GDPR Compliance
Effective date: 7 June 2026
Data Controller
Fynvro acts as a data processor. Your firm is the data controller.
Data Processing Agreement
Our DPA covers processing as defined by UK GDPR and the Data Protection Act 2018.
Data Storage
All data on EU-based servers (Supabase, Frankfurt). No transfer outside UK/EEA without safeguards.
Sub-Processors
Supabase (EU), Stripe (EU/USA), Resend (EU/USA). Each with DPA.
Data Breach Procedure
We notify affected firms within 72 hours with details and remediation steps.
Contact
GDPR queries: support@fynvro.com