# Privacy Policy

> Source: https://bryter.com/privacy-policy/

[#](#)

[Download PDF](https://bryter.com/wp-content/uploads/2026/02/Privacy-Policy-February-2026.pdf)

# Privacy Policy

We, BRYTER GmbH and its affiliated companies (each referred to as “**BRYTER**”, “**we**” or “**us**”), are pleased about your interest in our company.

We take the protection of your personal data and their confidential treatment very seriously. The processing of your personal data takes place within the framework of the legal provisions of the data protection law of the European Union, in particular the General Data Protection Regulation (hereinafter “**GDPR**”) and further applicable local regulations.

With this privacy policy we inform you about our approach to privacy by explaining why and how we process your personal data and explaining your rights. This privacy policy applies to all situations in which BRYTER processes your personal data. This implies visiting the BRYTER websites (bryter.com and beamon.bryter.com), using all BRYTER products such as the Workflows, BEAMON Assist and BEAMON Extract, and other situations mentioned in this privacy policy.

If you are in a contractual relationship with BRYTER and BRYTER's Data Processing Addendum (“**DPA**”) has been concluded between you and BRYTER, the DPA applies in addition to this privacy policy. If you have concluded the DPA, in case of any conflict between the terms of this privacy policy and the DPA, the terms of the DPA shall prevail. The BRYTER DPA can be found [here](https://bryter.com/legal-terms/data-processing-agreement/).

The BRYTER entity responsible for the processing of personal data depends on the specific interaction, contractual relationship, or service used and will be identified where required.

**1. General information**

**1.1 Controller and contact details**

This data privacy policy shall apply to data processing activities by the following controller:

BRYTER GmbH
Biebergasse 2
60313 Frankfurt am Main
email: [privacy@bryter.io](mailto:privacy@bryter.io)

Legal representatives: Michael Grupp, Dr. Micha-Manuel Bues, Michael Hübl, to be reached under the above contact details.

**1.2 Data protection officer**

The operational data protection officer can be reached as follows:

HeyData GmbH
Schützenstr. 5
10117 Berlin
email: [mailto:info@heydata.eu](mailto:info@heydata.eu)[info@heydata.eu](mailto:info@heydata.eu)

**1.3 Affiliates of the controller**

Affiliates of the controller:

BRYTER US Inc.
33 Irving Place
Suite 5007 
New York, NY 10003, USA

BRYTER Services UK Limited
21-33 Great Eastern St
London EC2A 3EH, UK

**2. Subject matter of data protection**

The subject matter of data protection is personal data. This means any information relating to an identified or identifiable natural person (‘data subject’). These include e.g. information such as name, postal address, e-mail address or telephone number.

Specific information on the personal data processed by us can be found below in detail in the data processing operations listed.

**3. Collection and storage of personal data as well as the nature and purpose of their processing**

**3.1 When visiting the website**

When visiting and using our website, the browser used on your end device will automatically send information to the server of our website. This information is temporarily stored in a so-called log file.

**Categories of personal data processed:**

**Purposes of processing:**

**Legal basis:**

Further information on cookies and similar technologies can be found in Sections 6 and 7 of this privacy policy.

**3.2 Customer Relationship Management**

We offer you the option to contact us via email to purchase access to the BRYTER platform. If you will enter or have entered a customer relationship with BRYTER, we process personal data to manage and maintain our business relationship.

**Categories of personal data processed:**

**Purposes of processing:**

**Legal basis:**

**3.3 Meeting documentation and transcriptio**n

In the context of sales, customer success, onboarding or similar customer interactions, we may use external meeting documentation tools (e.g. AI-based meeting assistants) to create transcripts, summaries and notes of meetings.

**Categories of personal data processed:**

**Purpose of processing:**

**Important clarification on AI usage:**

**Legal basis:**

**Recipients and roles:**

**Data retention:**

**Screen sharing:**

**3.4 Payments and billing (self-service credit card payments)**

If you purchase our services via self-service (e.g. by credit card), we process personal data for the purpose of payment processing and billing.

**Categories of personal data processed:**

**Purposes of processing:**

**Legal basis:**

**Recipients:**

**Data retention:**

**International data transfers:**

**3.5 Subscribing to our Newsletter**

If you have consented pursuant to Art. 6(1)(a) GDPR, we process your personal data to send our newsletter.

**Categories of personal data processed:**

**Purpose of processing:**

**Legal basis:**

You may revoke your consent at any time for the future.

**3.6 When using our contact form, email contact or downloading content **

You may contact us via contact forms or email and download content such as guides or reports.

**Categories of personal data processed:**

**Purposes of processing:**

**Legal basis:**

**3.7 Recruitment and Onboarding**

We collect application relevant documentation provided by the candidate. In general, it includes name, surname, e-mail address, address, phone number, a cover letter and the CV and a link to the applicant’s LinkedIn profile or website. Moreover, certain information can be provided for self-identification under local US law (gender, race or ethnicity, veteran status, disability). Do disregard this section unless it is required by local law.

Depending on whether your application is successful, we need further information to enter into an agreement/employment relationship with you. This may be: date of birth, bank account details, insurance number, work permits, disabilities if legally required under local law etc. We will also conduct automated checks against applicable sanctions-party lists.

Please do not include in your CV and cover letter information about political opinions, religious beliefs, and similar sensitive data. They are not required for your application.

The legal basis for data processing activities during the recruitment process is the respective national employment law or Article 6(1)(b) GDPR (i.e., the processing is necessary for entering into or the performance of a contract with you).

If you provide any information in relation to e.g. referees, you are responsible for obtaining their consent and ensuring that they are aware that their details can be forwarded.

Where we obtain publicly available information about you from business- and employment- oriented social networks or websites, the legal basis is Art. 6(1)(f) GDPR. Our legitimate interests follow from the fact that we wish to conduct a proper assessment of an applicant.

When we do a video interview with you it might happen that we ask for a recording. We will always ask for your consent whether to record or not, pursuant to Article 6(1)(a) GDPR. Please note – whether you consent is totally up to you. You have the right to revoke your consent at any time without reasons with effect for the future.

BRYTER uses the applicant tracking system & recruiting software Teamtailor for its hiring process. It is used to coordinate the application process, to monitor the status of applications and to communicate with candidates and within the team. Only BRYTER employees who are involved in the application process for the respective position have access to the candidate’s data. We have a specific Cookie policy for Teamtailor which can be found [here](https://bryter.teamtailor.com/cookie-policy).

The applicant data will be deleted by us six months after the end of the respective application procedure. This is necessary for the burden of proof in the event of a legal claim based on the German General Equal Treatment Act (AGG). 

**3.8 BRYTER Academy & BRYTER Open**

BRYTER’s learning platform for students - BRYTER Academy - enables us to provide online courses and learning material to interested participants. Personal data collected during the onboarding process and course participation is: name, email address, courses, interaction time, login times, progress.

The legal basis for the processing of participants’ data is Article 6(1)(b) GDPR.

BRYTER Open gives non-profits, NGOs and academic institutions the power of our platform for free. If you are using these services, our Customer relationship management section applies to the data collected as well as further privacy information provided on the signed-up service.

**3.9 In-app behavior analytics **

**Categories of personal data processed:**

**Purposes of processing:**

**Legal basis:**

**Recipients:**

**Data retention:**

**3.10 Additional Purposes for Processing**

The data mentioned above are also processed for the additional purposes.

**Purpose of processing:**

**Legal basis:**

**4. Categories of recipients**

Your personal data will be disclosed to the following parties: 

**4.1 Internal recepients**

We may share your personal data with our affiliates, when supporting us in the processing activity. The legal basis for such transfer is BRYTER’s legitimate interest as we provide services with cross-country teams, to guarantee smooth operations. When personal data is leaving the European Union, necessary contractual safeguards have been put in place.  

**4.2 External recipients **

We may engage third parties. These may be:  

**5. Transfer of personal data to third countries**

Your personal data will be e. g. shared with third parties and partly their sub-processors based also outside of the European Economic Area.

Third parties will only use your personal data to the extent necessary to perform their functions and are contractually bound to adhere to an appropriate level of personal data protection.

Those to be mentioned are the following:

Additionally, when using BEAMON Assist, BEAMON Extract and AI Connector, BRYTER engages Microsoft Corporation as a sub-processor to process Personal Data provided by Customer or End Users in order to enable the AI Services. For customers of BRYTER US, Inc. the sub-processing takes place in the European Union, the United Kingdom or the United States. For customers of BRYTER GmbH the sub-processing takes place in the European Union or the United Kingdom, unless agreed otherwise between BRYTER and Customer.

The agreements with our sub-processors specify who fulfills which data protection obligations, regarding ensuring an appropriate level of security and the implementation of your data subjects’ rights. We will be pleased to provide you with the essential content of the agreements. Please do not hesitate to contact us using the contact details given above.

**6. Cookies** **and Local Storage**

**6.1 Cookies**

We use cookies to provide you with a pleasant and secure online experience on our website.

We distinguish between the following types of cookies:

For more information about the specific cookies used, their purposes, retention periods, and how you can manage or delete them, please refer [here](https://bryter.com/cookie-policy/).

In addition, you can delete individual cookies or the entire cookie stock via your browser settings. Information and instructions on how to delete these cookies or block their storage in advance can be found, depending on the provider of your browser, under the following links: 

Please note that if you do not allow technically required or certain functional cookies, some features of our website may not be available or may function only to a limited extent.

We also implement Google Consent Mode v2, which ensures that Google services receive information about your consent status. If you do not consent, Google only receives limited cookieless pings without setting or reading cookies; if you consent, full functionality is enabled. You can change your choice at any time via “Cookie Settings”.

**6.2 Local Storage**

To enable you to customize the usage of BRYTER’s website and software to your personal needs and usage, we also use local storage technology (also known as “local data” and “local storage”) in addition to cookies. This involves storing data locally in your browser's cache, which continues to exist and can be read even after closing the browser window or exiting the program - unless you delete the cache.

Local Storage enables your preferences when using the BRYTER website and/or BRYTER’s software to be stored on your computer and used by you. The following information is stored by BRYTER when using BRYTER’s software as local data:

Third parties cannot access the data stored in local storage. It will not be passed on to third parties and will not be used for advertising purposes.

Insofar as this storage or access is absolutely necessary for us to provide the service of our website expressly requested by our website visitors (e.g., to carry out a chatbot used by the website visitor or to ensure the IT security of our website) it is carried out on the basis of Section 25 para. 2 no. 2 of the German Telecommunications Telemedia Data Protection (Telekommunikation-Telemedien-Datenschutz-Gesetz, “**TTDSG**”). Otherwise, this storage or access takes place on the basis of the website visitor's consent (Section 25 para. 1 TTDSG). The subsequent data processing is carried out in accordance with the following sections and on the basis of the provisions of the GDPR.

**7. Integration of further services**

| **Name ****of**** ****the**** ****service**  | **S****ervice ****provider**  | **Description ****of**** ****the**** ****service**  | **Legal ****basis**  | **Link to the privacy policy of the provider**  |
| --- | --- | --- | --- | --- |
| Vimeo  | Vimeo, Inc, 555 West 18th Street New York, New York 10011, USA  | Integration of video content on the website  | Article 6(1)(1)(f) GDPR  | [https://vimeo.com/privacy](https://vimeo.com/privacy)   |
| YouTube  | Google Ireland Limited, Gordon House Barrow Street Dublin 4, D04E5W5, Irland  | Integration of video content on the website  | Article 6(1)(1)(f) GDPR  | [https://policies.google.com/privacy?](https://policies.google.com/privacy?hl=de)[hl=de ](https://policies.google.com/privacy) |
| Google Analytics | Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA, 94043, USA | Web analytics for statistical evaluation and improvement of our website | Article 6(1)(a) GDPR | [https://policies.google.com/privacy](https://policies.google.com/privacy) |
| Google Signals (extension of Google Analytics) | Google Ireland Ltd. / Google LLC | Cross-device reporting and audience insights based on aggregated Google account information (e.g., location history, YouTube history) | Art. 6(1)(a) GDPR; Sec. 25(1) TTDSG (consent) | [https://policies.google.com/privacy](https://policies.google.com/privacy) |
| Google Ads – Enhanced Conversions / Customer Match (User-provided Data) | Google Ireland Ltd. / Google LLC | Use of hashed customer data (e.g., email, phone) to improve conversion measurement and advertising audiences | Art. 6(1)(a) GDPR; Sec. 25(1) TTDSG (consent) | [https://policies.google.com/privacy](https://policies.google.com/privacy) |

Google Signals is only activated after you have given your consent in our cookie banner. You can withdraw consent at any time via “Cookie Settings” in the footer. Signed-in Google users can additionally manage ad personalisation in their own Google account at Google My Activity ([https://myactivity.google.com/](https://myactivity.google.com/)).

User-provided data for Google Ads will only be used after your explicit consent under the “Marketing” category in our cookie banner. You can withdraw consent at any time via “Cookie Settings” in the footer.

**8. Data retention**

Your personal data will be retained as long as necessary to fulfil the legitimate purpose(s) for the processing and as long as required by law. 

For Google Analytics (GA4), event-level data is retained for up to 14 months (default setting) unless you select a shorter period in the cookie banner. Aggregated analytics reports that do not allow direct identification may persist longer.

**9. Rights of data subject**s

You have the right:

**10. Right to object**

As far as your personal data are processed based on legitimate interests in accordance with Article 6(1)(f) GDPR, you have the right to object to processing of your personal data in accordance with Article 21 GDPR, to the extent that there are grounds relating to your particular situation or the objection is targeted against direct marketing. In the latter case, you have a general right to object that will be implemented by us without any indication of a particular situation. 

If you want to exercise your withdrawal right or right to object, simply send us an email to [privacy@bryter.io](mailto:privacy@bryter.io).

**11. How to exercise your rights**

You can also exercise the rights listed above at any time by contacting us at [privacy@bryter.io](mailto:legal@bryter.io). 

**12. Further information**

In accordance with Article 13(2)(e) GDPR we would like to inform you about the following:

The provision of personal data is neither a statutory nor contractual requirement, nor a requirement necessary to enter into a contract. You are not obliged to provide the personal data. There are no consequences resulting from failure to provide such data.

In accordance with Article 13(2)(f) GDPR we would like to inform you about the following:

We do not process your personal data for the purpose of automated decision-making or to develop, improve, or train AI models or machine learning models.

**13. Data security**

Within the website visit, we use the common SSL procedure (Secure Socket Layer) in conjunction with the respective highest encryption level your browser supports. This usually is 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit v3 technology instead. Whether an individual website of our internet offer is transmitted encrypted or not is evident by the closed display of the key or lock symbol in the lower status bar of your browser.

Apart from this, we use appropriate technical and organisational security measures in order to protect your data from accidental or wilful manipulation, partial or complete loss, destruction or unauthorised access by third parties.  Our security measures are continuously improved in response to technological developments and the ever-changing threat landscape.

**14. Third Parties**

Our website may contain links to other websites, products, or services that we do not own or operate. We are not responsible for the privacy practices of these third parties. Please be aware that this Privacy Policy does not apply to your activities on these third-party services or any information you disclose to these third parties. We encourage you to read their privacy policies before providing any information to them.

**15. Children's Privacy**

We do not knowingly collect, maintain, or use personal information from children under 13 years of age, and no part of our website is directed to children. If you learn that a child has provided us with personal information in violation of this Privacy Policy, then you may alert us at privacy@bryter.io.

**16. Topicality and changes of this data privacy statement**

This privacy policy is currently valid as of January 2026.

Further development of our website and offers through it or changed statutory or authority specifications may require changes to this privacy policy. You may call and print the respective current data privacy statement at any time on the website. If we materially change the ways in which we use or share personal data previously collected from you, we will notify you through the website, by email, or other means of communication. 

Version 10.1 April 2026