Full multi-tenancy — layered org structures, role-based access, per-unit data scoping and an immutable audit log

Layered Org Units + Facilities — complete data isolation between tenants
ADMIN / MANAGER / VIEWER / AUDITOR roles scoped to their own subtree
Immutable audit log (IP / device / before-after) + PDPA compliance
GCarbon is multi-tenant from the architecture up — corporate groups, subsidiaries and multiple sites in one system.
Org Units nest to any depth (company → division → plant → production line), each facility belongs to a unit, tenant data is fully isolated, and consolidated reporting works at every level.
ADMIN / MANAGER / VIEWER / AUDITOR roles each see only the units in their scope. External auditors get read-only access through a central guard enforced on every route — safe even as new features ship.
The immutable AuditLog records who did what, from which IP and device, with before-and-after values — including support-team impersonation logs — and PDPA compliance through clear separation of personal data and access rights.