Data protection information
Here you will find information about the handling of such data, which is due to you and processed by 2fink Consulting.
The goal is that you can read this data protection information as pleasantly as a cup of tea. Namely, clear. If something is still incomprehensible or you have questions, please feel free to contact us. 2fink Consulting is of course available without unnecessarily collecting data.
? Responsible & Contact
2fink Consulting
Nicole Fink
Upper Pfaffensteigstr. 19b
91126 Schwabach
Contact:
+49 (0) 151 5845 3180
info@2fink.com
Purposes for which personal data are processed and their legal basis
Operation & Provision of this website
| Visit this website | |
|---|---|
| What is processed? | IP address, browser?/OS?Info, referrer?URL, hostname, access time, amount of data transferred, HTTP?Status |
| Where did the data come from? | Automatically during the visit |
| Why? | Technical operation, ensuring system security, troubleshooting, protection against misuse and cyber attacks |
| legal | Legitimate interest in the technical provision and smooth operation of the website (entrepreneurial interest) ? Art.?6?Abs.?1?lit.?f GDPR |
| recipients | 1&1?IONOS?SE, Elgendorfer?Str.?57,?56410?Montabaur,?Germany |
| Third country?transmission? | No |
| Retention period | 7?days ? automated deletion |
| Use of automatic translations | |
|---|---|
| What is processed? | Two HTTP requests from your browser. The first request triggers the translation. The second request processes the following technical details: a generated ID to identify the request to the translation service, the source language of the page, the target language, the time when the translation request was sent and the translation was received, or, if applicable, failed, whether the translation was read from the browser memory or not, error messages (if applicable) and whether the page was reloaded after receiving the translation. Both the IP address and the source TCP port are transmitted to the European Commission's remote servers during the two HTTP requests. |
| Where did the data come from? | From you when you use the "Translate" icon in the upper right corner of your website to request online machine translation of certain pages. |
| Why? | Technical operation, ensuring system security, troubleshooting, protection against misuse and cyber attacks |
| legal | Legitimate interest in the technical provision and smooth operation of the website (entrepreneurial interest) ? Art.?6?Abs.?1?lit.?f GDPR |
| recipients | eTranslation, an online machine translation service provided by the European Commission |
| Third country?transmission? | No |
| Retention period | A copy of the translated content can be stored in the browser memory to be reused in the future for a similar request. This version is cached under a unique identifier, which is calculated based on the URL and language of the translated content. |
Contact requests by e-mail / telephone
| What is processed? | Email address, phone number, name, message, timestamp |
|---|---|
| Where did the data come from? | Directly indicated by you |
| Why? | Processing inquiries, customer service, establishing a business relationship |
| legal | Legitimate interest in business communication (entrepreneurial interest)?+?in case of pre-contractual enquiries Conclusion of contract? or pre-contractual measures ? Art.?6?Abs.?1?lit.?b/f GDPR |
| recipients | Internal processing + Proton AG, Route de la Galaise 32, 1228 Plan-les-Ouates, Geneva, Switzerland, represented in the EU by Proton Europe sàrl, rue de Grünewald 94, L-1912 Luxembourg (Email) (Processor) |
| Third country?transmission? | No |
| Retention period | 3?years for the documentation of the business relationship, otherwise deletion of the data after completion of the processing |
Email communication (internal & external)
| What is processed? | E?Mail?address, content, metadata of the e?Mail?communication |
|---|---|
| Where did the data come from? | Incoming and outgoing emails? |
| Why? | Secure business communication, customer support, contract processing |
| legal | Legitimate interest in secure communication (entrepreneurial interest)?+?Contract performance (pre-contractual measures, conclusion of contract, execution of contract) ? Art.?6?Abs.?1?lit.?b/f GDPR |
| recipients | Internal processing + Proton AG, Route de la Galaise 32, 1228 Plan-les-Ouates, Geneva, Switzerland, represented in the EU by Proton Europe sàrl, rue de Grünewald 94, L-1912 Luxembourg (Email) (Processor) |
| Third country?transmission? | No |
| Retention period | Corresponds to the respective transaction or purpose of the contract, maximum 10?years |
The e-mail _communication is particularly protected by end-to-end encryption, servers in Switzerland, Germany and Norway, and zero-access architecture, see also https://proton.me/de/mail/privacy-policy (external link)
Administration & Organization
| What is processed? | Business documents, customer documents, file metadata (file name, change history) |
|---|---|
| Where did the data come from? | Customers & internal creation |
| Why? | Secure storage, audit-proof documentation, traceability of processes |
| legal | Legitimate interest in safe storage and comprehensible documentation (entrepreneurial interest)?+?statutory retention obligations (e.g. GoBD) ? Art.?6?Abs.?1?lit.?c/f GDPR |
| recipients | Internal processing + IONOS?Managed?Nextcloud by IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany (cloud service) (processor) |
| Third country?transmission? | No |
| Retention period | Legal retention periods (up to?10?years), then deletion |
Documents that are particularly worthy of protection are first encrypted locally before they are uploaded to the Managed?Nextcloud.
Encryption of sensitive data
| What is processed? | Particularly confidential customer data, compliance?Documents |
|---|---|
| Where did the data come from? | Customer care & Consulting |
| Why? | Maximum protection of confidential information |
| legal | Legitimate interest in the protection of confidential data (entrepreneurial interest)?+?Contract performance (encryption obligation) ? Art.?6?Abs.?1?lit.?b/f GDPR |
| recipients | Local encryption (no third parties) |
| Third country?transmission? | No |
| Retention period | Conforms to the purpose of the order and legal requirements (up to?10?years) |
As a special protection measure, AES-256 encryption takes place before each storage/transmission. Keys are also managed locally.
Cookies & Tracking
Session cookies
Only session cookies required for WordPress session management are set. These are automatically deleted when the browser is closed.
tracking
No tracking cookies or other tracking technologies are used. There is no user tracking.
Profiling
No user profiles are created and no analysis or profiling activities are carried out.
User behaviour
There is no evaluation of user behavior.
Rights of data subjects
informations
You will receive detailed information about all personal data that 2fink Consulting stores about you.
rectification
Incorrect or incomplete data will be corrected immediately.
erasure
Also ‘right to be forgotten’. Your data will be deleted as long as there are no legal storage obligations to the contrary.
Restriction of processing
The processing will be paused as long as you have the accuracy or necessity of the data checked.
Data portability
You will receive your data in a structured, common format for sharing with third parties.
complaint
Possible with a supervisory authority, e.g. via the form under https://www.lda.bayern.de/de/beschwerde.html (external link) at the Bavarian State Office for Data Protection Supervision (BayLDA), Promenade 18, 91522 Ansbach
Withdrawal of consent
Consent can be revoked at any time for the future. Just send an e-mail to info@2fink.com. The revocation has no negative consequences.
Right to object
Objection to direct advertising
If 2fink Consulting processes your personal data for direct marketing purposes, you have the right to object to this processing at any time without giving reasons. The objection is free of charge and can be sent informally by e-mail to info@2fink.com take place. After receipt of your objection, your data will no longer be used for direct marketing.
Objection to processing based on legitimate interests
If 2fink Consulting processes your data on the basis of legitimate interests, you can also object to ? free of charge and informally at any time for reasons arising from your particular situation. info@2fink.com. The processing will then be discontinued, unless 2fink Consulting can demonstrate compelling legitimate grounds that outweigh your interests, rights and freedoms, or the processing is necessary for the establishment, exercise or defence of legal claims.
Contact for data protection enquiries
? E?mail: info@2fink.com
Status: March 2026
English (UK)