[Modified as of 15 December 2021]
Personal Data Protection
In other words, Personal Data can be described as any information about you, which enables you to be identified. Personal Data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, other online identifiers, electronic location data, and your behaviour online.
You will find the Personal Data we use below.
What Personal Information About Customers Does Framework Collect and Why?
If you are just visiting Framework to look around and check it out, we only collect Automatic Information, such as Cookies.
If you decide to download and use the Framework App, we will collect information such as your name, phone number and/or email address to enable you to use Framework’s services, including the Framework App and the Framework Site (collectively, the “Framework Services”). We may also give you the option to provide additional information, such as social media information. All of the information we collect will be used to communicate with you and to gather data about how you use the Framework Services.
Here are the types of information we gather and the technical means we use to gather it:
Information You Give Us
Framework receives and stores any information you provide in relation to the Framework Services using an electronic form where we ask you to enter certain personal data through our third-party applications, which are identified in the table below. We will use your email address to send you information on Framework’s updates and features, as well as transactional and marketing emails, etc. You may opt out of receiving the marketing emails by clicking “unsubscribe” on the email/s.
For What Purposes Does Framework Process Your Personal Information?
We process your personal information to operate, provide, and improve the Framework Services. These purposes include:
Communications with you
We use your personal information to communicate with you in relation to Framework Services when you log in to the Framework App.
Analytics and recommendation engine
We analyse your use of the Framework Services so that our system can learn based on your preferences and provide suitable recommendations to you and other users.
Personal data that is part of our resources
Where personal data is part of a resource provided through Framework Services, we will process such data to make such resource available and accessible through the app, including recommendation and searches.
Does Framework Share Your Personal Information?
Personal data that we process may be shared with analytics, communications, database, authentication, marketing, content and user management, testing, cloud infrastructure and other cloud services providers, recruitment and HR services providers. Where personal information is shared with entities in third countries without an adequacy decision, an appropriate transfer mechanism such as Standard Contractual Clauses shall be used to protect your data in such jurisdictions.
How Secure is Information About Me?
We are designing our system with your security and privacy in mind. We work to protect the security of your information during transmission by using Secure Sockets Layer (SSL) software, which encrypts information you input. We also maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal information. We are confident that we are using the latest state-of-the-art technology to ensure that your information is fully protected.
What Choices Do I Have?
If you have any questions or objections as to how we collect and process your personal information, please contact us at firstname.lastname@example.org.
How Long Do We Keep Your Personal Information?
We keep your personal information as long as may be necessary to enable your continued use of Framework Services. In case of resource-related personal information, we keep the data as long as the resource remains available through Framework Services. If you wish to have Framework delete your personal information and/or for Framework to cease contacting you, please email to email@example.com. Any emails from Framework will also have a link for you to opt out of receiving future emails from Framework.
What are my Rights Under the GDPR?
Subject to EU law, you have the following rights in relation to your personal information, which can be exercised by emailing to firstname.lastname@example.org.
Right of access: If we are processing your personal information you can request a copy of that information by emailing email@example.com.
Right to rectification: If your personal information is inaccurate or incomplete, you are entitled to ask that we correct or complete it. If we share your personal information with others, we will tell them about the correction where possible.
Right to erasure: You may ask us to erase your personal information in some circumstances, such as where we no longer need it or you withdraw your consent.
Right to restrict processing: You may ask us to restrict or ‘block’ the processing of your personal information in certain circumstances, such as where you contest the accuracy of the data or object to us processing it, subject to UK GDPR.
Right to data portability: You have the right to obtain your personal information from us that you consented to give us or that was provided to us as necessary in connection with our contract with you. We will give you your personal information in a structured, commonly used and machine-readable format. You may reuse it elsewhere.
Right to object: You may ask us at any time to stop processing your personal information where we process your data based on our legitimate interests, provided no compelling legitimate grounds for further processing exist.
Rights in relation to automated decision-making and profiling: You have the right to be free from decisions based solely on automated processing of your personal information, including profiling, unless this is necessary in relation to a contract between you and us or you provide your explicit consent to this use.
Right to withdraw consent: If we rely on your consent to process your personal information, you have the right to withdraw that consent at any time, but this will not affect any processing of your data that has already taken place.
Right to lodge a complaint with the data protection authority: If you have a concern about our privacy practices, including the way we handled your personal information, you can report it to the ico.org.uk.
To exercise any of the above rights, or if you have any questions relating to your rights, please email firstname.lastname@example.org. We may need to request specific information from you when you exercise your rights to confirm your identity and to speed up our response. We may not be able to fulfil your request if we are not able to identify you.
Our policy towards children
Framework is a General Audience Site and the Framework Services are only available to persons aged 13 and over.
The Framework Services are not directed to persons under 13 and we do not knowingly collect personal information from children under 13. Children under 13 years of age are prohibited from providing any personal information to the Site. If you become aware that your child has provided us with personal information without your consent, then please contact us using the details below so that we can take steps to remove such information and terminate the child’s account.
Your California privacy rights
Pursuant to California’s “Shine The Light law (California Statute § 1798.983), California residents are entitled, once a year and free of charge, to request the disclosure of certain categories of personal information to third parties for their own direct marketing purposes in the preceding calendar year, if any. You may request this information by contacting us at email@example.com indicate in the email subject line, “California Shine The Light Request.” Please include your mailing address, state of residence and email address with your request.
For California residents under the age of 18 and registered users of the Framework App or the Framework Site, California law (Business and Professionals Code § 22581) provides that you can request the removal of content or information you posted on the Framework App or the Framework Site. Any such request should be sent to us at firstname.lastname@example.org with a description of the posted content or other information to be removed. Be advised, however, that applicable law may not permit us to completely or comprehensively remove your deleted content or for other reasons as set forth in this California law.
California Consumer Privacy Act
The California Consumer Privacy Act (CCPA), effective 1 January 2020, gives California consumers enhanced rights with respect to their personal information that is collected by businesses. First, California consumers may opt out of having their personal information sold to other persons or parties. Second, they have a right to know:
1. What specific pieces of information a business has about the consumer;
2. Categories of personal information it has collected about the consumer;
3. Categories of sources from which the personal information is collected;
4. Categories of personal information that the business sold or disclosed for a business purpose about the consumer;
5. Categories of third parties to whom the personal information was sold or disclosed for a business purpose; and
6. The business or commercial purpose for collecting or selling personal information.
In addition, California consumers can request that the personal information a business has collected about them be deleted from the business’s systems and records.
Framework does not presently sell any personal information to third parties for any purpose.
To make a “request to know” or request to delete your personal information, send us an e-mail at email@example.com. (Please put either “Request to Know” or “Request to Delete” in the subject heading of your email.) We will honour these requests for US individuals whether or not you would qualify as a California consumer under the CCPA.
We will confirm receipt of your request within 10 days along with a description of what steps we will take to verify and respond. We must provide the requested information or delete your personal information within 45 days of receipt of your request but can use an additional 45 days, but we must let you know the additional time is needed.
When contacting us, we may ask you to provide certain, limited personal information, such as your name, email address and/or username to verify your request and to match with our records and systems. This is to protect against fraud. We will not retain this personal information or use it for any other purpose. And we need to search our records and systems only for the preceding 12 months.
Do Not Track
We currently do not honour browser-based Do-Not-Track signals.
Changes to this policy
In the event that you have a complaint about our treatment of your personal information, you have the right to lodge a complaint with the supervisory body, the Information Commissioner - ico.org.uk. Details of how to do this are set out in the “for the public” section. However Framework welcomes the opportunity to resolve any complaint and we would suggest you first refer your complaint by email to firstname.lastname@example.org to making a complaint to the Information Commissioner.
What if I Still Have Questions?
If you have any concern about privacy at Framework, please email email@example.com with a thorough description of your issue and we will try to resolve it for you.