Note:
The information in this article pertains to the data processing activities we conduct as a processor in providing our contract management software to our customers. Information on data processing activities for which we are responsible can be found in our privacy policy.
fynk adheres to all relevant data protection regulations, particularly the requirements of the EU General Data Protection Regulation (GDPR), ensuring the highest standards of data protection and security. We see it as one of our primary duties to ensure the security and confidentiality of your data.
In this article, we would like to disclose where your data is processed and stored within fynk and under what circumstances data transfers outside the European Economic Area (EEA) may occur.
Processing Locations at fynk
Primarily, we use data centers within the EEA, including Germany and Sweden, for the operation of our infrastructure. In accordance with Article 28 GDPR, we have concluded Data Processing Agreements (DPAs) with all our subprocessors. The permanent storage of contract content is exclusively in our database located in Amazon Web Services (AWS) data centers in Germany. All other data processing generally takes place at the aforementioned locations. Additionally, we store encrypted backups at other locations within the EEA, which we do not disclose for security reasons.
For support and troubleshooting purposes, our employees at our office in Vienna, Austria, may have access to our systems, subject to all necessary technical and organizational measures.
Details on International Data Transfers
Since we utilize the most modern technologies and tools for our contract management software, we are sometimes subject to rate-limiting and availability issues that make international data transfers and the use of subprocessors from third countries necessary. This particularly includes the USA, but is limited to a few specific processing situations:
For customer support, usage analysis, user experience optimization, and automated error detection and logging, we partially use tools from U.S. providers. All customer data processing and storage occur exclusively within the EEA. However, in rare cases, it cannot be ruled out that data may be transferred to the USA as part of support inquiries or error handling, or due to temporary server issues.
For hosting our website (not the fynk web application), we use Cloudflare. This is a content delivery network and load balancing tool that allows us to host our website with high availability and mitigate potential denial-of-service attacks effectively. In this context, visiting our website may involve the transfer of browser data (IP address, user agent, etc.) to the USA. This exclusively pertains to the fynk website where information about our product is provided, not our contract management software at app.fynk.com.
All international data transfers are conducted in compliance with all relevant data protection regulations. Transfers occur only when a valid transfer instrument under Articles 44 ff. GDPR exists. Further details can be found in our data protection agreement.
π‘Note: Starting March 11, 2026, we will only use European server locations to provide AI functionalities. This means that no data will be transferred outside the EEA.
Subprocessors
Regardless of processing location, here is a list of all subprocessors we use to provide our services:
Contact
If you have questions about the changes or about information security and data protection at fynk, please feel free to contact our compliance team at [email protected] or our external data protection and information security officer at [email protected]. We are happy to help and find a solution together.