Website preview

Privacy Policy

Privacy Policy


Earthbanc AB, a company incorporated in Sweden with company number 559213-7839 whose registered office is at Eriksbergsgaten 6, 6 tr Stockholm 114 30 Sweden, and EarthPay Ltd is a company incorporated in the UK and is committed to protecting your privacy. We act as controller according to applicable data protection laws. At all times we aim to respect any personal information you share with us, or that we receive from other organizations, and keep it safe.

This Privacy Policy describes how your personal information is collected, used, shared and protected when you visit or make a donation and/or (future) investments to and This policy is a supplement to our Terms & Conditions.

Earthbanc AB collects and uses personal data on a strictly legal basis. In most cases the basis is that you have given us permission to hold and use your data. We use the data to keep you informed of our work - we aim to send you the information that you have told us that you would like. This statement summarises the key points about how Earthbanc AB collects and uses personal data and how we ensure compliance with the relevant laws and regulations, including the General Data Protection Regulation (GDPR).

Personal data is information which relates to an individual and from which he or she can be identified either directly or indirectly through other data which Earthbanc AB has or is likely to have in its possession. By submitting personal data to Earthbanc AB, you consent to its collection and use, as set out in this Privacy Policy.

We use up-to-date procedures to keep personal data as safe and secure as possible and to protect against unauthorised access, disclosure or loss. Where data is transferred electronically by Earthbanc AB we will do our best to keep the data secure and try to prevent unauthorised access. Earthbanc AB will not lease, distribute or sell personal information to third parties other than distribution to other Earthbanc AB branches for administration purposes, unless required by law.



Earthbanc AB is the data controller of the personal data we process and therefore is responsible for ensuring its systems, processes, suppliers and its employees comply with data protection laws in relation to the information it handles.

Any individuals involved in the management and administration of Earthbanc AB must abide by this policy when handling personal data and must ensure they are fully informed as to the relevant data protection requirements.

Personal Data collected

The personal information we collect may include: your name, your location, your email address(es), your telephone number(s), your address, your family members (if you wish us to show you as one household), your donations (if any).

We do not collect or store any sensitive personal data (for example, religion or ethnicity). We assume that any information you supply to us is accurate and up-to-date, and that you will inform us if any such information requires removal or updating.


How we collect your personal information

Earthbanc AB collects personal data in order to communicate with those who wish to receive communications, attend events, and/or support us financially. We will never process your personal data for any purpose other than for the communications you have chosen to receive. However, please note that we retain the right to contact you on an individual basis where there is a legitimate reason for doing so.

We collect your data when you contact our Sales or Customer Success teams, who keep a record of this communication, including your contact details and other information you share during the time of the communication. We store this information to help us keep track of the inquiries we receive from you and other customers. This helps us to improve our product and services. This information helps us to provide better ongoing support to you and our other customers and may also be used for training purposes. 

If you attend an event, we may collect and retain your business card for future interaction with you.

When you visit the Site and other Earthbanc AB applications, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. When we talk about “Personal Information” in this Privacy Policy, we are talking both about Device Information and Order Information. Additionally, as you browse the Site, we collect information about the individual web pages that you view, what sites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information.”

We collect Device Information using the following technologies:

- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. You can find more information about cookies and how to disable them here.
- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.



When you make a donation or purchase something from our marketplace, as part of the buying and selling process, we collect the personal information you give us such as your name, address, and email address.

We save this information in order to have a record of who has made donations or purchases, to aggregate total donations per person, and so that we can send out receipts as needed.

We will never trade, share, or sell your personal data with anyone, it will only be used within the organization and its parent or associated companies relevant to Earthbanc AB. Should we become aware of any kind of breach in our data systems where your personal information may be compromised, we will immediately notify you.

When you browse our site, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.

We also use the Device Information mentioned above to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the the success of our marketing and advertising campaigns).

We also use Google Analytics to help us understand how our visitors use the Site. You can read more about how Google uses your Personal Information here. You can also opt-out of Google Analytics here.

Additionally, we may use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page here. You can opt-out of some of these services by visiting the Digital Advertising Alliance’s opt- out portal here.


Analytics tools

When visiting our site, statistical analyses may be made of your surfing behavior. This happens primarily using cookies and analytics. The analysis of your surfing behavior is usually anonymous, i.e. we will not be able to identify you from this data. You can object to this analysis or prevent it by not using certain tools.


Your rights

You may ask us to verify, update and delete the information Earthbanc AB holds by contacting us. We will act upon your request in a timely manner (not more than 40 days).



When you provide us with personal information to complete a donation or transaction, sign up for a subscription plan, sign up for our newsletter, sign up to become a business partner or a founding member, or join our network of planting partners, your information will be stored in our email platform so that we can send you project updates, news, or other messages via email. When you take certain actions, such as submitting your first contribution as a new business partner, you will be tagged in our system to receive some automated communications based on those actions. This helps ensure that you get only the most appropriate emails, and that we can properly categorize individuals to receive content relevant to you.

Our emails are generally sparse and we take care not to bombard you with too much information or marketing. You can unsubscribe at any time at the bottom of any email, or simply contact us at in order to be removed from these lists.



To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.

If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards. Where a Data Subject is located in the European Economic Area, that Data Subject’s Personal Data may be processed by Stripe, Paypal, Shopify’s Irish affiliate, Shopify International Ltd and other third-party services. As part of providing the Services, this Personal Data may be transferred to other regions, including to Canada and the United States. Such transfers will be completed in compliance with relevant Data Protection Legislation. We will always hold your information securely. To prevent unauthorized disclosure or access to your information, we have implemented strong physical and electronic security safeguards. Any personal information we hold about you is stored and processed under our data protection policy, in line with the Data Protection Act 1998 and related legislation. We also follow stringent procedures to ensure that any work that involves processing personal data is carried out in line with the Act.

We also have in place robust procedures for notifying the authorities, and you, in the unlikely event of a data breach.



You may be required, when you use certain features of our Services, to create a username and password. If we determine that the user name you have chosen is in use by someone else or it is otherwise offensive, we may refuse to allow you, in our sole discretion, to use your chosen user name. In addition, you are responsible for maintaining the confidentiality of your password and you are responsible for all uses of your user name, whether or not you authorise such uses. You agree to notify us of any unauthorised use of your username and password. We are not responsible for verifying your identity or the identity of anyone who uses your account, and we are not liable for any loss or damage as a result of your failure to protect your password. You agree that any registration information you provide will be true and accurate, and that you will update it, as is necessary to keep it current. We reserve the right to automatically log you out of your account after such a period of inactivity as we determine is reasonable, in the circumstances.



When you provide us with personal information to make a contribution or complete a transaction, create an account, verify your credit card, or use a web form to receive information, we imply that you consent to our collecting it and using it for that specific reason. If you would like to withdraw your consent or request that we delete your personal information at any time, you may contact us at to let us know. If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us.

Additionally, if you are a European resident we note that we are processing your information in order to fulfil contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States for processing. When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.



You can request your personal data by emailing us at

Should you send us questions to this email address, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission. We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed. We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.

By sending us an email, you also consent to having Earthbanc AB and EarthPay Ltd collect your email so that they can send you your requested info.



If you would like to receive a newsletter, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter. No additional data is collected or is only collected on a voluntary basis. This may be shared with third parties providers for the purpose of issuing the newsletter, such as Mailchimp or Pipedrive. If you no longer wish to receive the newsletter, please click the ‘Unsubscribe’ link at the bottom of the newsletter. If you wish for your personal data to be deleted, please email The data processed before we receive your request may still be legally processed. Data we have stored for other purposes (e.g. email addresses for the members' area) remain unaffected unless specifically requested.



The site provider automatically collects and stores information that your browser automatically transmits to us in “server log files”. These are browser type and browser version, operating system used, referrer URL, host name of the accessing computer, Time of the server request and IP address. These data will not be combined with data from other sources. The basis for data processing is Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.



We may disclose your personal information if we are required by law to do so or if you violate our Terms & Conditions. We will never disclose your personal information publicly.



Via our operating companies EarthPay Ltd and/or Earthbanc AB, we are using Stripe payment, and potentially other payment technologies such as PayPal, which adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard etc. For more information about Stripe’s Privacy Policy please visit For Paypal’s privacy policy please visit



In general, the third-party providers used by us will only collect, use, and disclose your information to the extent necessary to allow them to perform the services they provide to us. However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your contribution or purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers. In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located. As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act. Once you leave our site or are redirected to a third-party site or application, you are no longer governed by this Privacy Policy or our site’s Terms & Conditions. When you click on links on our Site, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.

Google Analytics

This site uses Google Analytics, a web analytics service. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and that allow an analysis of the use of the site by you. The information generated by the cookie about your use of this site is usually transmitted to a Google server in the USA and stored there. Google Analytics cookies are stored based on Art. 6 (1) (f) DSGVO. The site operator has a legitimate interest in analyzing user behavior to optimize its site. We have activated the IP anonymization feature on this site. Your IP address will be shortened by Google within the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases is the full IP address sent to a Google server in the US and shortened there. Google will use this information on behalf of the operator of this site to evaluate your use of the site, to compile reports on site activity, and to provide other services regarding site activity and Internet usage for the site operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.

You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this site. You can also prevent the data generated by cookies about your use of the site (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link: . You can prevent the collection of your data by Google Analytics by clicking on this link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site: Disable Google Analytics

We have entered into an agreement with Google in accordance with Art. 28 DSGVO for the outsourcing of our data processing and implementing the requirements of the German data protection authorities when using Google Analytics. For more information about how Google Analytics handles user data, see Google’s privacy policy:

Google Web Fonts

For a uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly. When you call up a page of our site that contains a social plugin, your browser makes a direct connection with Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our site. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO. If your browser does not support web fonts, a standard font is used by your computer. Further information about handling user data, can be found at and in Google’s privacy policy at

Google Maps

This site uses the Google Maps map service via an API. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.To use Google Maps, it is necessary to save your IP address. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. The use of Google Maps is in the interest of making our site appealing and to facilitate the location of places specified by us on the site. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO. Further information about handling user data, can be found in the data protection declaration of Google at

Google reCAPTCHA

We may use Google reCAPTCHA; (hereinafter reCAPTCHA) on our sites. This service is provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (Google). reCAPTCHA is used to check whether the data entered on our site (such as on a contact form) has been entered by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the site visitor based on various characteristics. This analysis starts automatically as soon as the site visitor enters the site. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, how long the visitor has been on the site, or mouse movements made by the user). The data collected during the analysis will be forwarded to Google. The reCAPTCHA analysis take place completely in the background. Site visitors are not advised that such an analysis is taking place. Data processing is based on Art. 6 (1) (f) DSGVO. The site operator has a legitimate interest in protecting its site from abusive automated crawling and spam. For more information about Google reCAPTCHA and Google’s privacy policy, please visit the following

links: and ro/android.html

Facebook plugins (Like, Share buttons)

Our site includes plugins for the social network Facebook, Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. The Facebook plugins can be recognized by the Facebook logo or the Like button on our site. For an overview of Facebook plugins, see . When you visit our site, a direct connection between your browser and the Facebook server is established via the plugin. This enables Facebook to receive information that you have visited our site from your IP address. If you click on the Facebook “Like button” while you are logged into your Facebook account, you can link the content of our site to your Facebook profile. This allows Facebook to associate visits to our site with your user account. Please note that, as the operator of this site, we have no knowledge of the content of the data transmitted to Facebook or of how Facebook uses these data. For more information, please see Facebook’s privacy policy at If you do not want Facebook to associate your visit to our site with your Facebook account, please log out of your Facebook account.

Twitter plugin

Functions of the Twitter service have been integrated into our site and app. These features are offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. When you use Twitter and the “Retweet” function, the sites you visit are connected to your Twitter account and made known to other users. In doing so, data will also be transferred to Twitter. We would like to point out that, as the provider of these pages, we have no knowledge of the content of the data transmitted or how it will be used by Twitter. For more information on Twitter’s privacy policy, please go to . Your privacy preferences with Twitter can be modified in your account settings at .

Instagram plugin

Our site contains functions of the Instagram service. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA. If you are logged into your Instagram account, you can click the Instagram button to link the content of our pages with your Instagram profile. This means that Instagram can associate visits to our pages with your user account. As the provider of this site, we expressly point out that we receive no information on the content of the transmitted data or its use by Instagram. For more information, see the Instagram Privacy Policy:

LinkedIn plugin

Our site uses functions from the LinkedIn network. The service is provided by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time one of our pages containing LinkedIn features is accessed, your browser establishes a direct connection to the LinkedIn servers. LinkedIn is informed that you have visited our web pages from your IP address. If you use the LinkedIn “Recommend” button and are logged into your LinkedIn account, it is possible for LinkedIn to associate your visit to our site to your user account. We would like to point out that, as the provider of these pages, we have no knowledge of the content of the data transmitted or how it will be used by LinkedIn. More information can be found in the LinkedIn privacy policy at

YouTube plugin

Our site uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited. If you are logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account. YouTube is used to help make our site appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO. Further information about handling user data, can be found in the data protection declaration of YouTube under .


Our site uses features provided by the Vimeo video portal. This service is provided by Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA. If you visit one of our pages featuring a Vimeo plugin, a connection to the Vimeo servers is established. Here the Vimeo server is informed about which of our pages you have visited. In addition, Vimeo will receive your IP address. This also applies if you are not logged in to Vimeo when using our site. We would like to point out that, as the provider of these pages, we have no knowledge of the content of the data transmitted or how it will be used by Vimeo. More information can be found in the Vimeo privacy policy at


To keep track of the inquiries and in order to answer them quickly and efficiently to our customers, we are using Pipedrive as a CRM. The data is located in the European Union. More information

Type of data accessed: Name, email address, company name, country, title, phone number browser data, Personal data related to Commercial information, and purchased services.

The purpose for the data access: Provides a platform for marketing activities, Provides newsletters management and control functionality

For more information, see the Instagram Privacy Policy:


A cookie is a small amount of information that’s downloaded to your computer or device when you visit certain sites. Some of our web pages use cookies. Cookies do not harm your computer and do not contain any viruses. Cookies help make our site more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser. Most of the cookies we use are so-called “session cookies”. They are automatically deleted after your visit. Other cookies remain in your device’s memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site. You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this site. Cookies which are necessary to allow electronic communications or to provide certain functions you wish to use (such as the shopping cart) are stored pursuant to Art. 6 paragraph 1, letter f of DSGVO. The site operator has a legitimate interest in the storage of cookies to ensure an optimized service provided free of technical errors. If other cookies (such as those used to analyze your surfing behavior) are also stored, they will be treated separately in this privacy policy.



By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.



We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the site. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it. If our site is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.



It’s important to us at Earthbanc AB to hear what users have to say about our services, and our policies. If you as a site user have any questions, concerns, or complaints, or want to let us know what you think about any of our online products and services, you can contact us through email at: If you would like to access, correct, amend, or delete any personal information we have about you, register a complaint, or simply want more information, contact our Privacy Compliance Officer:


Scroll to Top