We believe that you should always have control over your personal data. When you share data with us, we respect it and keep it safe.
This policy sets out how we use the information you share with us. It’s for this website, and any other product or service that is linked here. We may make changes to this policy, so check back here when you can.
If you have any questions about this policy, or how we collect and use personal data, we want to hear from you. You can get in touch at [email protected].
This policy was last updated on 23 March 2023.
Who we are
We’re FrameWorks UK. Our registered address is:
71-75 Shelton Street
We are a data controller and processor under the Data Protection Act 1998 and the General Data Protection Regulation (GDPR) 2016/679. This means that we collect, use and are responsible for any personal data you share with us.
How we collect personal data
Depending on how you interact with us, we collect information:
When you directly share it with us. Like when you sign up to our newsletter, apply for a job, or ask us for resources or support. Or if you share your story as a testimonial for others.
When you indirectly share it with us. This is when third parties share your information with us, with your permission. For example, if you sign up to one of our events on a website like Eventbrite and those details are passed on to us.
What we collect
Personal data is any information that can be used to identify you. We collect:
- Your name, organisation and job title (if you tell us them)
- Your contact details – email address, phone number or postal address (if you contact us using these)
- Your work history (if you apply for a job here); and Any other personal information you share with us.
We only collect sensitive or special category data here with your explicit and informed consent. This might include:
- Access, dietary or assistance requirements (if you sign up for an event).
We’ll only collect this if we have a clear reason to do so. For example, we need to know your access requirements before we can provide event support.
Why we collect it
We use this data to:
- Provide the information, products or services that you’ve asked for
- Provide information, products or services that would be of interest and reasonably expected by you (for example, where we have an existing customer relationship)
- Process job applications
- Respond to any contact you make with us; Keep a record of your relationship with us; Meet our legal obligations
- Administer our website and newsletters, including registered accounts; and
- Provide you with a better online experience (like making sure our site displays at the right size for your device. And that pages display correctly).
How long we keep it
We keep personal data for as long as is necessary for the relevant activity. And to meet any legal or regulatory obligations.
This is to make sure we’re providing the support or resources you’ve asked for, that we’re not getting in touch after you’ve asked us to stop, and to follow the law.
Who we share it with
The personal data we hold is mainly used by our staff to provide you with information, products or services. We’ll never rent or sell your data to another organization for marketing purposes.
We may share your information with trusted partners, suppliers or service providers to help them deliver services for us. This means that they will process personal data under our instruction. When this happens, we’ll have a contract in place to make sure they comply with the GDPR and keep your data secure.
If they’re based outside the European Economic Area, we’ll make sure there’s an equal level of protection in place.
We may share your personal data if we are required to do so by law (for example, a valid request from law enforcement).
Keeping it safe
We do everything we can to keep your information safe. We review our security measures regularly. Unfortunately, no information transferred over the internet is completely secure, and we can’t guarantee the security of data transmitted to us.
We sometimes link to articles and resources on other websites. These websites will have their own privacy policies and security measures.
Our legal basis
In most cases, we’ll only use personal data with your speciﬁc consent (like when you sign up for our newsletter).
In other cases, we rely on our legitimate interest. This means that there is a legitimate reason for us to use your personal data for our organisation’s mission. We’ll balance this against your rights under GDPR and any potential impact on you.
Under GDPR, you have the right to:
Be informed about how we use your personal data.
Access a copy of the personal data we hold about you. We’ll need proof of your identity and a description of what information you’d like.
Ask us to rectify inaccurate or incomplete information about you.
Ask us to erase your personal information when it’s no longer needed, or when processing it is unlawful.
Restrict the use of your personal data in certain cases.
Receive your data in a machine-readable, portable format.
Object to us using your data for marketing, or on the grounds of your particular situation.
There are a few limits to these rights and they might not apply to your situation. If you’re not sure, read your rights in full or contact the national data protection authority in your country for guidance.
To exercise any of your rights (or make a complaint) contact us at [email protected].
We aim to respond to all queries within one month. If we can’t meet this deadline, we’ll be in touch to let you know why.
You can also contact (or make a complaint to) the national data protection authority in your country.