

In relation to all of the above, Treefera only obtains and processes this data for legitimate business needs and for the sole purpose of providing the Platform and our solutions to customers. Treefera does not obtain any data (directly or through third parties or other open sources) for the purpose of identifying individuals or other personal identifiers (e.g. car registration numbers, house numbers etc). In any case, should any of the above data (or similar other data obtained through the course of Treefera’s dealings with its customers and third parties for the purpose of the Platform or our solutions) inadvertently include personal identifiers, Treefera shall permanently and securely erase such parts of the data stored by us, in line with this Privacy Policy.

Third Party Products: If any part of the Offerings is integrated with third-party services or products, any personal data which you provide with respect to such third-party products may be visible to the third-party providers and will be processed in accordance with their own privacy policies. Treefera bears no liability in relation to such third-party services or products.

Technical Support: As part of our offering of solutions for our customers, we provide technical support for our Platform. The details and extent of this support will be made available to you on request when you subscribe to the Platform by entering into a Data Platform Licensing Agreement with us. If you request our support, we will process the personal data required for such support including name, email address, country, company or employer, job title and device ID, in accordance with our technical support policy. We may also process any voice data (with your consent) where support is provided using a remote system or telephone or video call. We shall process this data to provide the solutions under the contract with you, to administer and protect our business and improve our Platform (including user validation, troubleshooting, data analysis, system maintenance, testing, reporting and hosting of data). In providing the support, Treefera is concerned with technical data and therefore intends to limit its access to, and use of, personal data to only what is required to provide the solutions and support under its contracts with customers and requests that you limit the disclosure of any personal data to that strictly necessary.

c. Treefera marketing, events and communications

Attendance at events: When you attend a Treefera event (whether virtual or in person) we may collect personal data such as your name, email address, job title, industry, location, company, badge photograph, voice recordings, and identification documents when required by applicable laws and policies. This data is gathered for the purpose of event registration, providing event-related information before, during, and after the event, as well as seeking your feedback and addressing follow-up inquiries. We obtain this information only with your consent or when it's necessary to fulfil our legal and financial obligations or to comply with relevant laws and policies. During our events (or third party events in which we are participating), we regularly have videographers and photographers present to capture the guests and discussions or presentations based on our legitimate interests to document our events, market their success and to improve future events. The photos, videos, transcripts and recordings of our events are often used on our website, social media accounts and other marketing messaging. We’ll ask for your permission to take any video or photographs of you at the start of a Treefera event. You may also at any time prior to the event, opt out of photos, video recordings and voice recordings of you from the event by contacting us at privacy@treefera.com.


Marketing communications: We may collect information about you directly (for example, when you register your interest on our Website) or through third parties with your consent (such as external events) with respect to your name, contact details and other relevant information. This may be used to inform you about the Platform and our solutions, improve our sales strategy, enhance our prospect database, understand our customers, users and their industries or personas, and send you marketing communications through telephone or email communications. We shall only process such personal data based on either your explicit or implied consent (such as through your use of our solutions) or based on your legitimate interest provided that the applicable privacy laws permit this. We aim to limit our marketing communications to only those solutions, news or events which you have shown an interest in, or that we believe you would be interested in. Should you wish at any time to opt out of these marketing communications, you can do so by either clicking on the ‘unsubscribe’ link included in the relevant communication, or by contacting us directly at privacy@treefera.com. Please note that we may from time to time, use third party marketing communications and surveys to gather information, in which case the privacy policies of those third parties will apply.

Essential communications: Please note that should you opt out of marketing communications by the means set out above, Treefera may still contact you regarding your use of the Platform, billing queries, or to respond to your questions, queries or other issues with your customer account.

Call recordings: We may also collect recordings of calls you participate in, provided we obtain your consent before doing so. This helps us to better understand your customer requirements, for staff training and to resolve any potential disputes. We use third party tools such as Attention and Hubspot for any call recordings and implement policies to ensure such recordings and storage are in line with applicable laws.

Resellers: If you are a reseller of Treefera’s Platform, we may process your personal data such as your full name, company, industry, institution, job title, position or occupation, location, email, telephone number, and any other necessary information to perform the underlying Reseller Agreement and to create or manage your accounts if necessary.

Partner: If you are a partner of Treefera, we may process your personal data such as your full name, company, industry, institution, job title, position or occupation, location, email address, telephone number and any other information relevant to your partnership with us.

3. How do we share your personal data?

Treefera may share your personal data as set out below but shall not under any circumstances, sell this information to third parties or to advertisers. We take caution when contracting with any third party processors or other controllers and abide by the requirements of GDPR in relation to personal data transfers.

Suppliers: We may share your data with our trusted suppliers whom we engage to support the running of our business, including for the purposes of website and hosting, IT services, sales communications and customer relationship management.

Social media and other third party platforms: If you contact us through social media such as LinkedIn, Reddit, X, or other platforms, or access any third party platforms through our Website, please note that your personal data may be collected and processed by those third parties in accordance with their own privacy policies.

Legal requirements: We may share your personal data with government authorities, industry peers, fraud prevention agencies, courts, or other third parties if:

  • required by law to do so, or if in good faith we believe that such action is necessary to comply with a legal obligation;
  • to protect and defend our rights or property;
  • if we determine, in our sole discretion, that there is a violation of our terms, policies, or the law;
  • to detect or prevent fraud or other illegal activity;
  • to protect the safety, security and integrity of our products, employees or users, the public; or
  • to protect against legal liability.

Affiliates: We may disclose your personal data to our affiliates (meaning an entity that controls or is controlled by, or is under common control with, Treefera Ltd). Our affiliates shall use such personal data in a manner consistent with this Policy and our intercompany arrangements.

Enforcement purposes: We may share your personal data with third parties where necessary for enforcement or the collection of outstanding payments.

Business transfers: (reorganisation of the company structures, insolvency proceedings or transition of service to another provider). The disclosure of your personal data may be required for due diligence processes.

When we share your personal data with any third party, we shall take all reasonable contractual, legal, technical, and organisational measures to ensure that your personal data is treated with the adequate level of protection and in accordance with applicable law.

4. How do we transfer your personal data?

Treefera has a number of entities and service providers across the world. As part of our business, we may transfer your personal data between countries, including to countries that may not have similar privacy or data protection laws as your country of origin. We may transfer your personal data to our various entities and affiliates, and to our third party providers (including cloud storage providers and client management systems) located in the UK, EU and US. If at any time we are required to transfer your personal data to third party countries, we shall only do so in accordance with the applicable procedures and laws (such as entering into standard contractual clauses).

5. How do we keep your personal data safe and secure?

We implement and continuously review strict processes and security measures to protect your personal data at an organisational and technical level and take this responsibility very seriously. However, as with any electronic internet transmission or information platform, we cannot guarantee 100% security and safety from hackers, cybercriminals, or unauthorised third parties and we cannot accept liability for any incidents outside of our reasonable control.

6. How long do we store your personal data for?

We only keep your personal data for as long as necessary to fulfil the purposes outlined in this Privacy Policy) or otherwise required by law (tax, regulatory, accounting etc).

7. What choices and rights do you have in relation to your personal data?

Based on the applicable laws of your country, you may have certain rights to request access to any personal data which we collect from you, change that information or request that we delete it (provided there are no legal or regulatory requirements or reasons for us to maintain such information on our records). To exercise any of your rights under this section, please submit a request to privacy@treefera.com. Only you, or an agent you authorized to act on your behalf, may make a request to exercise these rights. We will need to verify your identity (and any authorization provided to your agent, if applicable) before we can process your request.

As a reminder, you have the choice to:

  • Decline to provide personal data when requested from you (please note that this may prevent you from using certain aspects of our Offerings or functionalities of the Website or becoming a customer).
  • Manage your cookie preferences at any time. Please see our Cookies Policy for further detail on what cookies we use and how you can withdraw or update your consent.
  • Update your communication preferences. Treefera may from time to time, send you updates about our Offerings or the wider market, advertisements, developments, event updates and other forms of communication. Such communications may include but are not limited to email, text messages and push notifications. You may withdraw consent or update your communication preference at any point by visiting your online account settings or getting in touch with us at privacy@treefera.com.
  • At any point, review the personal data which you have provided to us and update these by contacting us directly.

If you are based in the UK or EU, you have the following rights under law:

  • Right to be informed about how we process your personal data.
  • Right to obtain a copy of your personal data.
  • Right to rectification where we hold inaccurate or incomplete information about you.
  • Right to erasure where it is no longer necessary for us to process or hold the personal data Information for the purpose for which it was collected, or when you have withdrawn your consent. Please note that there may be certain legal or other obligations preventing us from immediately deleting some of your personal data.
  • Right to restrict or object to our processing of your personal data in certain circumstances, such as where you believe that the information is incorrect or that we are using your data unlawfully. You may also object to our processing where you believe that there are circumstances which would make such processing unlawful.
  • Right to challenge a solely automated decision made by Treefera if the decision carries with it legal or similarly significant effects.
  • Right to withdraw consent. Where we process your personal data based on your consent, you may withdraw this consent at any time by contacting us in writing or by requesting this via our website.

We are here to help if you have any questions. If you believe that we have processed your personal data in violation of the GDPR, please contact us at privacy@treefera.com. You also have the right to lodge a complaint with your national supervisory data protection authority. For the UK, this can be made at https://ico.org.uk/make-a-complaint/.


8. Treefera’s rights to change and update this Policy

We reserve the right to review and update this Policy from time to time. The updated version will be indicated by an updated "Revised" date and will take effect as of such “Revised” date. If we make material changes to this Policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification via email. We encourage you to review this Policy frequently to be informed of how we are protecting your information.

9. Contact us

If you have any questions or concerns about this Policy or your privacy rights, please contact us at privacy@treefera.com or for any other concerns, contact info@treefera.com .