Privacy Policy
We believe that you should always have control over your personal data. When you share data with us, we respect it and keep it safe.
Privacy Policy
We believe that you should always have control over your personal data. When you share data with us, we respect it and keep it safe.
Privacy Policy of FrameWorks Institute and FrameWorks UK
This policy sets out how we use the information you share with us. It’s for this website, and any other product or service that links here. We may make changes to this policy, so check back here when you can.
If you have any questions about this policy, or how we collect and use personal data, we want to hear from you. You can get in touch at privacy@frameworksinsitute.org, or call us on 202.888.0515.
This policy was last updated on 5 March 2021.
Who we are
We are the FrameWorks Institute and our sister organization, FrameWorks UK. You can find us in person at:
1333 H St NW Suite 700 West
Washington, DC 20005
and
71-75 Shelton Street
London, England WC2H 9JQ
Both organizations are data controllers and processors under the Data Protection Act 1998 and the General Data Protection Regulation (GDPR) 2016/679.
This means that we collect, use and are responsible for any personal data you share with us.
How we collect personal data
Depending on how you interact with us, we collect information:
When you directly share it with us. Like when you sign up to our newsletter, apply for a job, or ask us for resources or support. Or if you share your story as a testimonial for others.
When you indirectly share it with us. This is when third parties share your information with us, with your permission. For example, if you sign up to one of our events on a website like Eventbrite and those details are passed on to us.
When you visit our website. Like most websites, we use cookies and other tracking tools. These give us general information about what pages you visit and how you get to them. You can find more details in our Cookie Policy.
What we collect
Personal data is any information that can be used to identify you. We collect:
- Your name, organization and job title (if you tell us them)
- Your contact details – email address, phone number or postal address (if you contact us using these)
- Your login details (if you register for the FrameWorks Academy) Credit/debit card details (if you donate or buy something)
- Your work history (if you apply for a job here); and Any other personal information you share with us.
We only collect sensitive or special category data here with your explicit and informed consent. This might include:
- Access, dietary or assistance requirements (if you sign up for an event).
We’ll only collect this if we have a clear reason to do so. For example, we need to know your access requirements before we can provide event support.
Why we collect it
We use this data to:
- Provide the information, products or services that you’ve asked for Administer these goods, products or services
- Provide information, products or services that would be of interest and reasonably expected by you (for example, where we have an existing customer relationship)
- Process job applications
- Respond to any contact you make with us Keep a record of your relationship with us Meet our legal obligations
- Administer our website and newsletters, including registered accounts; and
- Provide you with a better online experience (like making sure our site displays at the right size for your device. And that pages display correctly).
How long we keep it
We keep personal data for as long as is necessary for the relevant activity. And to meet any legal or regulatory obligations.
This is to make sure we’re providing the support or resources you’ve asked for, that we’re not getting in touch after you’ve asked us to stop, and to follow the law.
Who we share it with
The personal data we hold is mainly used by our staff to provide you with information, products or services.
We’ll never rent or sell your data to another organization for marketing purposes.
We may share your information with trusted partners, suppliers or service providers to help them deliver services for us. This means that they will process personal data under our instruction. When this happens, we’ll have a contract in place to make sure they comply with the GDPR and keep your data secure.
If they’re based outside the European Economic Area, we’ll make sure there’s an equal level of protection in place.
- Salesforce (when you sign up for emails. .Here’s their privacy policy.
- Google (when you accept Google Analytics cookies). Here’s their privacy policy.
- Typeform (when you ask about an engagement or using our content). Here’s their privacy policy.
We may share your personal data if we are required to do so by law (for example, a valid request from law enforcement).
Keeping it safe
We do everything we can to keep your information safe. We review our security measures regularly. Unfortunately, no information transferred over the internet is completely secure, and we can’t guarantee the security of data transmitted to us.
We sometimes link to articles and resources on other websites. These websites will have their own privacy policies and security measures.
Our legal basis
In most cases, we’ll only use personal data with your specific consent (like when you sign up for our newsletter). Or to fulfill a contract with you (like when you buy a Frameworks Academy course).
In other cases, we rely on our legitimate interest. This means that there is a legitimate reason for us to use your personal data for our organization’s mission. We’ll balance this against your rights under GDPR and any potential impact on you.
Your rights
Under GDPR, you have the right to:
Be informed about how we use your personal data.
Access a copy of the personal data we hold about you. We’ll need proof of your identity and a description of what information you’d like.
Ask us to rectify inaccurate or incomplete information about you.
Ask us to erase your personal information when it’s no longer needed, or when processing it is unlawful.
Restrict the use of your personal data in certain cases.
Receive your data in a machine-readable, portable format.
Object to us using your data for marketing, or on the grounds of your particular situation.
There are a few limits to these rights and they might not apply to your situation. If you’re not sure, read your rights in full or contact the national data protection authority in your country for guidance.
How cookies are used at FrameWorks Institute and FrameWorks UK
| Cookie Name | Cookie Provider | Expires | Description |
|---|---|---|---|
| __utma | Google Analytics | 2 years from set/update | Stores the amount of visits (for each visitor), the time of the first visit, the previous visit, and the current visit. You can opt out of Google Analytics. |
| __utmb and __utmc | Google Analytics | 30 mins from set/update | Used to check approximately how fast people leave |
| __utmt | Google Analytics | 24 Hours | Used to distinguish users and sessions. |
| __utmz | Google Analytics | 6 months from set/update | Records whether the visitor came from a search engine (and if so, the search keyword used), a link, or from no previous page (e.g. a bookmark). |
| evo1h3atw5 | Sucuri | End of session | This cookie is part of the Website security monitoring by Sucuri. |
Contact us
To exercise any of your rights (or make a complaint) contact us at privacy@frameworksinsitute.org. If you’d like to speak to someone in person, call us on 202.888.0515.
We aim to respond to all queries within one month. If we can’t meet this deadline, we’ll be in touch to let you know why.
You can also contact (or make a complaint to) the national data protection authority in your country.