Rotate Your Device

This site doesn't support landscape mode. Please rotate your phone to portrait.

Send is now live: multi-step LinkedIn + email outreach, built into the agent. Included on all paid plans.
email outreachBerlin AI startupssecurity complianceB2B lead generationOrigami

How to Email Berlin AI B2B SaaS Startups Focused on Security Compliance (2026)

A tactical step-by-step guide to building, refining, and sending email sequences to Berlin AI B2B SaaS startups focused on security compliance—with full copy templates you can steal.

Charlie Mallery
Charlie MalleryUpdated 12 min read

GTM @ Origami

Quick Answer
You built a list of Berlin AI B2B SaaS startups focused on security compliance using Origami. Now you want to send them an email campaign—and you don't need another tool. Origami has a built-in email sequencer, so you can find, enrich, qualify, and send multi-step sequences from one platform. Here's exactly how to run that campaign, including the exact 3-touch sequence you can copy-paste.

This is the companion post to our guide on how to build a list of Berlin AI B2B SaaS Startups Focused on Security Compliance. If you haven't read that, take 3 minutes and do it—then come back here. The rest of this guide assumes your prospect list is sitting in Origami ready to go.

Step 1 — Build the list in Origami (recap)

Even if you already did this, let's confirm the prompt you typed into Origami:

"Berlin AI B2B SaaS startups focused on security compliance"

That's it. No boolean operators, no LinkedIn sales navigator filters, no CSV dumps from Apollo. Origami's AI agent searched the live web, chained data sources, and returned a list of decision-makers with:

  • Full name and job title (typically CTO, CEO, Head of Security, or VP Engineering)
  • Verified email address (yes, verified—not guessed)
  • Company name, size, funding stage, and industry tags
  • Tools they use, recent news mentions, and signals like GDPR readiness or ISO 27001 certification

The free plan gives you 1,000 credits—enough to build and enrich a few hundred leads—without a credit card. If you're on a paid plan (from $29/month), you can build enterprise-ready lists in minutes. Either way, you have a list. Now let's make it worth emailing.

Step 2 — Refine and qualify the list

A list of 300 Berlin AI security compliance founders is useful. A list of 45 genuinely qualified ones is worth its weight in pipeline. Here's how to get from one to the other inside Origami.

Remove the obvious bad fits

Scroll through the results and look for:

  • Consultancies that happen to use AI but don't build a product—they're not SaaS
  • University spin-outs that are still a lab, not a commercial entity
  • Non-Berlin addresses (yes, sometimes the AI grabs a remote company with a minor Berlin presence)

Kick those out with one click. Origami lets you delete or archive leads inline, so your list shrinks to real operators.

Segment by role and company stage

For a security compliance campaign, you care about two types of people:

  1. The internal champion — usually the CTO, Head of Security, or a senior compliance officer. This is the person who loses sleep over SOC 2, ISO 27001, EU AI Act, and customer security questionnaires. They might not control budget, but they will open your email.
  2. The economic buyer — CEO or COO of a sub-30-employee AI startup. At this stage in Berlin, the CEO often still reads cold emails and takes meetings when the problem is urgent.

Use Origami's filters to create a "Compliance Champion" segment (title contains CTO, Security, Compliance, Risk, DPO) and a "CEO/Co-founder" segment. Then layer on a company size filter: 5–50 employees is the sweet spot. Pre-seed and seed-stage Berlin AI startups rarely have a full-time compliance person; the CTO wears that hat. Series A and beyond might have a dedicated Head of Security—email them directly.

What “qualified” looks like

A qualified lead in this audience:

  • Works at a Berlin-based AI B2B SaaS company
  • Has a product that processes or touches customer data (most likely)
  • Is actively or imminently pursuing a security certification, or has recently lost a deal because they lacked one
  • Has signaled intent: recently posted about GDPR, ISO 27001, SOC 2, or BSITR-03125 on LinkedIn; the company hired a security person; or they raised a round where compliance was mentioned as a milestone

Origami surfaces some of these signals automatically. The rest you can verify manually with a 30-second LinkedIn glance. If a founder's last three posts are about AI art, they're not your target. If their last post asks "how do you actually get SOC 2 ready in 90 days?", move them to the top of the list.

Now you have a segmented, qualified list of 40–80 people who will actually care about your message.

Step 3 — Create the email sequence

In Origami, you have two ways to build a sequence:

  1. Paste your own templates — Write your 3-touch sequence directly in the sequencer editor, set the delays between touches, and hit launch.
  2. Let the AI agent write it — Ask Origami to generate a personalized 3-day email sequence for all your leads automatically. The agent uses each lead's title, company, industry, and enrichment data, so every message feels custom even though you're sending 80 at once.

I recommend option 2 for scale, but I'll give you the exact copy to use as templates—whether you paste them in or feed them as inspiration to the agent.

The 3-touch email sequence for Berlin AI security compliance startups

The psychology: these founders and CTOs are drowning in compliance noise. They get 10 emails a day from consultants and "automated compliance" startups. Your sequence must prove you understand their world in the first sentence. Berlin-specific language helps. GDPR is called DSGVO here. BSI and TISAX matter for government or automotive adjacent startups. EU AI Act is top of mind in 2026. Use that. Keep every email under 100 words. No fluff.

Touch 1 (Day 1) — Cold email
Subject: Quick question about [Company Name] and EU AI Act readiness
Preview: Saw [Company Name] is building AI in Berlin—curious how you're handling upcoming AI Act compliance obligations.

Hi [First Name],

Saw [Company Name] is building AI B2B SaaS out of Berlin. Given the upcoming EU AI Act enforcement deadlines, are you already mapping out compliance for your models?

We help Berlin AI startups like yours go from zero to SOC 2 / ISO 27001 ready in 90 days—without hiring a full-time compliance team.

Worth a 15-minute chat to see if it fits?

[Your Name]

Touch 2 (Day 3) — Follow-up with a different angle
Subject: DSGVO & customer security questionnaires
Preview: The real reason Berlin startups lose enterprise deals—and how to fix it.

Hi [First Name],

I'll keep this short. One thing we hear from Berlin AI founders: they're losing enterprise pilots not because the AI doesn't work, but because the customer's security review stalls at "do you have ISO 27001?"

We've built a lightweight compliance framework specifically for AI SaaS. It answers the 20 most common security questions buyers ask—in German and English.

Still worth that quick call?

[Your Name]

Touch 3 (Day 7) — Breakup email
Subject: Closing the loop, [First Name] Preview: Let me know if compliance isn't a priority right now—I'll stop reaching out.

Hi [First Name],

Tried you a couple of times—maybe this isn't a priority right now.

If it is, and you just need a fast track to ISO 27001 or SOC 2 without the heavy consulting price tag, reply "ready" and I'll send over our one-pager.

Otherwise, I'll stop emailing. No hard feelings.

[Your Name]

Those three messages work because they mention specific triggers the Berlin audience cares about, use local context (DSGVO, German language support), and are short enough to read on a phone between U-Bahn stops. Each is under 80 words excluding the signature.

Adjust the company description to match whatever you actually sell. The important part: mention a concrete pain point (EU AI Act, security questionnaires, customer compliance stalls) and offer a specific outcome (90-day readiness, pre-built framework). Berlin founders hate vague. They respect efficient.

Step 4 — Send the sequence directly from Origami

Here's where Origami shines beyond any list-building tool. You don't export a CSV. You don't upload it to Mailshake, Smartlead, or Instantly. You don't patch together a Zapier webhook. The built-in email sequencer runs the entire campaign.

Launch the sequence

In the same dashboard where you built and refined your list, open the Sequencer tab. If you pasted your own templates, select the three emails you just wrote, set delays (Day 1, Day 3, Day 7 is a good starting point—or try Day 1, Day 4, Day 7 if you want a slightly longer pause). If you used the AI agent to write them, review the generated drafts once, make any tweaks, and then click Launch.

Origami sends each email individually, automatically populating [First Name], [Company Name], and any other variables from the enriched profile. It respects your configured sending schedule, ideal for Berlin business hours (10:00–16:00 CET).

Track opens, clicks, and replies in one place

After launch, you'll see the stats inline:

  • Opens & Clicks — Know who's reading (standard email tracking, but no separate tracking domain to configure).
  • Replies — When someone replies, they are automatically unenrolled from the sequence. This prevents the nightmare of sending a breakup email to someone who just booked a meeting.
  • Prospect Context — Click on any contact and you still see their full enriched profile (title, company, tools used, firmographics). You remember exactly why you reached out and can personalize your reply with zero context-switching.

What response rates to expect

For a well-refined list of 60 Berlin AI B2B SaaS compliance personas, expect:

  • Open rate: 35–50%. These aren't generic blast lists; you're emailing 50 people who genuinely match the profile. Berlin founders open cold email at higher rates than US counterparts when the subject line shows local awareness.
  • Reply rate: 8–15%. Of those, roughly half will be positive (call booked, "send me more info"), and half will be "not now". Negative replies are still a signal; mark them as unqualified and move on.
  • Meeting rate: 4–6% of total sent. That's 3 to 4 meetings from a list of 60. For a free sequencer and a low-credit cost to enrich leads, that's excellent ROI.

When to iterate

After 10 days, look at the data. If open rates are high but replies are low, your message angle is off. Berlin AI founders are interested (they open) but not compelled. Test a different pain point—maybe they care more about BSI guidelines than EU AI Act. If open rates are low, your subject lines don't hit. Test a more provocative line or one referencing a very specific Berlin event ("Heard you were at AI Campus Berlin last week...").

If your reply rate is fine but meetings don't show, your call-to-action is too big. Replace "chat" with "send you a one-pager" and see if that converts.

If nothing works after two iterations, go back to Step 2. Your list probably isn't as qualified as you thought. Dig into the profiles Origami enriched—are these people really in compliance-sensitive AI verticals, or are they building internal tools with no customer data exposure? The list quality always wins over clever subject lines.

Why this workflow beats the old way

The old way: Prospect on LinkedIn Sales Navigator → export to CSV → clean in Google Sheets → find emails with Hunter.io → verify with NeverBounce → upload to a separate cold email tool → realize your email tool doesn't have the same contact fields → scream.

The Origami way: One prompt to build a list. Refine with click filters. Launch a 3-touch sequence from the same screen. Track replies while seeing the original enrichment context. No syncing, no spreadsheets.

The email sequencer is included on all paid plans. You're not paying for the sending—only the credits to enrich leads. That means for $29/month, you can go from idea to live campaign in 20 minutes.

Next steps

You already know how to build the list. You now have the exact email sequence to run. The only thing left is to open Origami, paste your prompt, refine the list, load the sequence, and launch. If you're on the free plan, your 1,000 credits can generate a clean 50-person test campaign. See if it works—then scale. The Berlin AI security compliance niche is too tight to ignore, and the founders are actively looking for help before their next customer audit. Go get those meetings.

Frequently Asked Questions

Related Articles

How to Prospect MEP Contracting Companies in Dubai (2026 Guide)

Static databases won't find Dubai's MEP decision-makers. Learn how AI-powered live search builds verified lists of engineering and procurement contacts that Apollo and ZoomInfo miss.

How to Run a LinkedIn Outreach Campaign for Head of Ecommerce Leads (Without the Data Drudgery) – 2026

Step-by-step guide to running a 3-touch LinkedIn sequence for Heads of Ecommerce using Origami's built-in sequencer. Steal our copy, refine your list, and turn leads into meetings without exporting a CSV.

Find Accounting Firm Owners in Small US Cities (No Database Blind Spots, 2026)

Most databases miss small-town CPA firm owners. Learn why and how to find them with live web search, proven local directories, and AI prospecting that adapts to any firm size or geography.