Privacy Policy

1. Data Controller and Contact Information

The data controller responsible for your personal information is:

BERIAS LLC
255 Giralda Ave, 5th Floor
Coral Gables, FL 33134, United States

For any questions about this policy or our data practices, please contact us at hello@berias.com. As we are not required by law to have a formal Data Protection Officer (DPO), all inquiries can be directed to this email address.

2. Information We Collect, Purposes, and Legal Basis

We collect personal data to provide and improve our Services. The legal bases for processing under the General Data Protection Regulation (GDPR) are primarily Contractual Necessity, Legitimate Interest, and Consent.

A. Information You Provide Directly

• Contact and Professional Data: When you book a meeting or contact us, we collect your name, email, phone number, and company name. (Purpose: To schedule and conduct meetings, and communicate with you. Legal Basis: Contractual Necessity, Legitimate Interest).
• Client Operational Data: During the 30-Day Clarity Sprint, you may provide business-related documents and information for analysis. (Purpose: To deliver the consulting services. Legal Basis: Contractual Necessity).

Failure to provide this data may result in our inability to enter into a contract or deliver the Services.

B. Information We Collect Automatically

• Usage and Technical Data: When you visit our Website, we automatically collect your IP address, browser type, device information, pages visited, and usage patterns via cookies and similar technologies. (Purpose: To analyze website performance, improve user experience, and ensure security. Legal Basis: Legitimate Interest, Consent for non-essential cookies).

3. Use of Artificial Intelligence (AI)

For the 30-Day Clarity Sprint, we may use AI technology to analyze business-related content you provide. This processing is strictly limited to non-personal, operational data to identify process inefficiencies. No personal data is used for training AI models. This processing does not involve automated decision-making that produces legal or similarly significant effects on you.

4. Data Sharing and Recipients

We do not sell your personal data. The term "sell" has a specific meaning under laws like the CCPA, and our use of third-party analytics and advertising cookies may be considered a "sale" under such definitions. We share information with the following categories of recipients:

• Service Providers: Companies that provide services on our behalf, such as website hosting (Cloudflare), analytics (Google), CRM (HubSpot), scheduling (Calendly), and advertising (Meta/Facebook). These providers are contractually bound to protect your data.
• Legal Authorities: If required by law, subpoena, or to protect our legal rights.

For business clients in the EU, our data processing relationship is governed by a Data Processing Addendum (DPA) compliant with GDPR Article 28.

5. Data Retention Periods

We retain personal data for no longer than necessary for the purposes for which it was collected. The criteria used to determine our retention periods include:

• Client and Contractual Data: Retained for the duration of the business relationship plus a subsequent period of up to 10 years to comply with legal and tax obligations in the US and Germany.
• Website Analytics Data: Retained in a non-identifiable or aggregated form for up to 26 months.
• Contact and Inquiry Data: Retained for up to 2 years after our last communication to address any follow-up questions.

6. International Data Transfers

As a US-based company, your data is processed in the United States. If you are in the European Economic Area (EEA), we ensure that the transfer of your personal data is protected by appropriate safeguards, primarily through the use of Standard Contractual Clauses (SCCs) as approved by the European Commission, to ensure your data is treated with a level of protection equivalent to that under GDPR.

7. Your Data Protection Rights

Depending on your location, you have certain rights regarding your personal data:

A. Rights for Residents of the EEA (under GDPR)

• Right of Access: To request copies of your personal data.
• Right to Rectification: To request correction of inaccurate information.
• Right to Erasure ("Right to be Forgotten"): To request deletion of your data.
• Right to Restrict Processing: To request the limitation of our use of your data.
• Right to Data Portability: To receive your data in a structured, machine-readable format.
• Right to Object: To object to our processing of your data (e.g., for direct marketing).
• Right to Withdraw Consent: To withdraw your consent at any time where consent is the legal basis.

You also have the **right to lodge a complaint with a supervisory authority** in your country of residence. To exercise any of these rights, please contact us at hello@berias.com.

B. Notice for Residents of California

While our company does not currently meet the revenue or data processing thresholds that would subject us to the California Consumer Privacy Act (CCPA), we voluntarily extend the following rights. California's "Shine the Light" law permits users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes. To make such a request, please contact us at the email provided.

C. Notice for Residents of Florida

Our company does not currently meet the revenue or other applicability thresholds of the Florida Digital Bill of Rights (FDBR). Therefore, the specific obligations of the FDBR do not apply to our processing of your data at this time.

8. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal data, we will take steps to delete such information.

9. Updates to This Policy

We may update this Privacy Policy from time to time. The "Last Updated" date at the top of this policy indicates when it was last revised. We encourage you to review this policy periodically.