PCS RG PN 001 Registry Privacy Notice_v1.0
Document Control
Document code: PCS-RG-PN-001
Title: PCS Registry Privacy Notice (Retirements and Certificates)
Scope: Describes how the PCS Registry processes personal data in relation to registry user accounts, credit holdings (account-level), retirement transactions, retirement certificates, and any public or semi-public retirement information displayed by the Registry, including disclosure choices for named versus anonymous retirements.
Version history and change log
Table DC-1. Revision history
Version
Date
Status
Summary of changes
Prepared by
Approved by
v1.0
TBD
Draft
Initial release for public consultation
PCS Secretariat
TBD
Superseded versions
No superseded versions for v0.1.
Governance note on versioning and archiving
Only the latest approved version of this Privacy Notice shall be used. Superseded versions shall be archived and retained for traceability and audit purposes. Printed or downloaded copies are uncontrolled; stakeholders must refer to the PCS-published version as the authoritative current version.
Chapter 1 - Purpose of this notice
This Privacy Notice explains how the PCS Registry (the “Registry”) collects, uses, stores, and discloses information when users create accounts, hold credits, and retire credits, including the generation of retirement certificates and any optional public-facing retirement information.
Chapter 2 - Who is responsible for your information (Controller)
The data controller is:
Planetary Carbon Standard
Contact email: info@planetarycarbonstandard.com
Chapter 3 - Scope
This notice applies to:
Registry user accounts and authentication
Credit holding records (account-level holdings)
Retirement transactions
Retirement certificates (PDF or other formats)
Any public or semi-public retirement information displayed by the Registry where a user chooses disclosure settings
Chapter 4 - Key principle: named vs anonymous retirement options
The Registry supports different disclosure preferences. In particular:
Individuals may retire credits anonymously, meaning the retirement certificate and/or registry display will not show their personal name.
Individuals may choose to display their name on a retirement certificate and/or on any registry display only where they actively select that option.
Corporate users and brokers may choose to display the legal entity name to evidence holdings or retirement activity to counterparties.
We aim to minimise the personal data shown on certificates and registry displays. We do not require individuals to publish their personal name to complete a retirement.
Important: If you choose to publish a personal name or other identifying information on a public-facing registry view, that information may be seen, copied, and redistributed by third parties outside of our control.
Chapter 5 - Information we collect
Depending on how you use the Registry, we may process:
a) Account information
Name (if provided)
Email address
Phone number (if provided)
Organisation name and role (if applicable)
Login and security metadata (e.g., time of login, IP address where necessary for security)
b) Transaction and registry information
Account identifiers (internal IDs)
Credit identifiers (e.g., serial ranges, project/vintage/quantity)
Retirement transaction references (e.g., retirement ID, timestamp)
Retirement purpose or claim category (if submitted)
Optional “display name” selections (individual name, organisation name, or anonymous)
c) Evidence and compliance information (where applicable)
Documents you upload to support compliance or due diligence
Communications with support and operations teams
d) Technical information
Device and browser data and logs (for security, troubleshooting, and abuse prevention)
Chapter 6 - How we use your information
We use information to:
Provide the Registry service (account creation, holding, retirement, certificate generation)
Maintain registry integrity (prevent fraud, duplication, and unauthorised access)
Generate and verify retirement certificates and retirement records
Provide optional disclosure features requested by users (named or anonymous presentation)
Respond to support requests and operational queries
Comply with legal obligations and respond to lawful requests
Chapter 7 - Lawful bases for processing
We rely on one or more of the following, depending on the activity:
a) Contract (performance of a contract) To provide the Registry service, manage accounts, process transactions, and issue certificates.
b) Legitimate interests To operate a secure, reliable Registry; prevent fraud; maintain audit trails; and support market integrity. We balance these interests against individual rights and expectations.
c) Consent (where required and appropriate) Where an individual chooses optional public disclosure of their personal name (or other personal identifiers) on a public-facing registry display, we treat that as an opt-in choice. You can withdraw this choice going forward, but we cannot guarantee third parties will delete copies already taken.
d) Legal obligation Where we must retain or disclose information to comply with law or valid regulatory/legal processes.
Chapter 8 - Public disclosure and sharing controls
The Registry may allow users to select privacy preferences, such as:
Anonymous retirement (no personal name shown)
Named retirement certificate (private artefact shared at the user’s discretion)
Public registry display (where enabled and explicitly selected)
If you are an individual, the default recommendation is anonymity for public display. If you are a corporate/broker, the default may be to display the organisation legal name (not an individual), unless you choose otherwise.
Chapter 9 - Who we share information with (Recipients)
We may share information with:
a) Service providers (processors) that host or operate parts of the Registry (e.g., cloud hosting, email delivery, document storage, analytics limited to security/performance). These providers are contractually required to protect data and act only on our instructions.
b) Auditors, assessors, or professional advisers, where necessary for assurance, compliance, or legal advice.
c) Counterparties, only where you choose to share a certificate or you request evidence to be shared.
d) Authorities or regulators, where required by law or valid legal process.
We do not sell personal data.
Chapter 10 - International transfers
If any service providers process data outside the UK, we use appropriate safeguards (such as adequacy regulations or contractual safeguards) to protect personal data.
Chapter 11 - Retention
We retain information only as long as necessary for the purposes set out above, including:
Maintaining a reliable audit trail of retirements and certificate issuance
Resolving disputes, fraud investigations, and security incidents
Meeting legal and compliance obligations
Typical retention approach:
a) Retirement transaction records: retained for as long as necessary to preserve registry integrity and auditability.
b) Account data: retained while your account is active and for a reasonable period thereafter for legal/security reasons.
c) Support communications: retained as needed for operational purposes.
Where personal data is optional (e.g., a displayed personal name), we will remove it from future display if you change settings, subject to technical and legal constraints.
Chapter 12 - Your rights (individual users)
Subject to applicable conditions and exemptions, individuals may have the right to:
Access their personal data
Correct inaccurate data
Request deletion (where applicable)
Restrict or object to certain processing
Data portability (where applicable)
Withdraw consent (where consent is the basis)
To exercise rights, contact: info@planetarycarbostandard.com
We may need to verify your identity before fulfilling a request.
Chapter 13 - Complaints
If you are not satisfied, you may contact us first at info@planetarycarbostandard.com
Chapter 14 - Security
We use organisational and technical measures designed to protect information, including access controls, authentication, monitoring, and secure storage practices. No method of transmission or storage is completely secure; however, we aim to apply proportionate safeguards aligned to risk.
Chapter 15 - Automated decision-making
The Registry may apply automated checks for security and fraud prevention. We do not use automated decision-making that produces legal or similarly significant effects solely by automated means, unless explicitly stated and lawfully implemented.
Chapter 16 - Changes to this notice
We may update this notice periodically. We will publish the latest version on our website with an effective date.