Privacy Policy

CFRONT is strongly committed to preserving the privacy of our customers. This Privacy Policy lets you know about our policies for the collection and use of information about you.

Who we are

We are CFRONT Software Ltd. ("we", "us" or "our"), of 343 Ditchling Road, Brighton, East Sussex BN1 6JJ England.


This Policy explains the types of information that we may collect and hold, how that information is used and with whom the data is shared. It also sets out how you can contact us if you have any queries or concerns about this information.

We will not sell any of your personal information to third parties. We don't share your information with other companies without your prior permission or if outlined below and we will only send you marketing emails if you specifically give us your consent to do so.

To remain transparent we have also listed specific Privacy Notices at the bottom of this policy, they cover the following;

Using our website
Getting in touch with us directly

These are companies who work directly with us, under contract, to supply us and you with certain products, and we reference them in our Privacy Policy below.

Information we collect

We may collect information about you in several different ways including when you when you contact us, request a quotation, send us feedback and use our website.

Information that we gather about you may include your name, contact details [including email address, telephone number and postal address], information relating to the services you require. This information may also be shared with and/or used by certain other parties such as our Contractors as outlined below in our Privacy Notices.

Our website and services are not intended for children. We do not knowingly collect personal information from children. If you are a parent or legal guardian and think your child has given us information please can contact us so that we can review, and you may, subject to applicable law, request access to and deletion of that child’s personal data. Please note that we will ask you to prove your relationship to the child. A child is considered to be anyone under the age of 16.

Supplying us with other people’s data

If you supply us with information on a third party, such as your children, spouse, employees, etc. we will process it as described in this Privacy Policy and you confirm that the other person has agreed that you can:

Give consent on their behalf to the processing of their personal data
Receive and consent to data protection notices on their behalf
Give consent to the processing of their potentially sensitive personal data (e.g. their access requirements)
It is also of the utmost importance the person is able to understand what consent is and the reason their data is being passed to us for processing. Disclosure of phone numbers, addresses, age or other personally identifying information that may breach someone else’s privacy is prohibited.

Why we are processing your data

We may use the personal information you provide to us or which we collect for the following purposes:

  • Providing services to you and fulfilling those services
  • To contact you in connection with any services you requested
  • Operational reasons, like recording transactions and internal training
  • Improving our services and your experience
  • Providing customer service, such as responding to emails, contacting you with information updates or arranging call backs
  • Analysing customer feedback, to improve the service that we are offering
  • Tracking activity on our website so as to improve the user experience
  • Investigating complaints and carrying out internal investigations
  • To prevent or detect unlawful behaviour or to protect or enforce legal rights
  • Gathering information as part of investigations by regulatory bodies or in connection with legal proceedings or requests
  • In limited circumstances we may also use your information for other purposes where permitted by law

What we use to process your data

When we gather data from you via the methods listed above or if you make direct contact with us, we may use the following systems to process this information:

  • Our computer networks, email systems and internet facilities
  • Our telephones, voicemail and mobile phone records
  • Third party systems including Google Analytics
  • We, all our staff and any third parties hired to provide support services, will be required to observe our privacy standards and to allow us to audit them for compliance.

How long we keep your data for

We will retain your personal data as set out in the policy and as required by applicable law. We may also retain certain information in order to conduct audits; comply with our legal obligations (and to demonstrate compliance) and to resolve disputes. However, we will not retain your personal data for longer than reasonably necessary and when it is no longer necessary to retain your personal data we will delete or anonymise it.

Sharing your data

In general, we do not share or disclose information about you to third parties without your consent. However, there are exceptions:

We may use other third party service providers to provide certain data processing services for us (acting as our authorised data processors). For example, we may use the services of third parties to fulfil services.

When acting as our authorised data processors, our service providers are required to only process data in accordance with our instructions, in line with this Policy, and are subject to appropriate confidentiality and security obligations.

We may use and/or disclose to third parties information about you:

  • To government bodies and law enforcement agencies to prevent fraud, to comply with applicable laws, regulations and court orders and to comply with valid legal information requests from such bodies
  • To third parties (including professional advisors) to enforce or defend our legal rights or the terms and conditions of any of our websites, products or services

Keeping your data secure

The security of your data is of the utmost importance to us. While we can’t guarantee that unauthorised access will never occur, rest assured that we take great care in maintaining the security of your personal data to prevent unauthorised access to it, through the use of appropriate technology and internal procedures. We also limit access to your personal information to those who have a genuine business need to know it. Some of the technical and organisational measures we use to safeguard your personal data are:

  • Storing your personal data, in all forms, in a secure environment and putting in place physical, electronic, and procedural safeguards in line with industry standards
  • Employing SSL (secure sockets layer) encryption on our website
  • Training our staff on the importance of data protection and limiting access to the information we collect about you

We also have policies and procedures in place to deal with any suspected data breach so that we can act quickly to minimise any potential damage.

What we will do if there is an update to this Privacy Policy or our Privacy Notice(s)

From time to time we may change our privacy practices. We will notify you of any changes to this Policy as required by law. We will also post an updated copy on our website. It will have a different date and version number from the one set out at the bottom of this page. Please check our site periodically for updates.

Privacy Notice(s) - transparency of data protection

Being transparent and providing information to our customers about how we will use personal data is important to us. The following Privacy Notices detail how we collect data and what we will do with it, please ensure you have read our over-arching Privacy Policy above to ensure you understand all the ways in which we may use your data and how we keep it safe, the information below is not finite but designed to support you in understanding our practices.

Using our website

When using our website please ensure you are familiar with our Terms of Use and Cookies Policy which gives a full breakdown of what and how we collect information about you when you use our website.

What information is being collected: IP Address
Legal Basis for Processing: Explicit Consent
Who is collecting it: CFRONT.
How is it collected: via Google Analytics
Why is it being collected: to better understand the way our customers view and use our website, to prepare generic statistics
How will it be used: to improve the functionality and customer experience when using our website and to report generic statistics to internal departments
Who will it be shared with: generally this information is kept internal to us however, we may share the statistics with our website service partner.
How long we will keep it for: 38 months

Important: None of the above collect personal information about you and you are not identifiable via this data.

Getting in touch with us directly

When you get in touch with us for customer service assistance by any means of communication including written or via our website, telephone or email we may record all customer service communications and keep information about the particular communication, including your name, the product(s) you bought, the reason why you contacted us, and the advice we gave you so we can track the resolution of any customer service issues and for customer service training purposes.

What information is being collected: Name, Contact Details
Legal Basis for Processing: Explicit Consent
Who is collecting it: CFRONT
How is it collected: directly from the customer
Why is it being collected: to provide customer service assistance, such as responding to emails, contacting you with information updates or arranging call backs, and to improve our services and analyse feedback
How will it be used: customer service assistance, internal investigations, staff training, improving our policies and procedures, best practice, to compile KPIs, to report generic statistics
Who will it be shared with: this information is kept internal to us
How long we will keep it for: as long as reasonably required, following this time it will either be deleted or anonymised
Important: when using this information to report generic statistics, personal information about you will not be used and you are not identifiable via this data.

Your information rights

As a data controller we have a duty to inform you of not only why your personal information is being processed but what rights you have around your personal information too.

You have the right to:

  • Be informed of how your personal information is being used
  • Have access to information held about you, this is commonly known as a Subject Access Request (SAR)
  • Have your personal information deleted in certain circumstances
  • Have inaccuracies within your personal information corrected
  • Restrict processing of your personal information until inaccuracies are corrected or if there is a dispute around legal basis for processing the personal information
  • Object to processing of your personal information in certain circumstances
  • Have your personal data transferred to another provider
  • Be informed of where automated decision making (ADM) takes place and be given an option to opt out of ADM

Cookies Policy

This Cookies Policy relates to the use of cookies on any websites owned and/or operated CFRONT. By continuing to use this website you are accepting and consenting to our use of cookies in line with your browser cookie settings. You may, at any time, disable our cookies using your browser.

When we provide online services, we want to make them easy, useful and reliable. This sometimes involves placing small amounts of information on your device, for example, computer or mobile phone. These include small files known as "cookies". They cannot be used to identify you personally.

What is a Cookie and what are they used for?

A cookie is a small file made up of text that is downloaded and stored on your computer by your web browser whenever you visit a website containing cookies. Each time you then visit the website, your computer will send these cookies back to the website allowing it to recognise you and personalise your experience by, for example;

  • Enabling a service to recognise your device so you don't have to give the same information several times during one task
  • Recognising that you may already have been given a username and password so you don't need to do it for every web page requested
  • Measuring how many people are using services, so they can be made easier to use and to ensure there is enough capacity for a fast service
  • Analysing anonymised data to help us understand how people interact with us so we can make them better

Session Cookies

These are cookies which are created and stored while you are browsing. They are deleted from your device when you close your browser.

We use session cookies to monitor when you have viewed security or promotional information to prevent it from re-appearing multiple times during your visit. Our cookies do not store details such as your name, address, telephone number, payment information or anything else that makes you personally identifiable to us.

Cookie Name Expiration Time Description
cookiemsg Session Used to record when the user has seen and closed the cookie notification

Why use Cookies and can I remove them?

Cookies are used to enhance user experience but if at any time you wish to disable our cookies you can change your browser privacy settings. Most modern web browsers will allow you to:

  • Review all saved cookies
  • Block all cookies
  • Block all cookies from a particular site
  • Block all third-party cookies
  • Delete all cookies

Each browser is different, so you may need to refer to the 'Help' section of your browser to find out how to alter your cookie preferences.

Google Analytics

Google Analytics is a simple, easy-to-use tool that helps us measure how users interact with website content. As a user navigates between web pages, Google Analytics provides website owners JavaScript tags (libraries) to record information about the page a user has seen, for example the URL of the page. The Google Analytics JavaScript libraries use HTTP Cookies to "remember" what a user has done on previous pages / interactions with the website.

We use Google Analytics to understand how you use our website. Google Analytics stores information about:

  • The pages you visit
  • How long you spend on each page
  • How you got to the site
  • What you click on while you’re visiting the site

Important: Google Analytics does not collect any personal information about your website users. Read the Google Analytics privacy document for more details.

Google Analytics supports two JavaScript libraries (tags) for measuring website usage: analytics.js and ga.js. The following sections describe how each use cookies.

Cookie Name Expiration Time Description
_ga 2 years Used to distinguish users.
_gid 24 hours Used to distinguish users
_gat 1 minute Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_<property-id>.
Cookie Name Default Expiration Time Description


2 years from set/update Used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing __utma cookies exists. The cookie is updated every time data is sent to Google Analytics.
__utmb 30 mins from set/update Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookies exists. The cookie is updated every time data is sent to Google Analytics.
__utmc End of browser session Not used in ga.js. Set for interoperability with urchin.js. Historically, this cookie operated in conjunction with the __utmb cookie to determine whether the user was in a new session/visit.
__utmz 6 months from set/update Stores the traffic source or campaign that explains how the user reached your site. The cookie is created when the javascript library executes and is updated every time data is sent to Google Analytics.
__utmv 2 years from set/update Used to store visitor-level custom variable data. This cookie is created when a developer uses the  _setCustomVar method with a visitor level custom variable. This cookie was also used for the deprecated _setVar method. The cookie is updated every time data is sent to Google Analytics.

You can opt out of Google Analytics tracking by downloading their browser add-on.

Third Party Cookies

When you visit our websites you may notice some cookies that are not related to us. When you visit one of our pages containing embedded content, such as a video hosted on YouTube, you may be sent cookies from these third party websites. Information on how YouTube uses cookies can be found on the Google privacy pages.

Disclaimer: We have no control over the setting of these cookies set by third parties. If cookies concern you, it’s best to check the third-party websites for more information about their cookies and how to manage them.

To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, by visiting This link will take you to another website that is opened in a new window. 

Further information

If you would like to speak directly with Us regarding this Policy, our practices or have any questions or concerns please contact us on 01273 358273 or via our contact form

343 Ditchling Road

If you would like this notice in another format (for example, audio, large print, braille) please contact us using any of the methods above.

Last updated: 6 Dec 2018