Services Subscribe About Glossary Book Free Session

Privacy Policy

Last Updated: 2025-11-13

Breytt ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website https://breytt.com or purchase our services (Audit, Training, Strategy, or Custom Builds).

We operate from Reykjavík, Iceland, and we process personal data in compliance with the General Data Protection Regulation (GDPR) and the Icelandic Data Protection Act (Lög um persónuvernd og vinnslu persónuupplýsinga).

1. Who is the Data Controller?

The entity responsible for your data is:

Breytt Reykjavík, Iceland
Email: info@breytt.com

2. Information We Collect

We collect information to provide our consulting services and process payments.

A. Personal Data You Provide

  • Identity Data: Name, Job Title, Company Name.
  • Contact Data: Email address, Phone number.
  • Transaction Data: Details about services purchased (e.g., "The AI Landscape Assessment").
  • Business Intelligence: During audits or strategy sessions, you may share internal operational data. We treat this as strictly confidential.

B. Payment Data

We use Stripe to process payments. We do not store your credit card details on our servers. All payment data is handled directly by Stripe in accordance with their privacy policy.

C. Technical Data

  • IP address, browser type, and device information (standard web analytics).

3. How We Use Your Information

We use your data to:

  1. Deliver Services: To conduct audits, run workshops, and deliver strategy reports.
  2. Process Payments: To execute billing via Stripe.
  3. Communication: To send deliverables, booking confirmations (via Calendly), and newsletters (The AI Radar) if you have subscribed.
  4. Legal Compliance: To comply with Icelandic tax laws and accounting regulations.

4. Data Sharing and Third Parties

We do not sell your data. We only share data with trusted processors required to run the business:

  • Payment Processing: Stripe.
  • Scheduling: Calendly.
  • Communication/hosting: Google Workspace / Microsoft 365.
  • AI Vendors: If we use AI tools (like OpenAI or Anthropic) to process your public data for a demo, we do so in accordance with their Enterprise privacy standards (data is not used to train models). Note: We will never input your sensitive proprietary data into public AI models without your explicit consent.

5. International Data Transfers

As we are based in Iceland (EEA), your data is protected by GDPR. If we transfer data to service providers in the USA (e.g., Stripe, Google), we ensure standard contractual clauses (SCCs) or Data Privacy Framework mechanisms are in place to ensure security.

6. Your Rights (GDPR)

Under GDPR, you have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request that we fix incorrect data.
  • Erasure: Request that we delete your data ("Right to be forgotten"), subject to our legal obligation to keep tax records.
  • Withdraw Consent: Unsubscribe from our newsletters at any time.

To exercise these rights, email info@breytt.com.

7. Data Security

We use enterprise-grade security measures (2FA, encryption at rest, and secure access controls) to protect your data. However, no transmission over the internet is 100% secure.

8. Contact Us

If you have questions about this policy or our data practices, please contact: info@breytt.com