Dealfront and Data Processing
The way Dealfront processes data is compliant with GDPR legislation.
Strong data protection commitments are a key part of the GDPR requirements. Our Data Processing Agreement shares our privacy commitments when we act as a data processor and sets out the terms for Dealfront and our customers to meet the GDPR requirements.
You can access the DPA here.
If you request to interact with our Dealfront entity in the USA, a DPA containing the European Standard Contractual Clauses in order to safeguard the transfer to the USA, applies. You can download this DPA + SCC here.
Dealfront and Privacy
These are the details of what information Dealfront collects about you, how we use it, and what are your rights and choices.
We collect information from our Service users and visitors to our website. The information is collected in order to provide the Service.
From users who sign-in to our Service we collect the following information:
Automatically collected information
If you are visiting our websites or accessing our applications, we collect the following information provided by your browser or mobile device:
Time of visit
Time of last visit
Name of the owner of the IP address
Reverse domain of the IP address
Referring site, application, or service, including the relevant search queries that led you to Dealfront’s website
Operating system and device information
IP address (from users signing in to the service, for security purposes)
Cookies and tracking
Cookies are also used to store current session/login information for the Service.
In the interests of transparency and fairness, we're keeping an up to date documentation of the cookies used on the website and Service. For the purposes of this documentation actual cookies, localStorage and session storage entities are treated the same. These details can be found here: https://dealfront.com/cookies-and-tracking/
Training and awareness
We are continually training all our employees in data protection awareness. Additionally, a select number of employees are CIPP/E trained and certified.
We process User Data only where:
Processing User Data is necessary for providing the Service
Processing is necessary to comply with a legal obligation
Processing is in legitimate interests of Dealfront, but not in conflict with our users' rights
We may disclose personal data if we reasonably believe disclosure is in accordance with or required by any applicable law, regulation or legal process. Our dedicated legal team handles all such requests.
Enforcement of our rights, prevention of fraud, and safety
We also may disclose personal information in order to:
protect Dealfront from fraud, abuse or other criminal activity
protect Dealfront rights and property against third-party allegations and claims
enforce our contracts and policies
protect rights and safety of others
Change of ownership
We may disclose User Data to allow a change of ownership of Dealfront (including, but not limited to, an acquisition by or merger with another company) and related transfer of all such information to the new owner, in which case any information remains protected in accordance with our Privacy Notice .
Third-party service providers
We may engage third-party companies, service providers or business partners to process our data and to support our business. These include for example server and hosting providers, payment processors, customer service and management tools. We ensure that these third parties process your data with utmost care and in accordance with the privacy legislation.
We keep your data as long as you remain as a Dealfront User. You can request your user account to be removed by contacting our support at firstname.lastname@example.org. After removal, your data is kept for 97 days in our system backups. For legal reasons we have to retain certain information for a longer period. This includes such information as billing and payments data.
If you no longer wish to receive our newsletter or other promotional messages, you can opt-out of receiving them by following the instructions included on such messages.
You can request a copy, correction or deletion of your personal data by emailing email@example.com. We will respond to your request within 30 days.
You can object to our processing of your personal data at any time. If you are unsatisfied with the response you have the right to lodge a complaint with your supervisory authority.
EU General Data Protection Regulation (GDPR)
As an EU-based company with thousands of customers in the EU, we are committed to EU General Data Protection Regulation.
Data Protection Authority
German Government agency responsible for Dealfront (dbi B-W)
Data Protection Officer
You can reach our Group Data Protection Officer, Mr. Henri Markkanen, from the address firstname.lastname@example.org
More information about Dealfront’s privacy practices is available in the Privacy Center
Dealfront Group is ISO 27001 and ISO 27701 certified. For more information, please download our comprehensive security kit containing the ISO certificate files, Dealfront Information Security Policy, bug bounty program overview and more detailed FAQ.
Cloud Security Alliance (CSA) STAR Level One
Dealfront has completed the industry standard CSA CAIQ questionnaire containing answers to 261 questions in total in the field of security and privacy. You can find our submission, including the questionnaire file over here.
Our comprehensive legal kit is available over here.
Please feel free to contact us if you have questions regarding our privacy or practices. You can email us at email@example.com
If you need a printed version of this information you can use the 'print' and 'save as PDF' option from your web browser.