Privacy Policy

Introduction – Scope

By accessing the website at https://www.bryj.ai (referred to below as the "Website") managed by Bryj Technologies Inc., Tax ID 46-3801746, whose registered office is at 171 Main Street #159, Los Altos, CA 94022, United States (referred to below as "Bryj") and using the services offered, the User acknowledges having read and understood this Privacy Policy, as well as the practices for obtaining consent, and collecting and processing the information set out in this document.

In general, you can visit our Website without having to send us any Data.

However, so that we can provide you with certain services, Bryj may ask you to provide certain Data.

This Privacy Policy applies to all processing of Data collected via our Website.

Personal Data – referred to below as "Data" or "Personal Data" – means any information relating to an identified or identifiable natural person – referred to below as the "Data Subject".

This Policy sets out the principles applicable to the protection of your Personal Data and is intended, among other things, to inform you of:

  • the Personal Data collected by Bryj and the reasons why;
  • how this Personal Data is used;
  • your rights in respect of your Personal Data.

Collection and Use of the Data collected

Only Data that is necessary for responding to a request to contact you or to demonstrate our products, registering for an event, subscribing to our newsletter or handling projects is collected by Bryj.

Lawful basis for our data processing

We process your data based on the lawful bases below:

– consent: where you explicitly give us permission to process your Data by ticking the box on the form next to this statement "I have read and accept the Privacy Policy. I consent to this form being sent to Bryj in order to be contacted.";

  • consent to (opt out from) receiving our newsletter;

– based on our legitimate interest or pre-contractual measures thereafter, if we have a pre-contractual or contractual relationship.

Purpose of the collection

Bryj collects and processes Data:

  • to send the newsletter where explicit consent has been given, until you object or unsubscribe;
  • to contact you following a request for a demonstration of our products, or a request to contact you, or to download Bryj editorial content;
  • for the registration and management of an event;
  • to target newsletters;
  • to manage the options of your subscription to our various publications;
  • to provide the requested contractual services;
  • as necessary, to offer additional or optional services until you object;
  • for recruitment purposes.

Categories of data collected

In respect of the personal information that you entrust to us, we refrain from any indirect collection, any improper use, and in general, any act liable to invade your privacy or harm your reputation.

Bryj thus ensures to only collect the Data strictly necessary for the stated purpose of the various processing implemented by the company. When requesting us to contact you, requesting a demonstration of our products, registering for an event or subscribing to our newsletter, the following data is collected for the purposes of the services provided by Bryj:

  • Surname and first name
  • Company
  • Position
  • Telephone no.
  • Email address

And, as applicable (optional):

  • Data relating to the matter to be dealt with
  • Postal address
  • History of business exchanges (date and record of phone calls, meetings, etc.)
  • For recruitment: CV and covering letter.

During exchanges concerning the company’s projects, various Personal Data may be collected with the data subjects’ prior and informed consent, for the sole purposes of handling the company’s projects.

Data retention period

In accordance with the legislation in force, Bryj will only keep the Personal Data for the duration necessary for its processing.

More specifically:

  • Concerning the processing and follow-up of applications, Bryj will delete applicants’ data within a maximum period of two years after the last contact, in accordance with the legislation in force.
  • Concerning the communication and management of contact requests, Bryj will delete the data of its contact persons within a maximum period of three years after the last contact, in accordance with the legislation in force.
  • The Personal Data of customers and prospective customers engaged with will be stored in an active database for a maximum of three years, after the end of the contractual relationship for customers, or from the last contact made by prospective customers, in accordance with the law.

Beyond this period, the Data may be anonymised and kept exclusively for statistical purposes and will not give rise to any exploitation of any kind whatsoever.

Categories of data recipients

The Data collected is for internal use within Bryj and is strictly limited to the most appropriate teams for processing the request made.

However, we may share the Data collected with our technical service providers to achieve the purposes set out above.

We strictly require our partners to always comply with applicable Data protection laws and to pay special attention to the confidentiality of such Data.

Therefore, in application of the regulations in force, any processor who may process personal data on behalf of Bryj shall in particular:

  • only process the data for the sole purpose(s) of the processing;
  • process the data according to Bryj’s instructions;
  • guarantee the confidentiality and security of the Data.

The recipients of your data are:

Internally:

  • our administrative staff and management
  • the persons in charge of the commercial follow-up with the contact person at your company
  • our subsidiary in Canada.

Externally:

  • companies hosting the Data:
  • Bluehost Services at 5335 Gate Pkwy, 2nd Floor, Jacksonville, FL 32256, United States
  • external consultants for invitations to events (subcontractors, consultants, technical service providers for the organisation of this event),
  • in the context of sending newsletters, consultants and technical service providers, for targeting and carrying out the mailings
    • HubSpot Inc. 25 First Street, Cambridge, MA 02141 United States – Tax ID 20-2632791.

Bryj may also disclose or transfer your personal data to third parties in the following specific circumstances:

  • as required by law, as part of legal proceedings, litigation and/or a request from the public authorities in your country of residence or other;
  • if disclosure is necessary for national security, law enforcement or another matter of public interest;
  • in the event of restructuring, a transfer or sale to, or merger with, the third party concerned.

Information on minors under 15

The website https://www.bryj.ai is primarily intended for companies, authorities, and journalists, to allow them to contact Bryj.

Bryj does not offer services through its Website for minors under 15 years and therefore does not intend to collect their personal data. In the event that a 15-year-old child sends personal data to Bryj, it will make every effort possible to delete the data transmitted.

Right of access, Rights to rectification, to erasure/to be forgotten, to restriction of processing, to object, and to data portability

You have a certain number of rights regarding your Data. These include a right of access, and rights to rectification, erasure, restriction of processing, object, and data portability. 

To find out more, please refer to the paragraph below that contains specific information about your rights under the General Data Protection Regulation.

Specific information about your rights under the General Data Protection Regulation (GDPR)

Identity of the Data Controller

Bryj and Follow-Apps, a French simplified joint stock company [Société par Actions Simplifiée] with capital of €4,870,910, entered in the Paris Trade and Companies Register under number 750 901 258, whose registered office is at 198 Avenue de France, 75013 Paris (referred to below as "Follow-Apps"), are jointly responsible for the processing (below referred to together as the "Data Controller").

You may contact the Data Controller with any question concerning your Data at dpo@bryj.ai.

Data processed as part of our Grow offer and/or services that we provide to our customers is processed by Follow Apps in its capacity as Processor, with Data hosted in Europe.

Appointment of a DPO to liaise with the CNIL

Follow Apps has appointed a Data Protection Officer to liaise with the CNIL [the French Data Protection Authority] under reference DPO-79567.

Their purpose is to strictly and independently ensure the application of the law governing the protection of personal data for our employees, customers, and applicants as well as for all our suppliers and partners involved in developing our solutions.

They ensure on an ongoing basis that every precaution has been taken to protect the physical and logical security of individuals’ data in order to prevent it being compromised, distorted or damaged.

Data Protection Officer

Ms Florence Ivanier, lawyer at the Paris Bar, and of the law firm Aurele IT,

6 Rue Jean de la Fontaine, 75016 Paris

dpo@bryj.ai

Transfer of data outside the European Union 

The following may access your data: 

  • the joint Data Controller, Bryj located in the USA; 
  • our subsidiary in Canada;
  • Bluehost Services at 5335 Gate Pkwy, 2nd Floor, Jacksonville, FL 32256, United States;
  • Hubspot Inc. at 25 First Street, Cambridge, MA 02141 United States. 

When we transfer your Data outside the European Union, we ensure that:

  • the Personal Data is transferred to countries recognised as providing an equivalent level of protection;
  • for Personal Data transferred outside the countries recognised by the CNIL as having a sufficient level of protection, one of the mechanisms is used to ensure appropriate safeguards as provided for by the applicable regulations, and in particular the adoption of standard contractual clauses as well as any additional measure provided for in the guidelines of the European Data Protection Board.

Reminder of your rights under the GDPR

Under the provisions of Article 12 of the GDPR you have the right to obtain clear, concise and transparent information from our company. The purpose of this document is primarily to meet the obligations referred to in Article 13.

Right to confirmation of any processing

  1. You have the right to obtain confirmation from the data controller as to whether or not your personal data is being processed.

(Article 15-1 of the GDPR)

Right of access, purposes, categories, recipients, duration

When your data is processed, you have a right of access to this personal data and the following information:

  1. a) the purposes of the processing (Article 15-1a of the GDPR);
  2. b) the categories of personal data concerned (Article 15-1b of the GDPR);
  3. c) the recipients or categories of recipients to whom the personal data has been or will be disclosed (Article 15-1c of the GDPR);
  4. d) where possible, the envisaged period during which the personal data will be stored, or the criteria used to determine that period (Article 15-1d of the GDPR).

Rectification, erasure-forgotten, restriction, objection, portability

You have the right to ask the data controller:

e1) to correct your personal data (Article 16 of the GDPR);

e2) to delete your personal data or you have the "right to be forgotten" (Article 17 of the GDPR).

You have the right to request the deletion of your data only for the reasons laid down in the applicable regulations and in particular when:

  • the Data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
  • you withdraw consent on which the processing is based and there is no other lawful basis for the processing;
  • you object to the processing and there is no overriding legitimate reason for the processing;
  • you consider that your data has been unlawfully processed;
  • your data has to be erased for compliance with a legal obligation;

e3) to restrict the processing of your personal data (Article 18 of the GDPR).

You have the right to require the data controller to restrict the use of your data solely for the reasons laid down by the applicable regulations and in particular when:

  • you dispute the accuracy of your Data;
  • you consider that the processing is unlawful, and you oppose the erasure of your data;
  • you still require the data to establish, exercise or defend legal claims even though Bryj no longer needs it;

e4) to object to the processing of your data (Article 21 of the GDPR) by withdrawing your consent, it being noted that this withdrawal will not affect the lawfulness of the processing based on the consent given before its withdrawal;

e5) to recover your data in a format easily readable by a machine to ensure its portability (Article 20 of the GDPR).

Complaint to the CNIL, origin of the data, automated decision-making

You also have the right:

  1. f) to lodge a complaint with a supervisory authority (Article 15-1f of the GDPR);
  2. g) where the personal data is not collected from you, to any available information as to its source (Article 15-1g of the GDPR);
  3. h) to verify the existence of automated decision-making, including profiling, and, in those cases, meaningful information about the underlying logic, as well as the significance and the expected consequences of such processing (Article 22 of the GDPR) (Article 15-1h of the GDPR).

Right to obtain a copy of your data

  1. You have the right, with proof of your identity, to obtain an electronic or paper copy of your personal data, processed in our company or by any of our processors, from the data controller (provided that this request does not adversely affect the rights and freedoms of others).

You can send any request to this effect to the Data Protection Officer referred to above.

(Article 15-3 & 4 of the GDPR)

Right to give instructions in case of death

  1. You also have the right to give us instructions on what to do with your data after your death.

Law No. 2016-1321 of 7 October 2016 for a Digital Republic)

Right to withdraw consent previously given for data collection

You have the right to withdraw your consent at any time.

The withdrawal of this consent does not affect the lawfulness of the consent-based processing prior to this withdrawal.

You must be informed of this right before giving your consent. It must be as simple for you to withdraw your consent as it is to give it to us.

(Article 7-3 of the GDPR)

Right to lodge a complaint with a supervisory authority

You have the right to lodge a complaint with a supervisory authority if you establish a breach of your data or if you consider that the processing of your personal data constitutes any violation of the regulation.

However, we suggest that you first contact the DPO referred to in point B above to request clarification.

You will find information on the procedure provided for by the CNIL via this link: https://www.cnil.fr/en/sanctions-procedure

Right to know the consequences of refusing to provide information

You are informed that under Article 32 of the French Data Protection Act, the information that you provide us with via the forms on the Website is necessary to meet your request. It is intended for the departments responsible for responding to your request for follow-up purposes.

You have the right to refuse to send us this information, but you are informed that in this case, Bryj may in turn refuse to respond to an incomplete request from you.

Right not to be the subject of automated decision-making

You have the right not to be the subject of a decision based solely on automated processing, including profiling, producing legal effects concerning you (Article 22-1).

Bryj does not carry out such data processing.

Right to require that your data be stored securely

Bryj ensures the security and durability of your Personal Data by implementing a series of physical and logical security measures for storing and safeguarding your data, to prevent it from being destroyed, corrupted, modified, misused or altered.

Exercise of rights

Under the amended French Data Protection Act of 6 January 1978, with proof of your identity, you have a right of access to and rights to the rectification or deletion of information about you. For legitimate reasons, you may also object to the processing of this data or request that it be portable.

To exercise your various rights, you must provide proof of your identity and optionally:

  • tell us why you want to exercise them;
  • precisely define the data you would like a copy of;
  • specify the data format you would like back.

For this purpose, please contact our DPO responsible for monitoring our compliance at dpo@Bryj.com

Partial objection (or a simple request to unsubscribe) is a right that you may exercise at any time when receiving mails, by using the link on each email that you receive from us; it is not necessary to contact the DPO for this.

Comprehensive information about all your rights

For more information about your rights, visit the CNIL website at: https://www.cnil.fr

You also have the right to refer the matter directly to the CNIL if you consider that your rights have been infringed, or that our company is not complying with its data protection obligations.

Measures taken to protect personal data

Bryj has taken steps to prevent any personal data breach, including:

  • Appointment of a Data Protection Officer at Bryj
  • Raising teams’ awareness about the protection of personal data
  • Audit and mapping of the processing of personal data carried out within the company and by its processors
  • Security audit of the information system
  • Implementation of a privacy policy

Data breaches

Should we become aware of any unlawful access to your personal data corresponding to processing for which we are responsible, we shall notify you of the incident as soon as possible if this is a legal requirement.

Governing law and jurisdiction

Our website and activity are governed by French law. In the event of a dispute resulting from your use of our websites or its activity, the French courts will have sole jurisdiction.

Changes to this Privacy Policy

Bryj reserves the right to make changes to this Privacy Policy at any time, for example to take into account new data collected, or changes to our processing or our purposes, but also to ensure our compliance in case of changes in certain laws and regulations, particularly with regard to the French Data Protection Act or the GDPR.

We encourage you to check this document regularly to keep up to date with any changes. However, in case of any major change to our privacy policy, you will be notified by email or when visiting the website.