Privacy policy

1. General notes and mandatory information

The operators of this website take the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with the statutory data protection regulations.

If you use this website, various pieces of personal data might be collected. Personal information is any data with which you could be personally identified. This privacy policy explains what information we collect and what we use it for. It also explains how and for what purpose this happens.

Please note that data transmitted via the internet (e.g., via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.

a) Notice concerning the party responsible for this website

The party responsible for processing data on this website is:

Brighter AI Technologies GmbH

Litfaß-Platz 2, 10178 Berlin, Germany
Email: hello@brighter.ai
Web: www.brighter.ai

The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).

b) Purpose of the processing of personal data

We process your personal data as a user of this website only to the extent necessary to provide a functional website as well as our contents and services. Your personal data will only be processed with your consent for the specific purpose, unless data processing is permitted by law without prior consent. The purposes of the processing are as follows:

  • Provision of our public website https://brighter.ai/, its functions and content
  • Provision of the customer Portal and its online software services, its functions and content
  • Conduction of payments with Stripe, Inc., 510 Townsend Street, San Francisco, CA 94103, USA; Website:  https://stripe.com/de/privacy
  • Answering contact requests and communication with users
  • Communication with customers via our Portal
  • Security measures
  • Reach measuring/marketing.

Insofar as we obtain your consent for the processing of personal data, e.g., for the use of analysis tools, Art. 6 para. 1a) GDPR serves as the legal basis. If the processing of your data is necessary for the performance of a contract to which you are a party, e.g., if you decide to subscribe to our software services via our Portal, Art.6 para.1 b) GDPR serves as the legal basis. This also applies to processing operations which are necessary to carry out pre-contractual measures. If processing of your personal data is necessary to fulfil a legal obligation to which we are subject, Art.6 para.1c) GDPR serves as the legal basis. If the processing is necessary to safeguard a legitimate interest of our company or of a third party and if your interests, fundamental rights and freedoms do not outweigh the former interest, Art.6 para.1f) GDPR serves as the legal basis for the processing.

d) Data erasure and storage duration

Your personal data will be deleted or blocked as soon as the purpose for which it was stored no longer applies. Storage may also take place if this is provided for by law or other legal provisions binding on us. A blockage or deletion of the data is also carried out when a storage period prescribed by the aforementioned legal provisions expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.

e) Rules on the provision of the data and consequences of non-provision

The provision of your personal data for the use of our public website is not required by law or contract and is not necessary for the conclusion of a contract. You are not obliged to provide us with your personal data. However, if you do not consent to the processing of your data for certain purposes, e.g., by setting certain cookies, you may not be able to use all the functions of this website.

If you wish to use our Portal and subscribe to our software services, we need some information from you to know who our contractual partner is and also for payment purposes.

f) Automated decision making

An automated decision making process does not take place in connection with your use of the website.

g) Your rights as a data subject

Revocation of your consent to data processing

You can revoke a previously granted consent at any time. For this purpose, an informal notification by email to us is sufficient. The legality of the data processing that took place up to the revocation remains unaffected by the revocation.

Right to file complaints with regulatory authorities

If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered. A list of data protection officers and their contact details can be found at the following link:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data portability

You have the right to have your personal data processed by us delivered to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another person responsible, this will only be done to the extent that it is technically feasible.

Information, blocking, deletion

Within the framework of the applicable legal provisions, you have the right to obtain information free of charge at any time about your stored personal data, its origin and recipients and the purpose of the data processing and, if applicable, a right to correct, block or delete this data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time by using the contact details given in sections 1a or 2.

Right of objection (Art. 21 GDPR)

You also have the right to object to the processing of your personal data under certain conditions. The right of objection may arise from your particular situation to object at any time to the processing of personal data concerning you. This only applies if the processing is carried out on the basis of Art. 6 para. 1 e) or f) GDPR (safeguarding of public interests or protection of legitimate interests by the controller). We then no longer process the personal data unless we can prove compelling reasons for processing worthy of protection that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

In order to exercise this right of objection, you may also send us an informal message stating your intention, stating your e-mail address, via the contact options mentioned under 1a or 2.

2. Data protection officer

We have appointed a data protection officer for our company:

Dr. Volker Wodianka, LL.M. (IT&T)

Wodianka privacy legal GmbH
Dockenhudener Str. 12a, 22587 Hamburg, Germany
Email: volker.wodianka@privacy-legal.de
Phone:  +49 (0)40 2110786-0

3. Data collection

Contact form

If you send us enquiries via the contact form, your details from the enquiry form, including the contact data you provide there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We will not pass on this data without your consent.

The processing of the data entered in the contact form is, thus, exclusively based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. For this purpose, an informal notification by email to us is sufficient. The legality of the data processing operations carried out up to the time of revocation remains unaffected by the revocation.

The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent for storage, or the purpose for which the data was stored no longer applies (e.g., after your request has been processed). Mandatory legal provisions – in particular retention periods – remain unaffected.

Image and video upload

You can upload images or videos on our website for testing purposes or as a customer via our Portal to make them anonymous (redact faces and/or license plates). In this case, we process the personal data contained in the image or video only for the purpose of anonymizing faces or license plates and not for any other purpose. The original images and videos are deleted immediately after anonymization and are not processed for any other purpose. You have the possibility to delete anonymized images and videos yourself at any time. Otherwise we delete anonymized images and videos automatically after 24 hours. The legal basis for the processing is Art. 6 I b) GDPR.

Newsletter

On our website, you have the possibility to subscribe to our newsletter, which consists of emails that contain information such as company updates and general news about topics such as privacy technology and artificial intelligence research. For the newsletter, we use a double opt-in process to verify if you actually registered your email address to receive the newsletter by sending you a confirmation email, asking you to confirm your consent. You can withdraw your consent to brighter AI at any time without specifying reasons, by clicking the “unsubscribe” link included in each newsletter. We will then delete your email address from our distribution list. As an alternative, you can also unsubscribe from our newsletter at any time by sending an email to hello@brighter.ai.

Cookies

Cookies are small text files that are stored on your computer and saved by your browser. Cookies do not harm your computer and do not contain any viruses. Cookies can help make websites more user-friendly, efficient, and secure.

Most of the cookies we use are so-called “session cookies”. They are automatically deleted after your visit. Other cookies remain in your device’s memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.

Server log files

We automatically collect and store information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type, browser version and the name of your access provider
  • Operating system used
  • Referrer URL, name and URL of the trived file
  • Host name of the accessing computer
  • Date and time of the server request
  • IP address

This data will not be combined with data from other sources. The basis for data processing is Art. 6 (1) (f) GDPR, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar. If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

Payment

For conduction of credit card payments for our software services, we use the service provider Stripe. Stripe uses a cookie to remember who you are and to allow us to process payments, without storing credit card information on our own servers. If you choose a payment method offered via the payment service provider Stripe, the payment processing will be carried out via Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, to whom we will pass on your information provided during the ordering process together with information about your order (name, address, credit card number, invoice amount, currency and transaction number) in accordance with Art. 6 (1) (b) GDPR. Your data will only be passed on for the purpose of processing payments with Stripe Payments Europe Ltd. and only to the extent necessary for this purpose. You can find more information on the data protection of Stripe at the following Internet address: https://stripe.com/de/privacy

4. Analytics

a) Google Analytics

This website uses Google Analytics, a web analytics service operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.

Storing of Google Analytics cookies happens after explicit consent with the cookie notice, when visiting the website, based on von Art. 6 (1) lit. a GDPR.

IP anonymization

We have activated the IP anonymization feature on this website. Your IP address will be shortened by Google within the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases is the full IP address sent to a Google server in the United States and shortened there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and Internet usage for the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.

Browser Plugin

You can prevent these cookies being stored by selecting the appropriate settings in your browser, even after you consented to cookies in the frame of our cookie manager. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this website. You can also prevent the data generated by cookies about your use of the website (incl. your IP address) from being passed to Google, and the processing of this data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

Objecting to the collection of data

You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site: Disable Google Analytics.

For more information about how Google Analytics handles user data, see Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=en.

b) Hotjar

We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users’ experience (e.g., how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices, based on your consent, Article 6 (1) lit. a GDPR. This includes a device’s IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf. As a user of a website that is using Hotjar you have the right to view and delete information collected about you. More information about Hotjar’s User Lookup feature can be found here.

For further details, please see the ‘about Hotjar’ section of Hotjar’s support site.

5. Customer Data Base

We store and use contact data and information received (such as business communication histories) from customers and interested parties for the purpose of processing or initiating the business relationship and brighter AI marketing or company updates through email. The processing is based on Art. 6 (1) lit. b GDPR.

As a customer database, we use ActiveCampaign CRM. The provider is ActiveCampaign, LLC Dublin, IE 160 Shelbourne Rd, Dublin, D04 E7K5, Suite 03-101, Dublin, Dublin, 2.
Further information on data protection under ActiveCampaign CRM can be found online at: https://www.activecampaign.com/legal.

For information about security features under ActiveCampaign CRM, please visit the following website online: https://www.activecampaign.com/legal/service-level-agreement.

6. Information disclosure 

The processing of your personal data by all our service providers is only carried out on the basis of a proper data processing agreement in accordance with Art. 28 GDPR. Your personal data will not be passed on to third parties.

7. Data transfer to recipients outside the EU

If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or the processing takes place in the context of the use of third-party services or the disclosure or transfer of data to other persons, entities or companies, this will only be done in accordance with the legal requirements.
Subject to your express consent or a contractually or legally required transfer, we process or have the data processed only in third countries with a recognized level of data protection, contractual obligations based on the standard contractual clauses of the EU Commission, in the presence of certifications or the existence of binding internal data protection regulations (Art. 44 to 49 GDPR).

The data collected by the products listed within the scope of this declaration from US providers or their affiliated companies, such as Google, may be stored and processed by them in the USA, among other places. We have no influence on the further data processing by the US service providers. For a data transfer to a third country, i.e. a country outside the EU or the EEA, appropriate guarantees for the protection of your personal data are generally required. After the European Court of Justice invalidated the Commission’s Implementing Decision (EU) 2016/1250 of July 12, 2016 on the adequacy of the protection provided by the EU-US Privacy Shield (“EU-US Privacy Shield”), the EU-US Privacy Shield can no longer be used as a guarantee for an adequate level of protection in the USA according to EU standards. Thus, there is currently no level of data protection in the U.S. equivalent to that in the EU within the meaning of Art. 45 GDPR, and we are also unable to provide appropriate safeguards under Art. 46 GDPR to compensate for this deficit. Thus, data transfer to the USA is only permissible here with your express consent pursuant to Art. 49 (1) a) GDPR, which can be granted by you with the cookie notice by selecting optional categories. Possible risks of this data transfer are that access by state authorities, such as security authorities and/or intelligence services, cannot be ruled out and your data could be processed by them, possibly without you being informed separately and without enforceable rights and effective legal remedies being available to you, for reasons of national security, law enforcement or for other purposes in the public interest of the USA.
Otherwise, we will only share your data with third parties if:

  1. you have expressly given your consent to this in accordance with Art. 6 para. 1 p. 1 a) GDPR,
  2. the disclosure according to Art. 6 para. 1 p. 1 f) GDPR is necessary for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
  3. there is a legal obligation for the disclosure according to Art. 6 para. 1 p. 1 c) GDPR or
  4. this is legally permissible and necessary for the processing of contractual relationships with you according to Art. 6 para. 1 p. 1 b) GDPR.
    The transfer to tax offices and social security institutions will only take place if there is a legal obligation to do so; the legal basis is Art. 6 para. 1 p. 1 c) GDPR. The transfer to service providers only takes place on the basis of a proper contract processing agreement in accordance with Art. 28 GDPR.

 8. Full list of every cookie involved in the users consent on brighter.ai.


Last update: September 17, 2021