# Fink Labs

Secure AI automation for modern workflows.

Fink Labs builds automation that removes busywork and makes workflows more reliable. Security is part of every workflow: access, data handling, and audit trails are defined before anything runs.

## Home

### Hero

Intelligent automation for modern workflows.

Security is part of every workflow: access, data handling, and audit trails are defined before anything runs.

### Process

1. Understand the process.
   We clarify which tasks repeat, which data is needed, and where mistakes usually happen.
2. Build the workflow.
   The rules become a workflow that connects to the systems your team already uses.
3. Put it to work.
   We test, hand over, and adjust the workflow until it runs reliably in daily work.

### Live Task Flow

Customer tasks handled automatically.

Requests come in, the right workflow starts, and the task moves forward without manual handoffs.

Example workflow tasks:

- Invoice copy request
- CRM contact address update
- Shipping status follow-up
- Intake meeting reschedule
- Payment reminder
- Contract handover note
- Onboarding checklist
- Support priority validation

### Savings Calculator

The savings calculator estimates potential time returned to a team when repetitive work can be reliably automated. The estimate depends on task duration, weekly task volume, process complexity, and the system landscape.

### Technical Capabilities

- Accelerated implementation: automate administrative and operational tasks quickly.
- Enterprise level: tested architectures for mission-critical business environments.
- Cost reduction: scale capacity without increasing headcount.
- Smart adapters: middleware connects with modern APIs and legacy databases.

### Security Controls

When automation touches business data, security has to be accounted for from the start. Access, storage, and audit trails are clearly defined.

- Encrypted data paths: transport and stored application data are protected through encrypted infrastructure.
- Role-based access: authenticated roles and admin-only routes limit who can reach sensitive actions.
- Audit logging: sensitive admin and workflow actions are recorded for traceability.
- Compliance alignment: controls are designed around GDPR, SOC 2, HIPAA, ISO 27001 and revDSG requirements.

## Security Page

### Security Center

Data privacy is non-negotiable. Systems are structured for European and Swiss privacy expectations, with deployment patterns designed around Swiss and EU infrastructure, access boundaries, encrypted storage, and documented processor controls.

### Infrastructure Principles

- EU/CH data residency: customer workloads can be scoped to Swiss and European infrastructure regions with documented processor and residency controls.
- Encryption in transit and at rest: application data is protected with encrypted transport and encrypted storage infrastructure.
- Role-based access control: sensitive routes require authenticated roles, and admin actions are recorded for auditability.

### Compliance Position

- SOC 2 Type II infrastructure: production backend workloads are hosted on cloud infrastructure audited under SOC 2 Type II controls.
- HIPAA / ISO 27001 control alignment: security controls are designed to support customer requirements commonly mapped to HIPAA and ISO 27001 frameworks.
- GDPR / revDSG data protection: data handling and residency are structured for Swiss and European privacy requirements.

Fink Labs is not currently SOC 2 certified. Treat SOC 2 references as infrastructure and control alignment unless a certification is explicitly stated.

### Subprocessors

- Amazon Web Services (AWS): backend hosting and core infrastructure operations.
- Amazon Bedrock via AWS: AI inference for approved model workloads in Switzerland and EU regions.

### Security FAQ

#### Where is your backend hosted?

The backend is designed to run on hardened Swiss infrastructure, with controlled network access, encrypted storage, and restricted administrative access.

#### Where can AI data processing take place?

Approved AI workloads are designed to stay in Switzerland or the European Union. Zurich and Frankfurt regions are prioritized when available.

#### Are you SOC 2 compliant?

Fink Labs is not currently SOC 2 certified. Backend workloads are hosted on SOC 2 Type II-audited infrastructure, and internal controls are SOC 2-aligned.

#### Which security standards and regulations do you support?

Infrastructure and policies are designed around SOC 2, HIPAA, ISO 27001, revDSG, and GDPR requirements, with control monitoring and regular security reviews.

#### How is customer data protected in transit and at rest?

Customer data is protected with encrypted transport, encrypted storage infrastructure, role-based access control, and audit logging for confidentiality, integrity, and traceability.

#### Do you provide security documentation for procurement and legal review?

Documentation such as compliance evidence, a subprocessor overview, and contractual security terms can be provided as part of due diligence and onboarding.

## German Summary

Fink Labs baut sichere KI-Automatisierung fuer moderne Workflows. Wiederkehrende Aufgaben werden analysiert, in verlaessliche Workflows ueberfuehrt und mit klaren Zugriffs-, Daten- und Audit-Kontrollen betrieben.

Sicherheit wird von Anfang an beruecksichtigt: verschluesselte Datenwege, rollenbasierter Zugriff, Audit-Logging und Compliance-Ausrichtung an DSGVO, SOC 2, HIPAA, ISO 27001 und revDSG.