Framework - Privacy Policy

Last updated: 3rd February 2023



Who we are and how this policy applies

Founders Academy Ltd ("Framework", "FA", "we", "us", "our") is committed to ensuring user privacy. This Privacy Policy describes how Framework collects, uses and discloses Personal Data (defined below), as well as any choices you have with respect to this Personal Data, and applies only to Framework's on-demand business school services being provided across its platform including the Framework mobile application ("App") and the website ("Site") (collectively the "Services"). This privacy policy does not apply to any other services or activities that may be provided or conducted by Framework such as recruitment.

The Services may integrate third-party applications or software ("Third-Party Services"). This Privacy Policy does not apply to such Third-Party Services. When you use those Third-Party Services, third parties may collect or share Personal Data about you, and we encourage you to read the privacy notices and terms and conditions before using such Third-Party Services.

In this Privacy Policy, "Personal Data"; means "any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person"



Age restriction

The Services are only available to persons aged 16 and over and we do not knowingly collect Personal Data from individuals under the age of 16 ("Minors"). By using our Services, you represent and warrant that you are not a Minor as of the date of first access to our Services. If you become aware that a Minor has provided us with Personal Data, then please contact us using the details below so that we can take steps to remove such information.



Contact us

We have appointed a data privacy manager who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this Privacy Policy, including any requests to exercise your legal rights as a data subject, please contact the data privacy manager using the details set out below.

Founders Academy Ltd

Email address:

Postal address: 180 The Strand, London, WC2R 1EA, United Kingdom

If you are located inside the European Economic Area (EEA), please contact us for details of our representative in the EEA at:

If you are concerned that we have not complied with your legal rights or applicable privacy laws, you may contact the Information Commissioner's Office (ICO), the UK regulator for data protection issues ( or any other competent data protection authority in the relevant jurisdiction. We would, however, appreciate the chance to deal with your concerns before you approach the ICO or the other relevant authority, so please contact us in the first instance.



Our right to process personal data

We only process Personal Data when we have a legal basis to do so, in any of the following circumstances:

  • where we need to perform a contract that we are entering into or have entered into with you, for example, to provide Services to you;
  • where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; and/or
  • where we need to comply with a legal obligation.

Where we need to collect Personal Data by law, or under the terms of a contract we have with you, and you fail to provide that Personal Data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with our Services). In this case, we may have to cancel the Services you have with us, but we will notify you if this is the case at the time.



What information do we collect?

The type of information, including any Personal Data, that Framework collects from you will depend on how you interact with us as follows:

Information that you provide...

We collect information that you are either requested to or volunteer to provide to us when you use our Services. This includes:

  • When you create an account on our Site or App ("Account Data") - your name; email address; username; password; job title and employer details; profile picture; any information optionally included in your bio; links to social channels e.g LinkedIn URL.
  • When you subscribe to marketing, or enter competitions or surveys ("Marketing Data") - Name; email address.
  • When you subscribe to services or request participation in any event e.g. webinar ("Event Data") - Name; email address.
  • When you contact us for support or to provide feedback ("Support Data") - Name; email address.
  • When you use the App ("User Data") - Information shared in any content submitted to the App such as messages and comments and other interactions.

Information we automatically collect...

We collect some information automatically when you visit, access, or use the Services. Such information includes:

  • Usage Data. - Usage information and statistics about how you interact with the Services, such as: Site pages visited; App screens visited; actions performed on Site and App; sequences of activities; and timestamp on activities.
  • Technical Data. - Technical information about your computer or other devices used to access our Services, such as: IP address; in respect of App use, information about device information (make, model) and the platform used (e.g. iOS or Android); Timestamp; and in respect of Site use, your browser version.

We collect this information by using cookies, server logs and other similar technologies. Please see our Cookie Policy for further details.

Information that we collect from third parties...

We may also obtain information from third parties and combine that with other information we collect through the Services. This includes:

  • Transaction Data. - Contact, financial and transaction data about you from providers of technical, payment and delivery services such as Stripe, based outside the UK/EEA.

Any access or restrictions that we may have to such information from such a third party is in accordance with the privacy notice and procedure of that third party.



How we use your information?

We process your information to operate, provide, and improve the Services. More particularly where such information contains Personal Data the information and purpose for which it is used is as follows:

  • Information - Account Data
  • Purpose - To provide the Services and enable the full Framework experience for you including to send you service, transactional, technical and other administrative communications, such as communications about your account, changes to the Services, and Services-related notices, such as security and fraud notices.
  • Legal basis - Legitimate interests; and/or Contract (where we have a contractual arrangement with your employer to provide you with an account).
  • Information - Marketing Data
  • Purpose - To provide you with information about products and services of interest to you and/or where expressly requested by you.
  • Legal basis - Legitimate interests; and/or Consent where specifically requested by you.
  • Information - Event Data
  • Purpose - To provide you with Services that you have specifically requested.
  • Legal basis - Legitimate interests.
  • Information - Support Data
  • Purpose - To provide you with Services and specifically customer support that you have specifically requested.
  • Legal basis - Legitimate interests.
  • Information - User Data
  • Purpose - To enable the Framework experience for you.
  • Legal basis - Legitimate interests.
  • Information - Technical Data
  • Purpose - To enable us to diagnose and troubleshoot the Services.
  • Legal basis - Legitimate interests.
  • Information - Usage Data
  • Purpose - To enable us to improve the Services
  • Legal basis - Legitimate interests.
  • Information - Transaction Data
  • Purpose - To enable the provision of the Services to you.
  • Legal basis - Legitimate interests.

We will only use your Personal Data for the purposes for which we collected it unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us. If we need to use your Personal Data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your Personal Data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.




You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you.




You can set your browser to refuse all or some browser cookies or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of our Site may become inaccessible or not function properly. For more information about the cookies we use, please see Cookie Policy .



Do we share your Personal Data?

We may share Personal Data about you as follows:

Service providers . We may engage third parties as sub-processors to process Personal Data. These third parties may provide services such as virtual computing, storage and analytics services. We may share Personal Data with the following parties:

  • Name - Amazon Web Services (AWS)
  • Purpose - Data storage in connection with the Services.
  • Location - Ireland.
  • Privacy Policy -
  • Name - GetStream
  • Purpose - Data storage in connection with user discussions and chat.
  • Location - Ireland, United States.
  • Privacy Policy -
  • Name - Sentry
  • Purpose - App error tracking and crash reporting.
  • Location - United States
  • Privacy Policy -

Displaying the Services as intended . When you submit Personal Data in the App in connection with creating an account, Personal Data that you include in your bio details will be visible to other members of the App.

Affiliates . We may in the future need to share Personal Data with subsidiaries, parents and affiliated companies, to ensure business continuity and the provision of the Services, for the purposes described in this Privacy Policy.

A change in our business . If we engage in certain types of corporate transactions (like in the event of a restructuring or the sale of all or a significant part of our business) some or all Personal Data may be shared or transferred, subject to standard confidentiality arrangements.

Compliance with laws . When we in good faith believe disclosure is necessary to: (a) comply with any applicable law, regulation, or legal process; (b) to enforce our agreements and policies; (c) to protect the security of the Services; or (d) to protect you, us, or others from harm or illegal activities.

Where Personal Data is shared with entities in third countries without an adequacy decision, an appropriate transfer mechanism such as the EU Standard Contractual Clauses (SCCs), the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the SCCs will be used to protect your data in such jurisdictions.



How secure is information about me?

We are designing our system with your security and privacy in mind. We work to protect the security of your information during transmission by using Secure Sockets Layer (SSL) software, which encrypts the information you input. We also maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal information. We are confident that we are using the latest state-of-the-art technology to ensure that your information is fully protected.

We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected Personal Data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.



How long do we keep your Personal Data?

We keep your Personal Data for as long as may be necessary to fulfil the purposes outlined in this Privacy Policy and in order to provide you with the Services. And for as long as is needed to provide you with the Services. We will also retain your information for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements.



What are my rights under the applicable data protection laws?

Under certain circumstances, you have rights under data protection laws in relation to your Personal Data. For residents of the UK and EEA you have the following rights in relation to your Personal Data, which can be exercised by emailing :

Right of access: If we are processing your Personal Data, you can request a copy of that information.

Right to rectification: If your Personal Data is inaccurate or incomplete, you are entitled to ask that we correct or complete it, though we may need to verify the accuracy of the new data you provide to us. If we share your Personal Data with others, we will tell them about the correction where possible.

Right to erasure: You may ask us to erase your Personal Data in some circumstances, such as when we no longer need it or you withdraw your consent. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons of which you will be notified, if applicable, at the time of your request.

Right to restrict processing: You may ask us to restrict or ‘block' the processing of your Personal Data in certain circumstances, such as where you contest the accuracy of the data or object to us processing it.

Right to data portability: You have the right to obtain your Personal Data from us that you consented to give us or that was provided to us as necessary in connection with our contract with you. We will give you your Personal Data in a structured, commonly used and machine-readable format. You may reuse it elsewhere.

Right to object: You may ask us at any time to stop processing your Personal Data where we process your data based on our legitimate interests, provided no compelling legitimate grounds for further processing exist.

Rights in relation to automated decision-making and profiling: You have the right to be free from decisions based solely on automated processing of your personal information, including profiling unless this is necessary for a contract between you and us or you provide your explicit consent to this use.

Right to withdraw consent: If we rely on your consent to process your personal information, you have the right to withdraw that consent at any time, but this will not affect any processing of your data that has already taken place.

Right to lodge a complaint with the data protection authority: If you have a concern about our privacy practices, including the way we handled your personal information, you can report it to the ICO at

To exercise any of the above rights, or if you have any questions relating to your rights, please email . We may need to request specific information from you when you exercise your rights to confirm your identity and to speed up our response. We may not be able to fulfil your request if we are not able to identify you. You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances. We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.



Changes to this privacy policy

We may amend this Privacy Policy from time to time to accurately reflect the regulatory environment and our data collection and disclosure practices. Accordingly, you should review this Privacy Policy periodically. When we change this Privacy Policy in a material way, we will update the "last updated" date at the top of this Privacy Policy. Changes to this Privacy Policy are effective when they are posted on this page.