brightfin Privacy Policy

Mobile Solutions Services Holdings, LLC dba brightfin (“brightfin”) is committed to protecting your privacy. We feel, it is important for you to know how we handle the information we receive from you in connection with our contractual relationship.

  1. Controller

Regarding the processing of your personal data as described in sec. 3 hereinafter, brightfin serves as “controller” in the sense of Art. 4 No. 7 GDPR. Our contact details are

8310 South Valley Highway, Suite 150

Englewood, CO 80112
United States of America
Phone:             +1 (801) 895-4180

You can contact our data protection officer by sending an email to

Representative designated by brightfin pursuant to Art. 27 GDPR:

MobiChord GmbH

Feringastrasse 6

85774 Munich Bayern


  1. Type and extent of data processing

If you enter into a business relationship with us, we collect personal data from you as follows:

  •       Name
  •       Email address
  •       Postal Address
  •       Telephone number
  •       Mobile phone number

We use these data for the following purposes:

  •       Identifying you as our contractual partner;
  •       Exercising our contractual rights and fulfilling our respective obligations;
  •       Correspondence with you;
  •       Invoicing our fees;
  •       Asserting possible claims in connection with our business relationship;
  •       Providing information about our products and services.

This data processing is based on a contract with you and is required for the mutual fulfillment of obligations under this contract. We are therefore obliged to process such data pursuant to Art.6 (1) lit. b GDPR.

The personal data collected by us for the conduct of the business relationship will be stored for the duration of contract and deleted 24 months thereafter, unless we are obliged by law (especially tax and commercial law) to store the data for a longer period, Art. 6 (1) lit. c GDPR or you have consented to a longer storage, Art. 6 (1) lit. a GDPR.

Furthermore, we will use your contact details (name, address, email address, telephone number, mobile phone number) to provide you with information regarding any goods distributed by us and any services rendered by us or one of our subsidiaries. If required by the applicable law, we will ask for your consent before sending you such information. In this case we are entitled to use your data for this purpose according to Art. 6 (1) lit. a GDPR. If we are allowed to provide you with information without your prior consent, the basis is Art. 6 (1) lit. f GDPR due to our legitimate interest to promote our goods and services to our customers. We will delete this data if you revoke your consent or if the legal basis for providing you with information without your consent ceases to be fulfilled.

We will only process personal information in ways that are compatible with the purposes we collected it for, or for the purposes you later authorize.  Before we use your personal data for a materially different purpose, we will provide you with the opportunity to opt-out.

  1. Disclosure and onward transfer

As part of our contractual relationship it might be necessary to transfer and disclose personal data to the following categories of recipients who reasonably need to know such data for the purpose of the contract between us and you:

  •       Mobile network operators
  •       Accounts receivables
  •       Technology partners, in particular ServiceNow, Inc. and Amazon Web Services, Inc.

Full list of our current Data Sub-Processors can be found here:

  1. Disclosures for national security or law enforcement.

Under certain circumstances, we may be required to disclose your personal data in response to valid request by public authorities, including to meet national security or law enforcement requirements.    

  1. Obligation to provide data

There is no legal or contractual obligation for you to provide us with personal data. However, if you do not provide us with the data which is mandatory for the performance of our contractual services, this may result in us not being able to render our services.

  1. Your rights

In connection with the different types of processing, you have a number of rights described hereinafter. These rights can be exercised free of charge. However, where requests from a data subject are evidently unfounded or excessive, in particular because of their repetitive character, we may either

  •       charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested; or
  •       refuse to act on the request.
  1. Withdrawal of consent

You have the right to withdraw your consent to processing your personal data for the future at any time. The withdrawal will not affect the lawfulness of processing based on consent before your withdrawal (Art. 7 (3) GDPR).

  1. Right of confirmation and right of access

You have the right to obtain from us the confirmation as to whether or not personal data concerning you is being processed, and, where this is the case, access to the personal data and additional information under the conditions of Art. 15 GDPR.

  1. Rectification and erasure

You have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning you and the right to have incomplete personal data completed (Art. 16 GDPR). Further you have the right to obtain from the controller the erasure of personal data concerning you under the conditions of Art. 17 GDPR.

  1. Right to restriction of processing

You have the right to obtain from the controller restriction of processing under the conditions of Art. 18 GDPR.

  1. Right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on point (e) or (f) of Art. 6 (1) GDPR, including profiling based on those provisions. In this case, we will no longer process your personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

  1. Right to data portability

You have the right, to receive your personal data which you have provided to us in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance from us under the conditions of Art. 20 GDPR.

This right, however, shall not adversely affect the rights and freedoms of others.

  1. Lodge of a complaint

If you believe that we are failing to properly comply with privacy obligations, you may lodge a complaint with a Supervisory Authority.

Version: November 2022