# Data Sharing & Confidentiality

### Access to Submitted Data

<details>

<summary>Who can see my assessment response?</summary>

Data is submitted to GRESB through a secure online platform. It can only be seen by current GRESB staff and, to a more limited extent, authorized personnel from GRESB’s third-party validation provider, Sustainability Assurance Services (SAS).

</details>

### Access to Assessment Results

<details>

<summary>Who can see my assessment results?</summary>

GRESB Scores are not made public. Only participants can access their Fundamentals results and report in the GRESB Portal, and they may choose to share them with their investors.

* This policy applies to both listed and non-listed entities. In 2026, by default, the Fundamentals Report will only be accessible to the participant. No investors will have access unless the participant actively enables sharing in the portal settings.

<figure><img src="/files/K7zJmpoBcKTtsD5HoO4S" alt=""><figcaption></figcaption></figure>

#### Access to Uploaded Evidence

Entities can disclose or withhold any documentation provided as evidence from GRESB Real Estate Investor Members. Each uploaded document has a checkbox, with the default set to ‘not available’. When opted into by the participant, this makes the evidence available to all investors with access to that entity. If the entity chooses to share its evidence with investors, it will appear in the Fundamentals Report.

{% hint style="info" %}
Note that it is impossible to share documents with investors on a case-by-case basis.
{% endhint %}

#### Access to Open Text Boxes

The content of open text boxes are included in the Fundamentals Report.

</details>

### Participant Disclosure & Visibility

<details>

<summary>Who can see my participation status?</summary>

GRESB does not disclose a participant’s data to other participants as a default.

An entity’s participation status is disclosed only in the [**GRESB Participant Directory**](https://www.gresb.com/nl-en/gresb-participant-members/)**:**

* **Non-listed entities:** GRESB displays the fund manager's name.
* **Listed entities**: GRESB displays the entity name.

</details>

### Data Protection & Security

<details>

<summary>GDPR Compliance</summary>

GRESB is fully compliant with GDPR. The GRESB Privacy Statement can be found [here](https://www.gresb.com/nl-en/gresb-privacy-statement/). We also have specific internal policies, such as our Data Breach Policy and our Data Protection Policy, related to GDPR that we cannot share externally for security reasons. Please note that asset-level data does not fall under the incidence of GDPR because it does not contain any personal data.

</details>

<details>

<summary>Cybersecurity</summary>

GRESB’s data security measures and systems have been reviewed by an external expert and no issues were flagged. The GRESB website and the GRESB Portal are fully HTTPS/TLS encrypted. GRESB has strict and extensive policies on data security that cannot be shared externally for security reasons.

</details>

<br>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://guides.gresb.com/fundamentals/getting-started/data-sharing-and-confidentiality.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.