Privacy FAQ


If you’re a customer and you would like to learn more about privacy at Frontify, this section is for you!

Here you’ll find the most common questions regarding privacy, security, and compliance at Frontify. Just read through to get a better understanding about how we handle privacy and ensure compliance with the law any time we process personal data.

In case you need more details, don’t forget to check our DPA, Privacy Policy, Cookie Policy, and the Security Controls.

1. Privacy

  • 1.1 Does Frontify process personal data of its customers?

  • 1.2 Which categories of personal data does Frontify process?

  • 1.3 Does Frontify process any sensitive data?

  • 1.4 For which purposes does Frontify process personal data?

  • 1.5 Where does Frontify store personal data?

  • 1.6 What is the nature of the processing activities performed by Frontify?

  • 1.7 Does Frontify sell personal data to third parties?

  • 1.8 Does Frontify perform international transfers of data?

  • 1.9 How does Frontify manage data subjects' access requests?

  • 1.10 Does Frontify engage sub-processors?

  • 1.11 What happens to the personal data after the termination of the main agreement?

2. Compliance

  • 2.1 How does Frontify ensure compliance with the EU GDPR and the requirements of the Schrems II decision?

  • 2.2 How does Frontify ensure compliance with the UK Data Protection Act and the UK-GDPR in relation to data transfers to third countries?

  • 2.3 How does Frontify ensure compliance with the Swiss FADP in relation to data transfer to sub-processors located in third countries?

  • 2.4 Is Frontify or any of its sub-processors subject to Section 702 of the Foreign Intelligence Surveillance Act ("FISA 702") and/or Executive Order 12333 ("EO 12333")?

  • 2.5 Can customers download and sign the Frontify Data Processing Agreement? And are the Standard Contractual Clauses part of Frontify’s DPA?

3. Security

  • 3.1 Does Frontify hold any security certifications?

  • 3.2 Which Technical and Organizational Measures (TOMs) has Frontify implemented?

  • 3.3 Does Frontify encrypt customer data?

  • 3.4 Does Frontify pseudonymize or anonymize customer data?

  • 3.5 Does Frontify create a backup of the customer data?

  • 3.6 How does Frontify handle security incidents?

  • 3.7 Who will get access to personal data during the term of the contract?

  • 3.8 How does Frontify ensure that its employees know the legal and contractual obligations regarding data protection?

  • 3.9 Does Frontify have a dedicated email contact for all questions regarding privacy?