Roles
For own website, contract, payment, support and security data, dynafis acts as controller. For invoice, client and receipt data that customers process in dynafis, dynafis usually acts as processor on customer instructions.
Subject matter and duration
The subject matter is the technical processing of finance, invoice, receipt, client, export, audit and usage data to provide the booked dynafis functions. Duration and deletion depend on the contract, statutory retention duties and agreed deletion periods.
Technical and organisational measures
dynafis protects customer data through tenant isolation, role-based access, authentication, transport encryption, logging, backup processes, access restrictions, secret protection and regular technical reviews. The measures are developed further according to risk.
Subprocessors
Subprocessors are used only for required infrastructure, support, payment, email, storage, OCR, monitoring or AI services and are contractually bound. Customers are informed of material changes where contractually provided and may object on legitimate data protection grounds.