# Data Sharing & Confidentiality

### Access to Submitted Data

<details>

<summary>Who can see my assessment response?</summary>

Data is submitted to GRESB through a secure online platform. It can only be seen by current GRESB staff and, to a more limited extent, authorized personnel from GRESB’s third-party validation provider, Sustainability Assurance Services (SAS).

</details>

### Access to Assessment Results

<details>

<summary>Who can see my assessment results?</summary>

Data collected through the SFDR Infrastructure Assessments is only disclosed to the participants themselves.

Participants can share data with their investors themselves outside of the GRESB portal by downloading their report as a PDF.

</details>

### Data Protection & Security

<details>

<summary>GDPR Compliance</summary>

GRESB is fully compliant with GDPR. The GRESB Privacy Statement can be found [here](https://www.gresb.com/nl-en/gresb-privacy-statement/). We also have specific internal policies, such as our Data Breach Policy and our Data Protection Policy, related to GDPR that we cannot share externally for security reasons. Please note that asset-level data does not fall under the incidence of GDPR because it does not contain any personal data.

</details>

<details>

<summary>Cybersecurity</summary>

GRESB’s data security measures and systems have been reviewed by an external expert and no issues were flagged. The GRESB website and the GRESB Portal are fully HTTPS/TLS encrypted. GRESB has strict and extensive policies on data security that cannot be shared externally for security reasons.

</details>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://guides.gresb.com/sfdr-reporting-solution/getting-started/data-sharing-and-confidentiality.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.