Privacy policy

We, BRYTER GmbH (hereinafter “we” or “BRYTER”) are pleased about your interest in our company.

We take the protection of your personal data and their confidential treatment very seriously. The processing of your personal data takes place exclusively within the framework of the legal provisions of the data protection law of the European Union, in particular the General Data Protection Regulation (hereinafter “GDPR”) and further applicable regulations.

With this privacy policy we inform you about the processing of your personal data on our website (the “website”) and about your privacy rights.

1. Name and contact details of the controller as well as operational data protection officer

This data privacy statement shall apply to data processing activities by the following controller:

Uhlandstr. 175,
10719 Berlin,

Legal representatives: Michael Grupp, Dr. Micha-Manuel Bues, Michael Hübl, to be reached under the above contact details.

The operational data protection officer can be reached as follows:

DataCo GmbH
Dachauer Straße 65, 80335 Munich,

Affiliate of the controller:
142 W 57th St
New York, NY 10019

BRYTER Services UK Limited
Labs House, 15-19 Bloomsbury Way, Holborn
London WC1A 2TH, UK

2. Subject matter of data protection

The subject matter of data protection is personal data. This means any information relating to an identified or identifiable natural person (‘data subject’). These include e.g. information such as name, postal address, e-mail address or telephone number.

Specific information on the personal data processed by us can be found below in detail in the data processing operations listed.

3. Collection and storage of personal data as well as the nature and purpose of their processing

a. When visiting the website

When visiting and using our website, the browser used on your end device will automatically send information to the server of our website. This information is temporarily stored in a so-called log file. The following information is recorded without any action on your end and stored until the purpose or legal basis for storage ceases to apply.

  • internet protocol address of the requesting computer
  • date and time of the access
  • website that is viewed
  • browser used

The data mentioned are processed by us for the following purposes: 

  • ensuring smooth establishment of the website’s connection 
  • ensuring comfortable use of our website 
  • evaluation of system safety and stability, as well as 
  • other administrative purposes 

The legal basis for data processing activities shall be Article 6(1)(1)(f) GDPR. Our legitimate interests follow from the purposes listed above for data collection. In no case shall we use any collected data for the purpose of drawing conclusions about your person. 

Furthermore, we use cookies and further services when you visit our website. More detailed explanations on this can be found in sections 5 and 6 of this data privacy statement. 

b. Subscribing to our Newsletter

If you have explicitly consented pursuant to Article 6(1)(1)(a) GDPR, we will use your email address to send you our newsletter at regular intervals. Indicating an email address will be sufficient to receive the newsletter.

Unsubscribing is possible at any time, independently of whether the newsletter was sent based on consent or statutory permission, e.g. using a link at the end of each newsletter.

The personal data required for sending out the newsletter shall be erased as soon as they are no longer required for achieving the purpose of their collection and as far as no other legal authorisation basis applies for further processing. Your email address shall only therefore be stored for sending out the newsletter until you revoke your consent or until you object to submission of the newsletter.

c. When using our contact form and email contact

If there are any questions, we offer the option of contacting us under: A valid email address must be indicated there, so that we will know where the query comes from and to answer such. Further information can be provided freely.

Alternatively, contact via the provided email address is possible. In such a case, your personal data transmitted in the email will be stored.

In some cases, contact via email may be possible. Any personal data transmitted via email will be stored in the respective email. We will always try to avoid any unsolicited contact. If you have been contacted and would like to request a deletion of your personal data in our systems, please reach out to In addition, we offer you the option to contact us via email to purchase access to the BRYTER platform. To purchase access to the BRYTER platform you need to send a request to In this context we process the following personal data: name and email address.

In this respect we use the services of Pipedrive OÜ, HubSpot, Inc. and Outreach Corporation. For the initiation of a contractual relationship we transfer personal data to these service providers acting as our data processors in accordance with Article 28 GDPR. Further information can be found here:,,

The legal basis for data processing for the purpose of Data processing activities for the purpose of contacting is Article 6(1)(1)(f) GDPR. If the purpose of the contact is to conclude a contract, the additional legal basis for the processing is Article 6(1)(1)(b) GDPR.

We store your personal data until the purpose or legal basis for the storage no longer applies.

d. Application

BRYTER uses the applicant tracking system & recruiting software Greenhouse for its hiring process. This enables applicants to apply directly on the website of BRYTER. The applicants’ personal data (name, contact information, application documents) will be collected through a form on and shared with Greenhouse Software Inc., a cloud software provider located in the USA. The software will be used at BRYTER to coordinate the application process (e.g. individual interviews), to monitor the status of applications and to communicate with candidates and within the team. All BRYTER employees who are involved in the application process for the respective position have access to the candidate’s data.

The legal basis for the processing of applicant data is Article 6(1)(1)(b), Article 88 GDPR, § 26 BDSG. The purpose of processing applicant data is to carry out the application procedure.

The applicant data will be deleted by us six months after the end of the respective application procedure.

4. Transferring data

We shall only pass on your personal data to third parties (recipients) if we are entitled to do so under the provisions of data protection law. Below we inform you about the circumstances in which this may be the case: We can pass on your personal data to third parties (recipients), if:

  • you have explicitly given consent to such for one or more specific purposes (Article 6(1)(1)(a) GDPR); 
  • processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract (Article 6(1)(1)(b) GDPR); 
  • processing is necessary for compliance with a legal obligation to which we are subject (Article 6(1)(1)(c) GDPR); 
  • processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data (Article 6(1)(1)(f) GDPR). 

Furthermore, we work together with service providers, so-called processors, to whom we transfer your personal data and who process your data for us on our behalf and in accordance with our instructions in compliance with Article 28 GDPR. These service providers have been carefully selected and commissioned by us, are bound by our instructions and are regularly inspected. Specifically, please find below a list of our service providers: 

  • DocSend;
  • Facebook;
  • Google;
  • Greenhouse;
  • Hubspot;
  • LinkedIn;
  • Outreach;
  • Piesync;
  • Pipedrive.

The agreements specify who fulfils which data protection obligations, in particular with regard to ensuring an appropriate level of security and the implementation of your data subjects’ rights. We will be pleased to provide you with the essential content of the agreements. Please do not hesitate to contact us using the contact details given above. You can assert your data subjects’ rights against any of the jointly responsible parties. The exchange of personal data with the cooperation partners takes place within the framework of Article 6(1)(1)(f) GDPR, as we have a legitimate interest in the effective use of the tools.

5. Cookies

We would like to provide you with a pleasant online experience with our website and use cookies for this purpose within the framework of Article 6(1)(1)(a) GDPR or Article 6(1)(1)(f) GDPR.

For this purpose, we use various cookies to ensure the functionality of our website and to make the website as informative and user-friendly as possible for you. It is important to us that you surf comfortably on our website and therefore the constant optimization of our website is of great importance to us.

Here you can find out which cookies we use on our website, how they work and how you can object to the processing of your personal data in detail or delete the personal data collected here.

You can deactivate some cookies by setting an opt-out cookie or by following the link above. 

In addition, you can delete individual cookies or the entire cookie stock via your browser settings. Information and instructions on how to delete these cookies or block their storage in advance can be found, depending on the provider of your browser, under the following links:

If you do not allow technically required cookies, performance cookies and/or functional cookies, we would like to inform you that certain functionalities on our website are no longer available or are only available to a limited extent. 

6. Integration of further services

Name of the service Service provider Description of the service Legal basis Link to the privacy policy of the provider 
Vimeo Vimeo, Inc, 555 West 18th Street New York, New York 10011, USA Integration of video content on the website Article 6(1)(1)(f) GDPR  
YouTube Google Ireland Limited, Gordon House Barrow Street Dublin 4, D04E5W5, Irland Integration of video content on the website Article 6(1)(1)(f) GDPR 

7. Rights of the data subject

You have the right:

  • to demand information in accordance with Article 15 GDPR regarding the processing of your personal data by us. In particular, you may request information on the purposes of the processing, the categories of personal data, the categories of recipient to whom your data have been or are disclosed, the envisaged storage period, the existence of the right to rectification, erasure, restriction of processing or objection, the right to lodge a complaint, the source of your data to the extent that these were not collected at our site, and the existence of automated decision-making, including profiling and
    any meaningful information on its details; 

  • in accordance with Article 16 GDPR, obtain the rectification of any inaccurate personal data stored by us or completion of such data without undue delay; 

  • in accordance with Article 17 GDPR, obtain the erasure of your personal data stored by us, to the extent that processing is not required for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims; 

  • in accordance with Article 18 GDPR, obtain the restriction of processing of your personal data, to the extent that the accuracy of the data is contested by you, processing is unlawful, but you oppose erasure and we no longer need the personal data, but you still require them for the establishment, exercise or defence of legal claims or you have objected to processing pursuant to Article 21 GDPR; 

  • in accordance with Article 20 GDPR, demand to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to demand transmission to another controller; 

  • in accordance with Article 7(3) GDPR, to withdraw your consent once given to us towards us at any time. This has the consequence that we may no longer continue the data processing activities that were based on this consent in future and 

  • in accordance with Article 77 GDPR, lodge a complaint with a supervisory authority. Usually, you may contact the supervisory authority at your habitual residence or place of work or our registered office for this. 

8. Right to object

As far as your personal data are processed based on legitimate interests in accordance with Article 6(1)(1)(f) GDPR, you have the right to object to processing of your personal data in accordance with Article 21 GDPR, to the extent that there are grounds relating to your particular situation or the objection is targeted against direct marketing. In the latter case, you have a general right to object that will be implemented by us without any indication of a particular situation.

If you want to exercise your withdrawal right or right to object, simply send us an email to

9. Further information

In accordance with Article 13(2)(e) GDPR we would like to inform you about the following:

The provision of personal data is neither a statutory nor contractual requirement, nor a requirement necessary to enter into a contract. You are not obliged to provide the personal data. There are no consequences resulting from failure to provide such data.

In accordance with Article 13(2)(f) GDPR we would like to inform you about the following:

We do not process your personal data for the purpose of automated decision-making.

In accordance with Article 13(1)(f) GDPR we would like to inform you that we intend to transfer the personal data to a third country or an international organization. A transfer of personal data to a third country always takes place in accordance with Article 44 GDPR.

10. Data security

Within the website visit, we use the common SSL procedure (Secure Socket Layer) in conjunction with the respective highest encryption level your browser supports. This usually is 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit v3 technology instead. Whether an individual website of our internet offer is transmitted encrypted or not is evident by the closed display of the key or lock symbol in the lower status bar of your browser.

Apart from this, we use appropriate technical and organisational security measures in order to protect your data from accidental or wilful manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures will be improved continually according to the technological developments.

11. Topicality and changes of this data privacy statement

This data privacy statement is currently valid as of January 2021.
Further development of our website and offers through it or changed statutory or authority specifications may require changes to this data privacy statement. You may call and print the respective current data privacy statement at any time on the website.