databryan Logo

Privacy Policy

1. Data Controller (Art. 4 No. 7 GDPR)

The data controller within the meaning of the GDPR is:

Bryan Tüscher, Sole Proprietor

In den Herrengärten 15 35510 Butzbach Germany

info@databryan.com

The controller is responsible only for the website & communication, not for customer data in projects.

2. Role Clarification (critical)

In the context of consulting and development projects, the provider processes personal data exclusively as a processor within the meaning of Art. 28 GDPR.
The respective customer always remains the controller.

3. Type of Processing

A) Website & Contact

Purpose: Contact, initiation of business
Data: Name, email, if applicable message
Legal basis: Art. 6 para. 1 lit. b GDPR (pre-contractual)

B) Projects

The processing of personal data in the context of customer projects is carried out exclusively at the instruction of the customer and in the customer's systems unless expressly agreed otherwise.

4. Hosting & Tools

The website is hosted on Vercel (functions region: fra1). Data storage is provided by Supabase (EU Central/Frankfurt). Transactional emails are sent via Resend.
Vercel Analytics is used only with your consent.

5. Third Country Transfer

Depending on provider configuration, personal data may be transferred to third countries (e.g., USA). Where required, we rely on appropriate safeguards such as EU Standard Contractual Clauses (SCCs).

6. Data Processing Agreement (DPA)

A data processing agreement pursuant to Art. 28 GDPR will be concluded with customers if required.

7. Technical & Organizational Measures (TOMs)

Appropriate technical and organizational measures are taken, in particular:

  • Access restrictions according to the principle of least privilege
  • Encryption of data transmissions
  • Separation of customer projects
  • no local storage of production data without approval

8. AI / LLM Usage

When AI/LLM features are used, processing is performed primarily via Microsoft Azure OpenAI (region GWC). Personal data is not used to train AI models.
Optional fallback to Google Vertex AI (europe-west3) and other providers only if explicitly enabled; anonymized or synthetic data is preferred, or explicit approval is required.

9. Data Subject Rights & Deletion

You have the right at any time to:

  • Information (Art. 15 GDPR)
  • Rectification (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Objection (Art. 21 GDPR)

Inquiries: info@databryan.com

Exercise Your GDPR Rights

Under GDPR (Art. 15 & 17), you have the right to access or delete your personal data. Submit your request below. We will send you a verification email first. After verification, we will process your request within 30 days.

You will receive a verification email first. After verification, we will process your request within 30 days. Export requests are delivered by email.

Last updated: February 8, 2026