---

1. Introduction

This Policy sets out the obligations of FRAMETEXX GmbH (“FRAMETEXX”), a company registered in Germany under number HRB 82461, whose registered office is at Lotsekai 10, 21079 Hamburg regarding data protection and the rights of customers, business contacts and website users in respect of their personal data under EU Regulation 2016/679 General Data Protection Regulation (“GDPR”).

Your privacy is important to us. Our priority at FRAMETEXX is keeping your data secure and treating it with respect. We aim to handle your data fairly and lawfully at all times. We’re also committed to being transparent about what we do. This statement explains how we collect, use, transfer and store your personal data. We know that there is a lot of information here, but it’s important that you understand your rights as a customer.

It’s likely that we will update this notice from time to time in order to reflect changes in the law and/or to our privacy practices, but we will notify you of any significant changes. Our website will always show the most up to date version. You can request a paper copy by calling us.

2. How can you contact us?

We can be contacted at:

FRAMETEXX GmbH, Lotsekai 10, 21079 Hamburg, GERMANY

FRAMETEXX’s Data Protection Officer has overall responsibility for the way that FRAMETEXX collects and handles personal data. The Data Protection Officer can be contacted at the address above.

Other ways to contact us are on our contact page.

3. Who does this statement apply to?

• Customers and prospective customers
• Individuals, partnerships and companies (to the extent that the relevant company provides us with any personal data – for example employee names and e mail addresses)
• People we wish to promote products and services to
• People who contact us on social media
• People who visit our website

Individuals, sole traders partnerships and companies

What personal data do we collect?

Data we collect from you includes:

Personal data
Such as your name, address, and other contact details such as your email address and telephone number. We need this data from you in order to enter into a contract with you

Financial information
Such as your payment details and financial circumstances. We need your bank details if you want to pay by direct debit. If you have difficulty paying our bills, providing details of your circumstances helps us work with you to resolve this

Company data
With regards to companies, data such as names, phone numbers and email addresses of representatives of your company.

What do we use your personal data for?

It’s important that you understand what we’ll do with the data that we hold about you.

We’ll process your data for the following purposes necessary for the performance of our contract with you, or in readiness for such a contract. The basis for data processing is Art. 6 (1) (b) GDPR, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.

• To assess your needs, provide you with a quotation and agree a contract with you.
• To set up your account with us and send invoices.
• To process payments and refunds.
• To communicate with you and anyone you authorise to speak to us.
• To investigate and manage disputes with you and recover unpaid bills.
• To provide product related maintenance services

We’ll process your data to comply with legal obligations including:
Orders made by a Court, for example where we are ordered to disclose information to law enforcement agencies.

We’ll process your data where we have a legitimate interest. We’ll ensure that our interest has been balanced against your rights and freedoms as an individual. The basis for data processing is Art. 6 (1) (f) GDPR. This includes:

• For good governance, accounting, managing and auditing our business operations so that our business is effective and performs well.
• Keeping records of our dealings with you so that we have an accurate history of our relationship with you in case of disputes.
• To manage our bad debt risk, including taking legal action against you if you do not pay our bills, because we are entitled to try and enforce our rights.
• To develop, test and improve the products and services we provide.
• For research and insight purposes, to enable us to provide good customer service.

Who do we share your personal data with?

We share your data with service partners we engage to assist us with things like IT and telephony.

People we wish to promote products and services to

We’d like to use your personal data to communicate with you by email, text, letter, telephone, social media and via our website.

With your consent, we will tell you about products and services, promotions, tailored special offers and discounts that we think are likely to interest you. If you’ve given us permission to send you marketing information we will respect your choices as to how you would like to receive this.

We may send you letters or call you without your prior agreement when we have a legitimate interest in doing this. Our legitimate interest might be:

• Understanding our customer and getting to know their preferences.
• Telling our customers about products that might meet their needs and desires.
• Ensuring our customers are aware when they can save money.

You’re in control

We won’t use your personal data to promote anything to you, or for any marketing purpose at all (including profiling you for marketing), if you have told us not to. We will give you the opportunity to opt out of receiving marketing information whenever we contact you directly for this purpose. You can also opt out, and change your consent preferences, by calling us directly or going online.

People who contact us via social media

We have accounts on most major social media channels and use their ‘public’ platforms to manage our social media interactions.

We don’t have any control over how these companies use any data shared with us through their services, and we recommend you review their privacy notices yourself. We’d also remind you that any information you post publically is visible to anyone.

If we know you’re an FRAMETEXX customer and you send us personal data using a private or direct message via social media that data will be stored along with your other account records in line with our standard data retention period.

Visitors to our website

By using our website, you’re allowing us to collect and use the information you give us for the purposes of your visit or as explained to you.

SSL or TLS encryption

Our web pages use SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar.

If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

Cookies

Some of our web pages use cookies. Cookies do not harm your computer and do not contain any viruses. Cookies help make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called “session cookies.” They are automatically deleted after your visit. Other cookies remain in your device’s memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.

You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.

Server log files

The website provider automatically collects and stores information that your browser automatically transmits to us in “server log files”. These are:

• Browser type and browser version
• Operating system used
• Referrer URL
• Host name of the accessing computer
• Time of the server request
• IP address
• Status Code

These data will not be combined with data from other sources. They are used for statistics and error reports.

The basis for data processing is Art. 6 (1) (f) GDPR, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.

Contact form

Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission.

We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1)(a) GDPR. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.

4. Your rights

If we collect or handle your personal data, you have rights as an individual which you can exercise in relation to the information we hold about you.

Right of access to your personal data

Individuals can find out if we hold any personal data about them, and access that data, by making a ‘subject access request’ under the EU Regulation 2016/679 General Data Protection Regulation (“GDPR”). If we do hold your personal data, we will provide you with a copy and information about what we do with it. Unless you ask us to provide it in a different way, we will email this to you where you have given us an email address.

You can request access to our data using any of the methods on our Contact Us page.

Other rights you have

If you’ve given us consent to process your personal data, you have the right to withdraw that consent at any time by contacting us. If you have an online account with us, you can also make changes to that preference in your account.

You can request that we correct any mistakes, restrict or stop processing your data, or delete it. It’s worth noting that in some cases if you do ask us to correct, delete or stop processing it, we won’t always be required to do so – for example we may need to continue in order to service your account in line with our contract. If this is the case, we’ll explain why.

Your right to contact the Information Commissioner

If you’re unhappy with any aspect of how we handle your personal data you also have the right to contact the Information Commissioner’s Office (ICO), the supervisory authority that regulates handling of personal information in Germany.

You can contact them by going to their website, phoning them on +49 40 428 54 – 4040 or by post to:

Hamburgische Beauftragte für Datenschutz und Informationsfreiheit, Kurt-Schumacher-Allee 4, 20097 Hamburg, Germany

5. How long do we store your personal data for?

If you have an account with us, we will retain your personal data for ten years following the end of our contractual relationship with you (which might be when your account closes or when we have issued your final bill.) There may be circumstances when we need to keep it for longer, for instance, to meet our legal obligations, but we will delete it as soon as we have no need to keep it further.

If we hold your data for any other reason we will delete it as soon as we no longer have a valid reason to retain it.

6. How we keep your information safe

When you log in to your online account or ask us for a quote, our website pages are secure, which means all the personal details you type in are encrypted before they’re sent to us.

We store and use all personal information securely, so it can’t be read by anyone who doesn’t need to see it.

When we use other organisations to help us provide services and manage your account, we have appropriate contracts in place, which limits their use of your data to only what we have asked them to do. We provide only the information they need to perform their specific services and we work closely with them to ensure that your privacy is respected and protected at all times. If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.