Dealfront and Data Processing

The way Dealfront processes data is compliant with GDPR legislation.

Strong data protection commitments are a key part of the GDPR requirements. Our Data Processing Agreement shares our privacy commitments when we act as a data processor and sets out the terms for Dealfront and our customers to meet the GDPR requirements.

You can access the DPA here.

If you request to interact with our Dealfront entity in the USA, a DPA containing the European Standard Contractual Clauses in order to safeguard the transfer to the USA, applies. You can download this DPA + SCC here.

Dealfront and Privacy

These are the details of what information Dealfront collects about you, how we use it, and what are your rights and choices.

User Data

We collect information from our Service users and visitors to our website. The information is collected in order to provide the Service.

User-provided information

From users who sign-in to our Service we collect the following information:

Automatically collected information

If you are visiting our websites or accessing our applications, we collect the following information provided by your browser or mobile device:

Cookies and tracking

We use cookies on our websites and applications.

Cookies are small files that a site or its service provider transfers to your computer's hard drive through your Web browser (if you allow) that enables the site or service provider's systems to recognize your browser, capture and remember certain information. We use cookies to compile aggregate data about site and application traffic and interaction so that we can offer better experience and tools in the future. We may contract with third-party service providers to assist us in better understanding our site visitors. These service providers are not permitted to use the information collected on our behalf except to help us conduct and improve our business.

Cookies are also used to store current session/login information for the Service.

In the interests of transparency and fairness, we're keeping an up to date documentation of the cookies used on the website and Service. For the purposes of this documentation actual cookies, localStorage and session storage entities are treated the same. These details can be found here: https://dealfront.com/cookies-and-tracking/

Training and awareness

We are continually training all our employees in data protection awareness. Additionally, a select number of employees are CIPP/E trained and certified.

We process User Data only where:

Legal obligations

We may disclose personal data if we reasonably believe disclosure is in accordance with or required by any applicable law, regulation or legal process. Our dedicated legal team handles all such requests.

Enforcement of our rights, prevention of fraud, and safety

We also may disclose personal information in order to:

Change of ownership

We may disclose User Data to allow a change of ownership of Dealfront (including, but not limited to, an acquisition by or merger with another company) and related transfer of all such information to the new owner, in which case any information remains protected in accordance with our Privacy Notice .

We may engage third-party companies, service providers or business partners to process our data and to support our business. These include for example server and hosting providers, payment processors, customer service and management tools. We ensure that these third parties process your data with utmost care and in accordance with the privacy legislation.

We keep your data as long as you remain as a Dealfront User. You can request your user account to be removed by contacting our support at privacy@dealfront.com. After removal, your data is kept for 97 days in our system backups. For legal reasons we have to retain certain information for a longer period. This includes such information as billing and payments data.

If you no longer wish to receive our newsletter or other promotional messages, you can opt-out of receiving them by following the instructions included on such messages.

You can request a copy, correction or deletion of your personal data by emailing privacy@dealfront.com. We will respond to your request within 30 days.

You can object to our processing of your personal data at any time. If you are unsatisfied with the response you have the right to lodge a complaint with your supervisory authority.

EU General Data Protection Regulation (GDPR)

As an EU-based company with thousands of customers in the EU, we are committed to EU General Data Protection Regulation.

Data Protection Authority

German Government agency responsible for Dealfront (dbi B-W)

https://www.baden-wuerttemberg.datenschutz.de/

Data Protection Officer

You can reach our Group Data Protection Officer, Mr. Henri Markkanen, from the address dpo@dealfront.com

Privacy Center

More information about Dealfront’s privacy practices is available in the Privacy Center

Certifications

Dealfront Group is ISO 27001 and ISO 27701 certified. For more information, please download our comprehensive security kit containing the ISO certificate files, Dealfront Information Security Policy, bug bounty program overview and more detailed FAQ.

Cloud Security Alliance (CSA) STAR Level One

Dealfront has completed the industry standard CSA CAIQ questionnaire containing answers to 261 questions in total in the field of security and privacy. You can find our submission, including the questionnaire file over here.

Other resources

Our comprehensive legal kit is available over here.

Please feel free to contact us if you have questions regarding our privacy or practices. You can email us at privacy@dealfront.com

If you need a printed version of this information you can use the 'print' and 'save as PDF' option from your web browser.

--

RELATED