Privacy Policy and Personal Data Protection of FRAME2.WORK:
Effective from March 1, 2023.
1. Introduction
2. About this Policy
3. Customer Rights and Preferences: providing you with choice and control
4. How do we collect the Customer’s personal data?
5. What personal data do we collect about the Customer?
6. For what purposes do we use the Customer’s personal data?
7. Sharing the Customer’s personal data.
8. Data conservation and deletion.
9. Transfer to other countries.
10. Links.
11. Customer data protection.
12. Children.
13. Changes to this Privacy Policy.
14. Contacting Us
1. Introduction
At FRAME2.WORK, we aim to provide Customers with the best possible experience. Thus, in order for us to provide a more personalized service for you, our Customer, we need to understand your habits and interactions. However, the privacy and security of your personal data and that of your end-users have always been of paramount importance to us. For this reason, we want to explain in a transparent and detailed manner, how we collect, store, share, and use the personal data of our Customers and their end-users, as well as, describe the controls and choices that you will have at your disposal when and if you choose to share your respective personal data. This is the main objective of this Privacy and Personal Data Protection Policy (“Policy”).
2. About this Policy:
This Policy outlines the essential details of the relationship of the Customer’s personal data and their end-users with FRAME2.WORK. The Policy applies to all FRAME2.WORK services and any associated services (hereafter referred to as “FRAME2.WORK service”). The terms governing the use of the FRAME2.WORK service by the Customer are defined in our Terms and Conditions of Use.
Occasionally, we may develop new services or offer additional services. If the introduction of these new or additional services results in any change in how we collect and process the Customer’s personal data and or their end-users, we will provide more information and additional terms or policies. Unless otherwise stated, whenever we introduce new or additional services, they will be subject to this Policy.
The aim of this Policy is to:
Ensure that the Customer understands exactly what personal data we collect about them and their end-users, the reasons why we collect and use them, and who we share them with;
Explain how we use the personal data that the Customer shares with us, in order to provide them with an excellent experience whenever they use the FRAME2.WORK service; and
Explain to the Customer their respective rights and options in relation to their personal data that we collect and process, and how we protect their privacy.
We hope that this policy helps the Customer understand our commitments to their privacy and the privacy of their end-users. For information on how to contact us if you have any questions or concerns, see section 14 “To contact us” below.
On the other hand, if the client does not agree with the content of this Policy, we remind them that they are free to decide whether they want to use and/or continue using the services of FRAME2.WORK.
3. Client’s Rights and Preferences: providing them with the option of choice and control.
If you are not already aware, there are legislations that grant certain rights to individuals regarding their personal data. As provided under the terms of applicable legislations, unless limited by them, the rights granted to individuals are as follows:
Right of access – the right to be informed and request access to the personal data we process about the client.
Right of rectification – the right to request that we amend or make any necessary updates to the client’s personal data whenever they are incorrect or incomplete.
Right to erasure of information – the right to request us to delete your personal data from our database.
Right to restriction – the right to request that we temporarily or permanently halt the processing of all or some of your personal data.
Right to object – the right to, at any time, object to the processing of your personal data for reasons related to your particular situation; the right to object to the processing of your personal data for direct marketing purposes.
Right to data portability – the right to request a copy of your personal data in electronic format and the right to transmit this personal data for use in third-party services.
Right to not be subject to automated decisions – the right to not be subject to a decision based solely on automated processing, including profiling, that may have legal effects on you or similarly significant effects.
To make it easy for the client and their end users to exercise these rights and register their preferences regarding how FRAME2.WORK uses their personal data, we provide the following options through the Privacy settings, located on the “MY PROFILE” page.
- Control some of the categories of personal data we process;
- Manage your publicly available personal data; and
- Set sharing preferences.
If we send you electronic marketing messages based on your consent or otherwise permitted by applicable law, both the client and any end user of the client may, at any time, respectively withdraw their consent or declare their objection (“opt-out”) without any additional cost. To do so, simply use the unsubscribe link in the email itself.
If you have any questions regarding your privacy, rights, or how to exercise them, the client should contact our data protection officer by writing to dataprotection@frame2.work. We will respond within a reasonable timeframe after verifying the client’s identity.
If you are dissatisfied with how we are using your personal data, you can also file a written complaint with the Data Protection Authority in your local jurisdiction.
4. How do we collect the client’s personal data?
We collect the client’s personal data and/or their end users’ personal data through the following methods:
When the client registers themselves or registers an end user in their FRAME2.WORK account – during the client’s or any end user’s registration, we collect certain personal data, including but not limited to: email address, full name, gender, country, IP address, and device information and its identifier, so that they can use the FRAME2.WORK service.
Through the use of the FRAME2.WORK service – when the client and/or their end users use the FRAME2.WORK service, we collect personal data about their usage of the FRAME2.WORK service. This may include information such as the devices used to access the services, the users who accessed the services from the same device, IP addresses used for access, and other necessary information to fulfill our social objectives. Occasionally, the client and/or their end users may also provide us with additional personal data or give us authorization to collect additional personal data, for example, to provide them with more resources or features, among others. The collected personal data also allows us to mitigate risks and/or fraud among clients and against the service.
Occasionally, we may receive personal data about the client and their activity through third parties, including advertisers and partners we work with, in order to provide the FRAME2.WORK service (see Section 7 Data Sharing of the client’s personal data below). We will use this personal data if the client and/or their end users have authorized the relevant third parties or FRAME2.WORK to share this data, or if FRAME2.WORK has a legitimate interest in using the personal data to provide the FRAME2.WORK service to the client.
As described below, we do not collect photographs, precise mobile device locations, voice data, or device contacts from the client or their end users without their prior consent. You can always change your mind and withdraw your consent at any time.
5. What personal data do we collect about the client?
In the tables below, we have organized the categories of personal data we collect and use about the client:
| Categories of personal data: | Description of the category: |
| Account registration data | These are the personal data provided by the client’s admin or their end users, or collected by us to enable the client to use the FRAME2.WORK service. This includes the first name, last name, identification document, email address, date of birth, gender, and physical address jurisdiction of the client’s admin and/or their end users.
Some personal data requested is mandatory for the client to create their account. The client also has the option to provide us with additional personal data to make their experience more personalized. The specific personal data we collect depends on the type of use of the FRAME2.WORK service by the client and/or their end users, and whether they use a third-party service (as defined in the Terms and Conditions of Use), such as Google, Apple, or Facebook, to access the FRAME2.WORK service. If the client uses a third-party service to create an account, we may receive personal data through this third-party service, but only if the client has authorized the respective third-party service to share their personal data with us.
|
| Usage data | The personal data collected about the client and/or their end users when they use the FRAME2.WORK service may include:
|
The personal data collected with your permission that enables us to provide you with additional features or functionalities.
| Categories of personal data: | Description of the category: |
|---|---|
| Optional mobile data | In addition to the mobile data we collect to provide the FRAME2.WORK service to the client and their end users (as described above), the client and their end users also have the option to authorize us to collect additional personal data from their mobile device in order to provide them with features and functionalities that will enhance their experience of the FRAME2.WORK service.
We will not obtain any of the personal data mentioned below without obtaining the client’s consent beforehand:
|
| Payment information | We may collect this personal data if the client registers for a Trial Period or makes a purchase through the FRAME2.WORK service (as defined in the Terms and Conditions of Use). The specific personal data collected may vary depending on the payment method, but it may include information such as:
If the customer chooses to pay by invoice, we will provide their personal data to our payment processors in order to allow them to perform credit checks and send invoices to the customer. |
| Promotions, contests, and giveaways | These personal data are used to enable the customer and/or their end users to register and participate in these types of promotions. The specific personal data collected may vary depending on the promotion. |
| Marketing data | These personal data are used to allow FRAME2.WORK and its partners/service providers to send marketing communications to the customer.
|
6. What purposes do we use the customer’s personal data for?
When the customer and/or their end users use or interact with the FRAME2.WORK service, we utilize various technologies to process the personal data collected about the customer for various purposes. In the table below, we outline the reasons for processing the customer’s personal data, the associated legal bases we rely on that allow us to lawfully process the customer’s personal data, and the categories of personal data (identified in section 5 ‘What personal data do we collect about the customer?‘) used for these purposes.
| Description of the reason why FRAME2.WORK processes the customer’s personal data (‘purpose of processing’) | Legal basis for the purpose of processing | Categories of personal data used by FRAME2.WORK for the purpose of processing |
| To provide, personalize, and enhance the customer’s and/or their end users’ experience with the FRAME2.WORK service and other services and products provided by FRAME2.WORK, for example, by delivering personalized, tailored, or location-based content, recommendations, features, and advertising within or outside of the FRAME2.WORK service (including for third-party products and services).
|
Contract performance
Legitimate interests |
Account registration data
Service usage data Occasionally optional mobile data
|
| To understand how the customer accesses and uses the FRAME2.WORK service, in order to ensure the technical functionality of the FRAME2.WORK service, develop new products and services, and analyze the customer’s usage of the FRAME2.WORK service, including their interaction with applications, advertising, products, and services that are provided, linked to, or offered through the FRAME2.WORK service. | Account registration data
Legitimate interests |
Account registration data
Service usage data
|
| To communicate with the customer for purposes related to the FRAME2.WORK service | Contract performance
Legitimate interests |
Account registration data
Service usage data
|
| To process the customer’s payment and prevent or detect fraud, including fraudulent payments and fraudulent use of the FRAME2.WORK service. | Contract performance
Compliance with legal obligations Legitimate interests |
Account registration data
Service usage data Payment data
|
To communicate with the customer and potentially with their end users, directly or through our partners, for the following purposes:
Through emails, notifications, or other messages, according to any authorizations provided by the customer to FRAME2.WORK (e.g., through Privacy settings). |
Authorization
Legitimate interests |
Contests and giveaways data
Marketing data |
| To provide the customer and/or their end users with location-specific features, information, advertising, or content. | Authorization | Optional mobile data |
We use anonymized and aggregated information for purposes that include testing our IT systems, conducting research, analyzing data, creating marketing and promotional models, improving the FRAME2.WORK service, and developing new features and functionalities in the FRAME2.WORK service.
7. Sharing of customer’s personal data and/or end users’ personal data.
Below, we list the categories of recipients of personal data collected or generated through the use of the FRAME2.WORK service by the customer, as applicable:
Publicly available information:
The following personal data of the customer and/or their end users will always be publicly available in the FRAME2.WORK service: the name of the customer and/or their end users, profile picture, account creation date, and other personal data that can be viewed on the customer’s Profile page
Personal data that the customer and/or their end users may choose to share
The following personal data will only be shared with the categories of recipients indicated in the table below if:
- choose to use a specific functionality of the FRAME2.WORK service where sharing personal data is necessary for the proper use of the FRAME2.WORK service functionality; or
- explicitly authorize the sharing of personal data, for example, by selecting the appropriate setting in the Privacy settings of the FRAME2.WORK service.
| Categories of recipients | Reason for sharing |
| Third-party application occasionally used by the customer and/or their end users to log in to FRAME2.WORK | When accessing your FRAME2.WORK account from a third-party application, such as social networks, FRAME2.WORK may share your data to link the customer’s data in both registries, namely the FRAME2.WORK network and the respective third party. |
| Third-party applications occasionally associated by the customer and/or their end users with their respective FRAME2.WORK account. | If you associate a third-party application using your FRAME2.WORK account credentials, then that third-party application may have access to certain service usage data, stored content, and activity.
Before connecting to the Third-Party Application, the customer and/or their end users will receive a notice informing them about which personal data will be shared with / may be accessed by that Third-Party Application. |
| Community | When the customer joins the FRAME2.WORK Community, they will use the same nickname as their account. This customer nickname will be publicly displayed to anyone accessing the FRAME2.WORK Community area, along with the questions, comments, and other content they post or make public through the Privacy settings of the FRAME2.WORK service. |
Further details about the information available publicly and what the customer shares with third parties are available in Section 3, ‘Customer Rights and Preferences: Providing Choice and Control,’ of this Policy and in the Privacy settings.
Information we may share
| Categories of recipients | Reason for sharing |
| Service providers and others | We use technical service providers who operate the technical infrastructure we need to provide the FRAME2.WORK Service, particularly vendors who host, store, manage, and maintain the FRAME2.WORK application, its content, and the data we process.
We use technical service providers to assist us in communicating with you, as described in Section 6 of this Policy. We use marketing and advertising partners to show you more personalized content or to help us understand your usage of the FRAME2.WORK Service and provide you with a better service. We may also share personal data with certain marketing and advertising partners to send you promotional communications about FRAME2.WORK. We also use payment gateway partners; however, in this case, we do not store or share credit card or other payment method data. All payment-related data entered on our pages is encrypted and sent to the respective payment APIs. |
| FRAME2.WORK partners |
|
| Compliance with the law and data protection authorities | We will share the customer’s personal data and/or their end users’ personal data when we believe, in good faith, that it is necessary to comply with a legal obligation under applicable laws, or to respond to a valid legal process, such as a search warrant, court order, or subpoena
We will also share the customer’s personal data and/or their end users’ personal data if we believe, in good faith, that it is necessary for our legitimate interest or the legitimate interest of third parties, in matters of national security, law enforcement, litigation, criminal investigation, protection of the safety of any person, or to prevent imminent death or physical harm, provided that we consider such interest does not override the interests or fundamental rights and freedoms of the customer and/or their end users that require the protection of personal data. |
| Purchasers of our business | We will share the customer’s personal data and/or their end users’ personal data when we sell or negotiate the sale of our business to a buyer or potential buyer.
In this situation, FRAME2.WORK will continue to ensure the confidentiality of the customer’s personal data and their end users’ personal data, and we will notify you before the personal data is transferred to the buyer or becomes subject to a different Privacy Policy. |
8. Data retention and deletion:
We retain the customer’s personal data and/or their end users’ personal data for as long as necessary to provide the FRAME2.WORK service and for legitimate and essential business purposes, such as maintaining the performance of the FRAME2.WORK service, making business decisions about features and offerings based on data, fulfilling our legal obligations, and resolving disputes. We retain some of the customer’s personal data as long as they remain a customer of the FRAME2.WORK service. For example, we keep customer history, purchases, profile, rankings, credit history, and other account information.
Upon the customer’s request, we will delete or anonymize their personal data in a way that no longer identifies the customer, except where it is legally permitted or required to retain certain personal data in processing, including situations such as the following:
- If there is an unresolved issue regarding your account, such as a pending credit on your account or an unresolved complaint or dispute, we will retain the necessary personal data until the issue is resolved.
- If we are required to retain personal data for our legal, tax, audit, and accounting obligations, we will retain the necessary personal data for the period required by applicable law; and/or,
- Whenever necessary for our legitimate business interests, such as fraud prevention or maintaining the security of our customers
9. Transfer to other countries:
FRAME2.WORK may subcontract the processing or share the customer’s personal data and/or their end users’ personal data with third parties located in countries other than the customer’s or their end users’ country of residence. Therefore, the customer’s personal data may be subject to privacy laws different from those in the customer’s or their end users’ country of residence.
Personal data collected in the European Union and Switzerland, for example, may be transferred and processed by third parties located in a country outside the European Union and Switzerland. In such cases, FRAME2.WORK will ensure that the transfer of customer’s personal data and/or their end users’ personal data is conducted in compliance with applicable privacy laws, particularly by adopting appropriate contractual, technical, and organizational measures, such as the standard contractual clauses approved by the European Commission
More information about the security measures we use to protect the customer’s personal data and/or their end users’ personal data is available in Section 11 of this Policy, ‘Keeping Customer’s Personal Data Secure’.
10. Links:
We may display third-party advertisements and other content as links to third-party websites. We cannot control, nor can we be held responsible for the privacy practices and content of third parties. If the customer clicks on a third-party advertisement or link, they should be aware that they will be leaving the FRAME2.WORK service and any personal data they provide will not be covered by this Policy. The customer should read the respective privacy policies to understand how they collect and process their personal data.
11. Keeping Customer’s Personal Data Secure:
We are committed to protecting the personal data of our customers and/or their end users.
We have implemented technical and organizational measures to help protect the security of customer’s personal data, including the use of pseudonyms, encryption, and access and retention policies to prevent unauthorized access and unnecessary retention of personal data in our systems. However, please be aware that no system is completely secure.
The password protects the customer’s account, so we encourage the customer to use a unique and strong password, limit access to secure (trusted) computers, browsers, and other devices, and log out after using the FRAME2.WORK service.
12. Children:
We understand that our service may be used by people of all ages. However, in some countries, age limits may apply according to local legislation. More details on this matter can be found in our Terms and Conditions of Use.
We do not knowingly collect personal data from children below the applicable age limit (referred to as the ‘age limit’) if such age limit exists. In this case, if the customer and/or their end users are below the potentially specified age limit, they should not use the FRAME2.WORK service or provide us with any personal data.
If the customer is a parent of a child below the age limit and becomes aware that the child has provided personal data to FRAME2.WORK, they should contact us by writing to dataprotection@frame2.work and may request the exercise of their applicable rights as outlined in Section 3, ‘Customer Rights and Preferences: Providing Choice and Control,’ of this Policy.
If we become aware that we have collected personal data from a child below the potential applicable age limit, we will take reasonable steps to delete the relevant personal data. This may require deleting the customer’s FRAME2.WORK account and/or the end user associated with that child.
13. Changes to this Privacy Policy:
Occasionally, we may make changes to this Policy.
When we make material changes to this Policy, we will provide a visible and appropriate communication depending on the circumstances, such as presenting a visible communication on the FRAME2.WORK service or sending an email to the customer and/or their end users. We may also provide advance notice to the customer and/or their end users.
Therefore, it is essential for the customer and/or their end users to ensure that they read any communication carefully.
14. Contacting Us:
Thank you for reading our Privacy Policy. If you have any questions regarding this Policy, please contact our Data Protection Officer by writing to dataprotection@frame2.work. We will respond within a reasonable timeframe, after verifying the customer’s identity.
FRAME2.WORK is the data controller for the personal data of the customer and/or their end users processed under this Policy.
© FRAME2.WORK.