Breyta operates with strict adherence to all GDPR requirements, maintaining all conditions when it comes to data protection, privacy, and the transfer of personal data. Breyta's Data Protection Officer can be reached at dpo@breyta.io.

SOC 2, or Service Organization Control, is an auditing process that ensures service providers securely manage data to protect the interests and privacy of their customers. We take the protection of our customers’ data very seriously, and that’s why we are working actively towards acquiring our SOC 2 certification in 2023.

ISO 27001 is an information security certificate, crucial for protecting essential client information and other private materials. It focuses on a process-based approach to operating and maintaining a strict ISMS. We are working towards acquiring this certification in 2023.

All confidential and proprietary data (including video files, customer and test participant data) is hosted through Google Cloud Platform (GCP), a SOC 2 and ISO 27017 certified hosting provider.

All data is encrypted at rest and in transit. Data is stored in encrypted form using 256-bit AES encryption. All communication to and from the data centers is encrypted using TLS 1.2 or greater.

Data Residency

Data is stored using GCP multi-region hosting, constrained to data centres in the European Union. Specifically, data may be stored in Finland, Poland, Spain, Belgium, Germany, Netherlands, Italy, and France. Data backups are stored in similar fashion.

Breyta offers a Data Processing Addendum that supplements the Customer Terms of Service or any main online subscription agreement. This addendum reflects our requirements as a processor of Customer Data.

View our Data Processing Addendum

Multi-factor authentication is available to users that use Sign in with Google.

All passwords in Breyta are required to be at least 6 characters long.

Owner and Data Controller

Breyta AS, Nadderudveien 145B, 1359, Eiksmarka

Contact us