© Copyright notice


Privacy Policy

The GRI Sustainability Disclosure Database is published by the Global Reporting Initiative, a foundation (Stichting) under the laws of the Netherlands (“GRI”). As a networking organization, GRI requires personal  information from stakeholders through processes connected to the Sustainability  Disclosure Database and the main GRI website.  The respect for privacy is essential for maintaining trust between GRI and the various companies, institutes and individuals in its network. This page explains how GRI intends to use and protect people’s personal data, and explains the different processes for adding data to the Sustainability Disclosure Database.

Most information in this database comes from GRI and its collaboration with Data Partners, in an effort to gain an overview of sustainability reporting around the world. Some of the fields in this database are new and require information not yet collected centrally by GRI.


All individuals with an internet connection, residing anywhere in the world (“users”) can access the GRI Sustainability Disclosure Database without the need for registration.  However, organizations that have produced a sustainability report or integrated report that is included in the Database are provided special access to customize pages related to their organization. If your organization is included in the Database but has not received special access information for updating your organization and report profiles, please contact GRI. If your organization has issued a sustainability or integrated report but has not been included in the database, please register your report with GRI. Thereafter the designated contact person will be provided access for your organization. The access details are solely for this user, who is a representative of the organization, who is authorized by that same organization, to enter data into the database.

GRI acts in conformity with the Dutch Data Protection Act (Wet Bescherming Persoonsgegevens). GRI collects certain personal data via the main GRI website user registration, the report registration procedure and the Sustainability Disclosure Database. As a consequence, GRI is the ‘responsible party’ under the Dutch Data Protection Act. Click here for more information about the main GRI website user registration. The section below explains how data is collected via report registration and the Sustainability Disclosure Database.

GRI does not at any time sell or otherwise lend your personal data to third parties other than its Data Partners. Data Partners are ‘processors’ under the Dutch Data Protection Act, and will only have limited access to the personal data for the purpose of the day-to-day functioning of the GRI Sustainability Disclosure Database. [Your e-mail address may be used by GRI to send you general information about GRI’s activities and about the GRI Sustainability Disclosure Database.]


PART I: Report  registration – data collected centrally by GRI and Data Partners; licence

If your organization  has published a sustainability report or an integrated report and would like to  have the report included in the Sustainability Disclosure Database, you need to  fill out the Report Registration Form and return it to GRI or one of GRI’s Data Partners. Please note that any kind of sustainability or integrated report can be included in this database.

GRI and/or its Data Partners will use the Report Registration form to get in touch with you should there be any questions regarding your registration. GRI and its Data Partners will use the information you have provided in the form to analyze aggregate trends in reporting. The Report Registration form requires contact details, information about your organization (size, listing, type etc.) and information about your report (GRI, non-GRI, integrated report, Application Level etc.). Both organizational and report data included in the form will be made publicly available to all users in the Sustainability Disclosure Database. Contact details and other personal data will not be made publicly available by GRI via whatever source.

The Report Registration form asks for a link to the actual sustainability or integrated report. You are responsible for ensuring that the link provided directs users to the website that hosts the original report. GRI will also include the actual PDF of the report in the Sustainability Disclosure Database, if one is available and a functioning PDF link is provided in the Report Registration form. By uploading or giving access to the report, you warrant on behalf of your organization that your organization gives permission to GRI to publish the report on the GRI website, by way of a non-exclusive and royalty-free licence. GRI cannot be held responsible for reporting organizations or any other third parties providing links to locations that are not the organization’s website or links to reports that have been modified.

Note: GRI collects a wide variety of information from GRI reports. For GRI-referenced or non-GRI reports, GRI requires and publishes a smaller variety of information.

PART II:Additional Data Collection – data provided by third parties

  • Other organization and report data.

    Organizations that have published sustainability or integrated reports can add additional data fields on the Sustainability Disclosure Database via the special access provided by GRI. Additional organizational and report data fields include number of employees, revenue, stock listing code, report language, number of pages, reporting cycle, reporting period, AA1000, and external assurance details. Reporting organizations can choose to publish contact details on the Organizational Profile section of the Sustainability Disclosure Database to receive comments and engage with stakeholders. All of these fields are editable by the relevant organization and are not managed by GRI.

Note: If you would like your report to be checked by GRI through the Application Level Check service, the report will be included in the benchmarking tool after the process is completed.