Org Logo

Carbonbright's Trust Center

CarbonBright, Inc. recognizes that the confidentiality, integrity, and availability of the information and data we create, process, and host are fundamental to earning and maintaining the trust of our customers and partners.

As a technology provider supporting mission-critical product and sustainability data, we are committed to transparency in how we protect customer information. We clearly communicate our security practices, controls, and responsibilities so organizations can confidently rely on CarbonBright as a trusted platform.

CarbonBright has achieved SOC 2 Type II compliance, reflecting an independent assessment of our security controls and our commitment to maintaining a high standard of data protection over time.

This Trust Center provides an overview of how we safeguard data, manage risk, and continuously strengthen our security and compliance programs.

Compliances (3)

Compliance Logo

SOC 2

Compliant

Compliance Logo

GDPR

Compliant

Compliance Logo

CPRA (formerly CCPA)

Compliant

Controls

Continuously monitored

Product security (2)

Production System User Review

Situational Awareness For Incidents

Data security (7)

Identity Validation

Termination of Employment

Production Databases Access Restriction

Network security (4)

Transmission Confidentiality

Anomalous Behavior

Capacity & Performance Management

App security (4)

Conspicuous Link To Privacy Notice

Secure system modification

Approval of Changes

Endpoint security (5)

Malicious Code Protection (Anti-Malware)

Full Device or Container-based Encryption

Endpoint Security Validation

Corporate security (29)

Code of Business Conduct

Organizational Structure

Roles & Responsibilities

Resources (37)

Acceptable Usage Policy

Acceptable Usage Policy outlines proper use of company systems, tools, equipment and data to protect critical information.

Access Control Policy

Access Control Policy ensures that access to company assets is controlled based on business and security requirements.

Access Control Procedure

Access Control Procedure establishes a comprehensive framework for managing user access and controlling access to assets and information systems both within and outside the organization.

Subprocessors (4)

Subprocessor Logo

Google Workspace

IAM providers

Subprocessor Logo

Microsoft Azure

IT infrastructure

Subprocessor Logo

Zoho CRM

Customer Service

Subprocessor Logo

Github App

Development software

FAQ (4)

Start your compliance journey today | Powered by

Sprinto Logo