Privacy Policy

Last updated on 18th February 2026

1. Who we are

Frond Signals is a brand of Hummus Sapiens Lda, incorporated in Portugal, with registered office at R. do Centro Cultural 45, 1700-111 Lisbon, Portugal.

We are the “controller” for personal data processed through our website and our commercial relationship with leads and clients (meaning we decide how and why your personal data is used).

Contact: signals@usefrond.com

2. What Frond does (and does not do)

Frond Signals provides a bespoke sales intelligence service for revenue teams. We monitor public market signals around a client’s priority accounts and competitive environment, then deliver short briefs: what changed, what it means, and what to do next.

We are not a marketplace, not a contact database, and not a data broker. We do not sell personal data.

Our product is the brief. We may use automation and machine learning (ML) internally, but we do not present Frond as an “AI tool”, and we avoid compiling or shipping personal profiles.

3. Personal data we collect

We collect only what we need to run the site, respond to requests, and deliver the service.

A) Information you provide

  • Website forms and enquiries: name, company, work email, phone number (if provided), and message content (for example via “Get a sample” / contact forms).
  • Newsletter or updates (if you subscribe): email address (and optionally name/company if you provide it).
  • Account-related data (if enabled): email and password, plus any information you submit via account pages.  
  • Client communications: emails, call notes, and information you share with us while evaluating or using Frond.

B) Information we collect automatically
When you browse the website, we may collect: IP address, device and browser information, pages viewed, approximate location (derived from IP), and general usage information.

C) Information we may process for the service
Clients may provide us with account lists (company names, domains, competitors) and context about their priorities. We primarily analyse company-level signals. Where personal data appears in sources (for example a named executive in a press release), it is incidental and handled with care.

4. How we use personal data and our lawful basis

Under the General Data Protection Regulation (GDPR), we must have a lawful basis for processing.

We use personal data for:

  • To respond to you and provide samples or demos (steps prior to a contract, or our legitimate interests).
  • To deliver the service to clients (performance of a contract).
  • To run, secure, and improve the website (legitimate interests).
  • To send updates or marketing only where permitted (consent where required, or legitimate interests where appropriate, with an easy opt-out).
  • To comply with legal obligations (for example accounting, tax, and responding to lawful requests).

5. Cookies and similar technologies

We use cookies and similar technologies to make the site work and to understand usage.

  • Essential cookies: required for basic site functionality and security.
  • Non-essential cookies (for example analytics): where required, we will ask for your consent before setting them.

If you do not want cookies, you can also control them via your browser settings. EU guidance makes clear that consent is required for many tracking technologies, not just traditional cookies.

6. Who we share personal data with

We do not sell personal data.

We may share personal data with trusted service providers who help us run the website and business (for example website hosting, form handling, email delivery, analytics, and security). We require appropriate contractual safeguards and limit them to processing data on our instructions.

We may also share information:

  • with professional advisers (legal, accounting) under confidentiality
  • if required by law, regulation, or lawful requests
  • in a business transfer (for example acquisition), with appropriate protections

7. International transfers

Some of our suppliers may process personal data outside the European Economic Area (EEA).

Where this happens, we rely on recognised safeguards such as the Standard Contractual Clauses (SCCs) approved by the European Commission, and other valid transfer mechanisms where applicable.

(For example, Webflow’s Data Processing Addendum includes EU SCCs and related transfer mechanisms.)

8. How long we keep personal data

We keep personal data only as long as necessary for the purposes above:

  • Enquiry and lead data: typically up to 24 months after last meaningful contact, unless you become a client sooner.
  • Client data: for the duration of the contract, then as needed for legitimate business purposes and legal obligations (for example accounting record-keeping).
  • Newsletter data: until you unsubscribe.

We may retain minimal records to show compliance, handle disputes, and meet legal requirements.

9. Security

We use appropriate technical and organisational measures to protect personal data, and we restrict access to those who need it. If we become aware of a personal data breach that triggers notification duties, we will notify the relevant authority and affected individuals as required.

10. Your rights

If the GDPR applies to you, you have rights including: access, rectification, erasure, restriction, portability, and objection. Where we rely on consent, you can withdraw it at any time.

You can exercise your rights by emailing signals@usefrond.com.

You also have the right to lodge a complaint with the Portuguese supervisory authority, the CNPD (Comissão Nacional de Proteção de Dados).

11. Children

Frond is intended for business users and is not directed at children. We do not knowingly collect personal data from children. (In Portugal, the age threshold for a child’s consent in certain online contexts is commonly treated as 13.)

12. Changes to this policy

We may update this policy from time to time. We will post the updated version on the website and update the “Last updated” date.