Pages

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from this space and version 6.5

...

Frosmo cooperates with the following GDPR-compliant platform hosting partners for back-end server hosting:

...

By default, the Frosmo JavaScript library files are delivered through Amazon CloudFront. For more information, see Amazon's service-level agreement and product documentation. Frosmo can also use other services based on customer requirements.

Frosmo follows the best practices for managing AWS access keys. All JavaScript updates are deployed through automated processes, with each process using its own specific key with limited access.

...

...

In addition, the Control Panel triggers a warning if an account is accessed from multiple computers, and allows the user to close redundant connections. Too many failed login attempts trigger a failure mode, which forces additional authentication checks for subsequent login attempts and notifies the System Administrator.

The Frosmo Platform can force all content that is provided through the Frosmo JavaScript library to the customer site to load resources only from specified domains. When this feature is enabled, the Frosmo Platform validates all modification content before it is saved to the Frosmo back end. If the content contains elements that could be used to load or inject resources from non-authorized domains, the content is rejected. This also restricts the domains to which you can create hyperlinks in modification content. You define the allowed domains in the Control Panel, and they apply to links, images, videos, and iframes.

You can also forbid the use of JavaScript code in modification content.

Data security

The Frosmo JavaScript library collects usage data in the visitor's browser and sends the data to the Frosmo back end over an HTTPS connection. The Frosmo JavaScript library also stores selected data locally in the visitor's browser. 

...

By default, the Frosmo Platform collects and processes only anonymous and pseudonymous information about visitors and their behavior on a website. The purpose and lawfulness of data processing is invariably determined by the customer and documented in the subscription agreement between Frosmo and the customer, and in the Frosmo General Terms of Service.

Customer data is always stored in such a way that the data of one customer cannot be mixed with the data of another customer. All software modifications can be tracked in change logs and a version control system (GitLab).

...