Privacy Policy
Brewr respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect and process your personal data when you visit our website and tells you about your privacy rights and how the law protects you.
1. Data Controller
The data controller responsible for your personal data is:
2. What Data We Collect
We collect the following types of personal data:
- Identity & Contact data — name and email address submitted through booking forms or contact inquiries
- Technical data — IP address, browser type, device type, and operating system (collected automatically by our hosting infrastructure and analytics tools)
- Usage data — pages visited, time on site, referral source (collected via analytics tools, only with your consent)
- Cookie data — see Section 5 below
We do not collect sensitive personal data (health, financial, biometric, etc.).
3. How We Use Your Data
- To respond to inquiries and schedule consultations
- To provide and improve our services
- To analyze website traffic and user behavior (only with consent)
- To comply with legal obligations
We do not sell, rent, or trade your personal data to third parties.
4. Legal Basis for Processing
- Consent (Art. 6(1)(a) GDPR) — analytics and advertising cookies (where applicable)
- Legitimate interests (Art. 6(1)(f) GDPR) — responding to inquiries, security
- Legal obligation (Art. 6(1)(c) GDPR) — where required by law
5. Cookies
We use the following types of cookies:
| Type | Purpose | Consent required |
|---|---|---|
| Strictly necessary | Booking form functionality (Cal.com) | No |
| Analytics | Google Analytics — traffic measurement | Yes |
| Marketing | Facebook Pixel — ad performance | Yes |
To withdraw cookie consent, open your browser's Privacy & Security settings, clear the cookie-consent entry, and reload the page — the consent banner will reappear. You may also contact us at hello@brewr.io and we will reset your preferences manually.
6. Third-Party Links
Our website may include links to third-party websites, plug-ins, and applications. Clicking those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.
7. Third-Party Services
We use the following third-party processors, each with their own privacy policies:
| Processor | Purpose | Privacy policy |
|---|---|---|
| Cal.com | Meeting scheduling (processes name, email) | cal.com/privacy |
| Google Analytics | Website analytics (with consent only) | policies.google.com |
| Meta (Facebook Pixel) | Advertising measurement (with consent only) | facebook.com/privacy |
8. International Data Transfers
Brewr is based in Hungary (EU). Some third-party service providers operate outside the European Economic Area, including in the United States. Where personal data is transferred outside the EEA, we ensure an adequate level of protection through one or more of the following safeguards:
- An adequacy decision by the European Commission for the destination country
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Certification under an approved framework (e.g. EU-US Data Privacy Framework)
For details on safeguards applied by our processors, refer to their respective privacy policies linked in Section 7.
9. Data Retention
We retain personal data only for as long as necessary:
- Enquiry and booking data — up to 2 years from last contact
- Analytics data — as per Google Analytics retention settings (default 14 months)
- Cookie consent records — 1 year
10. Your Rights (GDPR)
Under GDPR you have the right to:
- Access — request a copy of your personal data
- Rectification — correct inaccurate data
- Erasure — request deletion of your data (“right to be forgotten”)
- Restriction — limit how we process your data
- Portability — receive your data in a machine-readable format
- Object — opt out of processing based on legitimate interests
- Withdraw consent — at any time, without affecting prior processing
To exercise any of these rights, email hello@brewr.io. You will not have to pay a fee, though we may charge a reasonable fee or decline requests that are clearly unfounded, repetitive, or excessive.
We may need to verify your identity before fulfilling a request — a security measure to ensure personal data is not disclosed to someone without the right to receive it.
We aim to respond within 30 days. Complex or multiple requests may take longer; we will notify you if this is the case.
You also have the right to lodge a complaint with Nemzeti Adatvédelmi és Információszabadság Hatóság (NAIH) at www.naih.hu. We would appreciate the chance to address your concerns first — please contact us in the first instance.
11. Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. All data is transmitted over HTTPS. Access to personal data is limited to those with a business need to know, who process it only on our instructions and under a duty of confidentiality.
We have procedures in place to handle any suspected personal data breach and will notify you and the applicable supervisory authority where legally required to do so.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We encourage you to review it periodically. Continued use of the site after changes constitutes acceptance of the updated policy.
13. Contact
For any privacy-related questions or requests, contact us at hello@brewr.io.