Data Privacy

GreenSlate and its subsidiaries are committed to safeguarding the personal information we collect.

User Profile

GreenSlate’s application is an “invite-only” system. Clients invite crew members and assign per-project permissions, so they may control exactly what each user may access and do.


Divisions allow clients to control their crew’s access by department, employee classification, or any custom grouping.

Tracking and Approval History

Every change a user makes within the GreenSlate system is recorded for data integrity and auditing purposes. Digital forms utilize approval flows to gather sign-offs and signatures.

Disclosure of Client Content

GreenSlate does not disclose client content unless we’re required to do so to comply with the law or a valid and binding order of a government or regulatory body.


GreenSlate application cookies never store any personally identifiable information and authentication information is encrypted

Data Retention

We configure data deletion settings to meet the needs and policies of our clients.

Business Continuity

GreenSlate ensures high-availability of all services by incorporating redundancy in every layer of the architecture to ensure our systems are resilient to any outages.

Distributed System

Our application is cloud-hosted and backed by both Amazon Web Services and Microsoft Azure.  Application usage is load-balanced across multiple geographic regions allowing for seamless avoidance of any localized outages and the enhancement of system resiliency.

Disaster Recovery

All files are hosted in S3, which provides automatic backups and an SLA guaranteeing 99.99% availability. Our application databases are protected against any data loss by continually mirroring to a separate environment, allowing real-time backups and near- zero downtime failover.

Incident Management

Our 24/7 monitoring allows us to proactively resolve any potential issues. Our clients can expect our customer service to be accessible at all times on all channels. Support is available 9 am – 10 pm EST with after-hours support via email.


We continually refine CyberSec to enable us to maintain our defenses and enhance our threat resiliency. All traffic between the end user and application is encrypted in multiple layers.


  • User activity audit reports
  • Malicious activity alerts
  • Permission-based access
  • Penetration testing
  • Encrypted Data Transfers (SSL/TLS)

Remote Access

  • Multi-factor Authentication
  • Expiring passwords
  • Account lock-outs
  • CAPTCHA verification
  • Encryption


  • Secured facilities
  • Network firewalls
  • Rigorous change management
  • Web Application Firewall (WAF)
  • Computer incidence response team