Confidentiality Policy

The verification process requires clients to share commercially sensitive information, including energy consumption data, operational processes, financial data, supply chain structures and strategic plans. The willingness of clients to provide this information — openly and without reservation — is essential to the integrity of the verification process.

Carbon Verification Limited is committed to safeguarding all confidential information obtained from or created about clients during verification activities. This commitment extends to all personnel involved in verification, including directors, employees, contracted auditors and technical reviewers.

Legally enforceable agreements. In accordance with ISO/IEC 17029 Clause 10.4.1, all confidential information is managed through legally enforceable agreements. All personnel involved in verification activities — whether employees, directors or contracted individuals — are bound by confidentiality obligations as a condition of their engagement.

Access control. Confidential client information is accessible only to those personnel directly involved in the verification engagement and to the directors responsible for oversight.

Secure storage and transmission. All client data is stored securely and transmitted using appropriate safeguards. Records are retained in accordance with our document retention policy and destroyed securely at the end of the retention period.

No secondary use. Confidential client information is used solely for the purpose of the verification engagement. It is not used for marketing, benchmarking, statistical analysis, or any other purpose without the explicit written consent of the client.

Where Carbon Verification Limited is required by law or authorised by contractual arrangements to release confidential information, the client will be notified of the information released, unless notification is prohibited by law. We will disclose only the minimum information necessary to satisfy the legal requirement.