Openframe

Privacy Policy

(Last updated on 01.02.2021)

Here you will find an overview of why and how Frame ApS (hereinafter "Frame") collects and processes your personal data ("Data") and your rights in connection with the processing.

We are the data controller. Frame ApS, CVR no. 42 04 95 81, is the data controller, and we have the following contact information:

FRAME ApS Bragesgade 8B, 2200 Copenhagen N CVR no.: 42 04 95 81 Phone: +45 50 77 88 77 Mail: info@openframe.org

For e-mail inquiries about your Data, please indicate the following in the subject field: "Personal data — Frame".

Consent. By consenting to this Privacy Policy, you agree that we may collect and use your Data accordingly.

Purpose of collecting personal data when you visit www.openframe.org

We automatically collect information about you and your use of www.openframe.org when you visit the site. This is, for example, information about your IP address, the type of browser you use, the pages you visit, the links you activate, and generally how you move around the website and how you use it.

The purpose is to optimize the user experience and the website's functions as well as to be able to register how long visitors spend on the website and to be able to show you relevant information.

Purpose of collecting personal data when you visit and sign up for newsletters or other marketing emails through one of Frame's platforms

We collect information about your email address, as well as any other information you choose to give us, except for any sensitive information.

The purpose of the processing is to communicate with you in order to provide you with the service you request.

You can always unsubscribe from marketing from Frame by following the "unsubscribe" link at the bottom of our emails or by writing to us at info@openframe.org.

Purpose of collecting personal data when you, as a private individual or contact person for a company/organization/association, have questions or communicate with Frame in general

We collect information about your name, your email, the company/institution/association you represent and any other information you choose to provide us with, except for any sensitive information and your question/content of the request.

The purpose of the processing is to answer questions or otherwise communicate with you in order to provide you with the service you request.

The legal basis for the processing of your Data

The legal basis for our processing of your Data is Article 6(1)(a-c) and (f) of the General Data Protection Regulation, which means that we base our processing of your Data on:

  1. Your explicit consent to this in connection with your registration as a user or customer in our system, including your consent to this privacy policy.
  2. That processing is necessary for the performance of the contract entered into in relation to your use and interaction with our services.
  3. That processing is necessary to comply with certain legal obligations incumbent on us, including the Danish Bookkeeping Act, the Danish Money Laundering Act, etc.
  4. Processing is necessary for the pursuit of a legitimate interest and is not overridden by your interests or fundamental rights and freedoms which require the protection of your Data.

Frame's privacy policy means, among other things, that we:

  • Only collect the information we need to provide the service the user has subscribed to, and only for specific and stated purposes.
  • Do not share sensitive personal data with third parties without the explicit consent of the user.
  • Anonymize personal data used for statistical purposes.
  • Have implemented the IT security measures that we consider customary and necessary to protect the data against unauthorized intrusion and data leakage.
  • Maintain strict controls to ensure that only staff with specific needs and training in handling personal data have access to it.

Information that we collect

We typically collect and process the following types of data:

  1. Contact details, such as name, address, telephone number, email, etc.
  2. Payment details.
  3. Your interaction with our services, such as which topics you click on, your log-on time, etc.

We do not collect sensitive personal data, including data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation, unless you choose to provide us with such data; in which case we will not make use of such data.

Recipients of your Data

We do not sell your personal information to third parties. We may share your Data with suppliers and partners who assist us, for example, with the execution of your order, or who assist us with our IT operations, hosting, email communication, etc. This means that we may share your data with, for example, our service providers, our technical support and our bank. We also share your data to the extent that we are obliged to do so, e.g. as a result of reporting requirements to public authorities such as the Danish Tax Agency. In all cases, we ensure that appropriate security measures are in place.

Recipients in other countries

We only transfer Data to recipients in other EU/EEA countries and recipients (e.g. Google) based in countries where the EU Commission has determined that adequate data protection is ensured or where the necessary guarantees are present in the form of Privacy Shield.

Where your data originates from

The Data we collect about you originates from your interaction with our services or your communication with us (for example, when registering as a customer or user).

Retention of your Data

If you unsubscribe as a customer or user, we will delete or anonymize your Data within six (6) months from the later of (a) the date of deregistration; or (b) the date of your payment of any outstanding amount due to us, unless we are obliged or entitled to retain your Data for longer for other reasons. Furthermore, we will delete or anonymize your Data as soon as the storage is no longer necessary for the purpose for which the Data was collected. Personal data (name and/or email) entered in a project will not be deleted even if the personal profile is closed/deleted.

Your rights

Insights. You have the right to access your Data that we process about you. By writing to us, you can request access to the Data that we have registered about you, including the purposes for which the data has been collected.

Rectification and erasure. You have the right to request the rectification, supplementary processing, erasure or blocking of the Data we process about you.

Restriction of treatment. You have the right — in exceptional circumstances — to restrict the processing of your personal data.

Data portability. You have the right to receive your Data in a structured, commonly used and machine-readable format.

Right to object. You have the right to ask us not to process your personal data in cases where the processing is based on Article 6(1)(e) or Article 6(1)(f).

Withdrawal of consent. If the processing of your Data is based on your consent, you have the right to withdraw your consent at any time.

Complaint to the supervisory authority. If you are dissatisfied with our processing of your Data, you can complain to the Data Protection Authority:

Data Protection Authority Borgergade 28, 5th floor 1300 Copenhagen K Telephone +45 33 19 32 00 dt@datatilsynet.dk

Changes to the personal data policy. We may make changes to this privacy policy in the future. Unless changes are immaterial, we will notify you and you may need to consent to such changes in order to continue using our services.