Wattly operates in regulated markets where trust is earned through disciplined legal frameworks and robust security. GreenBridge360™ is built to withstand diligence: standardised contracts, auditable data, and controls that protect investors, partners, and communities.
We maintain policies and controls designed to comply with applicable laws and market standards in our operating jurisdictions, including:
AML/KYC & Sanctions screening across counterparties; anti-corruption/anti-bribery controls and training.
Regulatory reporting & disclosures aligned with EU frameworks (e.g., SFDR/Taxonomy where relevant to products) and local market rules.
Contracting discipline: standardised documentation, covenants tied to milestones, H&S and ESG clauses, step-in/termination rights, and change-control procedures.
Competition, data protection, and IP safeguards; clear ownership and licensing for GreenBridge360™ assets and data models.
Governance & conflicts: IC charters, segregation of duties, gift/hospitality and conflicts registers, and whistleblowing channels.
Nothing on this site constitutes an offer to sell or a solicitation to buy securities. Offers are made only through definitive documentation and to eligible investors in permitted jurisdictions.
GDPR-aligned processing with data minimisation, purpose limitation, and DPIAs where required.
DPAs & sub-processors: contractual safeguards with vendors; transparency on material sub-processors.
Data subject rights support (access, rectification, erasure, portability) via documented procedures.
We design and operate controls to protect confidentiality, integrity, and availability:
Access & identity: MFA, role-based access, least privilege, periodic access recertification.
Encryption: in transit (TLS) and at rest (AES-256 or equivalent); managed keys and secrets.
Secure SDLC: code review, dependency scanning, IaC controls, and change management.
Monitoring & logging: centralised logs, immutable audit trails, anomaly detection.
Vulnerability management: continuous scanning, risk-based patching; independent penetration tests at least annually.
Environment hardening: network segmentation, hardened baselines, endpoint protection.
Alignment & roadmap: Controls are aligned to ISO/IEC 27001 and NIS2 principles; a SOC 2 readiness programme guides continuous improvement.
We assess and monitor critical suppliers (EPCs, OEMs, optimisers, data providers, and cloud vendors) for legal, security, H&S and ESG posture, with contractual covenants, right-to-audit clauses, and incident-notification duties.
Backups are encrypted and tested; recovery objectives (RTO/RPO) are defined by criticality. Continuity, crisis-management, and disaster-recovery playbooks are reviewed and exercised on a scheduled basis.
We operate real-time monitoring with defined SLAs for triage → containment → eradication → recovery, and we notify customers and authorities as required by law and contract.
All staff complete mandatory training (security, privacy, anti-corruption). Policies are reviewed at least annually or upon material change; control effectiveness is assessed through internal reviews and independent audits where applicable.
To report a suspected vulnerability or security incident, contact our security team via the site’s Contact page (select “Security/Privacy”) or email security@wattly.se
For professional and institutional investors only. This material is informational and does not constitute investment advice or an offer to buy or sell any security. Investments involve risk and are subject to eligibility and definitive documentation. Past performance is not a reliable indicator of future results.
