References in this Privacy Policy to the “Sources are reference to the Website and/or the Third Party Sources, as applicable.
References in this Privacy Policy to the “Website” are references to the website “framecad.com” and all its sub-domains, or any subsequent URL or URLs used by FRAMECAD Limited from time to time.

References in this Privacy Policy to “FRAMECAD”, “we” “us” or “our” are references to FRAMECAD Limited, a company incorporated in New Zealand with its registered office at 99 Felton Mathew Avenue, Glen Innes, Auckland, 1072, New Zealand.  The terms “you” and “your” are references to visitors to the Website or users of the other Sources from time to time.

FRAMECAD owns and operates the Website.

FRAMECAD is committed to protecting your privacy, maintaining the security of any personal data received from you and to giving effect to relevant privacy legislation.   We take privacy and security of your personal data seriously and will only use your personal data as set out in this Privacy Policy.

GDPR:
If the GDPR (as defined in the Schedule) applies to you and your personal data (but not otherwise) then, in addition to the body of this Privacy Policy, the provisions of the Schedule to this Privacy Policy shall apply. 

CCPA:
If you are a resident of California, please refer to our California Consumer Privacy Act of 2018 (CCPA) Schedule.

 

The purpose of this Privacy Policy is to explain to you what personal data (if any) we collect and process through the Website and other Sources or as otherwise agreed between us, how and why we collect and process it, and how we may use and disclose it.
Please note that our Privacy Policy (including the Schedule) may change from time to time and the new Privacy Policy will be published on the Website.  By using the Website or other Sources and submitting your personal data to us, you agree to us using your personal data in accordance with this Privacy Policy.
We invite you to also read our Terms and Conditions for more information on the use of the Website.

 

What does this Privacy Policy cover?
This Privacy Policy only applies to how FRAMECAD deals with your personal data.  It does not apply to any company outside the FRAMECAD group or to any such company’s websites, even if you access them through FRAMECAD or through the Website or via other Sources.  If you disclose your personal data to any company outside the FRAMECAD group, your data will be dealt with according to their privacy practices.

What data do we collect and process?
On the Website or via other Sources we may ask you for personal data such as: your first and last name, e-mail address, job title, landline phone number, mobile phone number, product category you are interested in, country and other relevant personal data.  We may also ask you for information relating to your company such as company name, company website address, company billing address, company shipping address and other relevant data.
The legal basis for this collection and processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract. 

When you purchase products or services from us on the Website or via other Sources you may be asked for credit card information such as first name and last name, credit card type, credit card number and expiry date, 3 digit verification code (CCV).  This data is used to process payments however we do not store this data.  It may be stored by our payment agents.
The legal basis for this collection and processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.

With regard to each of your visits to the Website or other Sources, as applicable, we will automatically collect the following data:   technical and log file data, including the Internet protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from the Website or other Sources (including date and time), products and services you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouseovers), methods used to browse away from the page, and any phone number used to call our customer service number. We utilize this data to conduct site performance evaluations, to see where visitors are coming from and to keep track of click stream data (that is, data about which screens our users visit on our site).

This data helps us to determine what content our users find most appealing so that we can maximize your enjoyment of the site. Log files are not tied to personally identifiable data unless required by law.
Users who do not register with us may browse the site without providing any personal data.  These visits are also tracked for the purposes outlined above.
The legal basis for this collection and processing is our legitimate interests, namely monitoring and improving the Website or other Sources and our services. 
If you contact us, we keep a record of that correspondence, for the purposes of communicating with you and record-keeping.
The legal basis for this processing is our legitimate interests, namely being able to contact you and keep our records up to date. 
Other data to help us provide you with improved products and services.
The legal basis for this processing is our legitimate interests, namely our interest in the proper administration of our Website, other Sources and business and improving the services we provide to you.
Where we receive personal data about you from other individuals, companies and organisations, we rely on these third parties to obtain your consent for us to use this data.
If you provide personal or other data to us you warrant the accuracy of such data and, where it is data about someone other than yourself, you warrant that you have that person’s consent to provide such data for the purposes specified.
In addition, when users visit our Website we also use cookies as described below in this Privacy Policy.

Why do we collect and process your personal data? 
We primarily collect and process different types of personal data about our users to fulfil their requirements for our products and services, to process orders, to carry out or respond to requests, to respond to their related enquiries or for any other purpose identified at the time the data is requested.    The legal basis for these activities are as set out above in this Privacy Policy.
 
Use and/or disclosure of your data
We also may use the personal data we collect from you:
(A)   to pass data to our authorised distributors, agents, service providers and employees, in order to effectively supply products or carry out our services; your data helps us better respond to your individual needs;
(B)   to provide you with marketing material or email updates, with your consent; and/or
(C)   to improve the quality and efficacy of our products and services and our marketing strategies.
We will request your consent before passing your personal data to third parties for purposes other than those set out in this Privacy Policy.

We may disclose personal data from time to time to:
(A)   companies or persons related to FRAMECAD, including any company in the FRAMECAD Group and any such company’s employees and contractors (in which case, your personal data will be collected, used, disclosed, managed and stored in accordance with this Privacy Policy);
(B)   Google Analytics, Hubspot, Go to Webinar, Hotjar and others as advised by us from time to time.
(C)   persons authorised by you to receive data held by us or identified by us at the time the data is requested from you;
(D)  as part of any investigation into you or your activities where we reasonably believe that disclosure is necessary to the police, any relevant authority or enforcement body, or your Internet Service Provider or network administrator;
(E)   as part of a sale (or proposed sale) of all or part of our business; and/or
(F)   as required or permitted by any applicable law.
We do not sell or make available any part of your personal data for use by other service providers for the purpose of marketing and promotional communication.

How do we protect your personal data? 
FRAMECAD takes reasonable measures (physical, organisational and technological) to safeguard against unauthorised access to your personal data and to safely store your personal data.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. Unfortunately, the transmission of information via the internet is not completely secure.  You acknowledge that the internet is not a secure medium and the privacy of your communications and personal data can never be guaranteed.  Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
 

Cookies
A cookie, also known as an HTTP cookie, web cookie, or browser cookie, is a small piece of data sent from a website and stored in your web browser while you are browsing that website.  Every time you load the Website, the browser sends the cookie back to the server to notify the Website or other Sources of your previous activity.
The Website uses cookies for two reasons: (1) to improve the user experience; and (2) for security purposes.
Specifically, we use cookies to: The cookies used on the Website do not allow us to collect any personally identifiable data about you. If your browser is configured to reject all cookies you will be unable to access certain parts of the Website that require cookies in order to access.  This includes (but is not limited to) MyFRAMECAD and the products and services available through MyFRAMECAD.  In addition, if your browser is configured to reject cookies you may experience impaired performance of the Website and an impaired user experience.
To ensure you have the best experience possible, we recommend that you accept cookies. You may still be able to use some information-only pages even if you do not accept cookies.

Children  
The Website, other Sources and our products and services are not directed at, and are not to be accessed by, individuals under the age of eighteen (18). We will not intentionally collect or maintain information about these individuals. If you believe that we may have collected personal data from someone under the age of 18, please let us know by emailing us at privacy@framecad.com.  We will then take appropriate measures to investigate and, if appropriate, delete that information.

How long we store your personal data 
We will retain your information for as long as needed to provide you with the products or services or as long as needed to fulfil the purpose for which the personal data was originally collected.  We may also be required to retain certain information by law and/or for legitimate business purposes (for example, tax records).

How can you update and access your personal data?
Under applicable law you may have the right to seek access to and update the personal data we hold about you.  Subject to applicable law, we may charge a fee to cover the costs of meeting your request.  Additional rights may apply where the GDPR applies as set out in the Schedule.
If you would like to seek access to personal data we hold about you, if you no longer wish us to collect, use or disclose any personal data for the purposes described above, or if you have any questions or complaints about how we collect, use, disclose, manage or store your personal data, please contact us at privacy@framecad.com.

If we do not hear otherwise from you, we will assume that the data you provide is accurate and up-to-date and that you consent to the collection, use and disclosure of the personal data you provide us about yourself or others for the purposes described above.

Communication with you
From time to time we may send out email messages alerting you that products or services are available, to remind you about providing feedback or for promotional offers. In addition, you will receive communication from us 1) if you contact us for a particular reason, 2) to receive your orders, or 3) we need to contact you for administrative purposes. If you wish to opt-out of receiving promotional materials from us, please email us at privacy@framecad.com.
Where you are a registered user of MyFRAMECAD we may send you out alerts and user generated emails that are functionalities of the portal and therefore cannot be unsubscribed where you wish to retain access to MyFRAMECAD.
 
Your feedback is always welcome
We welcome your comments and questions about our Privacy Policy - or anything else you might want to talk about. To contact us please email us at privacy@framecad.com.

This Privacy Policy was last updated on: 25 May 2018.
 
© 2014-2018 FRAMECAD Limited.  All Rights Reserved

 
 

GDPR - Schedule
For the purpose of the General Data Protection Regulation (“GDPR”), the data controller is Framecad Limited of 99 Felton Mathew Avenue, Glen Innes, Auckland, 1072, New Zealand.   
Where the GDPR applies, the personal data you provide to us in connection with your use of the Website, other Sources and/or in connection with your purchase of or access to the various products and services of FRAMECAD, will be processed in accordance with the provisions of the GDPR.
We will comply with the GDPR where it applies to you and your personal data.
The GDPR states that the personal data we hold about you must be:
1. Used lawfully, fairly and in a transparent way.
2. Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
3. Relevant to the purposes we have told you about and limited only to those purposes.
4. Accurate and kept up to date.
5. Kept only as long as necessary for the purposes we have told you about.
6. Kept securely.

Where we store your personal data
Information provided to us by persons accessing the Website, or other Sources is stored on secure servers currently located in the United States.  It will also be processed by staff who work for us. This includes staff engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services.  By submitting your personal data, you agree to this transfer from inside to outside the EEA and such storing or processing.   

Transfers of your personal data outside the EEA 
As described above, your personal data may be transferred outside of the EEA in order to carry out the services we provide to you or supply any products to you.  The lawful basis for this processing will either be: (a) on the basis of your informed consent; or (b) necessary for the performance, fulfilment and administration of a contract/order between you and us, or in anticipation of a contract/order.   All transfers of your personal data outside of the EEA will be protected by appropriate safeguards. Where your personal data is transferred outside of the EEA, We will ensure that either (a) The European Commission has made an "adequacy decision" with respect to the data protection laws of the country to which it is transferred, or (b) we have entered into a suitable data processing agreement with the third party situated in that country to ensure the adequate protection of your data in compliance with the GDPR.

Your rights
Where this Schedule applies, you may instruct us to provide you with any personal data we hold about you, provided your request is not found to be unfounded or excessive, in which case a charge may apply.  We may withhold personal information that you request to the extent permitted by law.
You may instruct us at any time not to process your personal information for marketing purposes.
The rights you have under the GDPR are:

• the right to access. You have the right to ask us to confirm whether or not we process your personal data and, to have access to the personal data, and any additional information. That additional information includes the purposes for which we process your data, the categories of personal data we hold and the recipients of that personal data. You may request a copy of your personal data. The first copy will be provided free of charge, but we may charge a reasonable fee for additional copies.

• the right to rectification. If we hold any inaccurate personal data about you, you have the right to have these inaccuracies rectified. Where necessary for the purposes of the processing, you also have the right to have any incomplete personal data about you completed.

• the right to erasure. In certain circumstances you have the right to have personal data that we hold about you erased. This will be done without undue delay. These circumstances include the following: it is no longer necessary for us to hold those personal data in relation to the purposes for which they were originally collected or otherwise processed; you withdraw your consent to any processing which requires consent; the processing is for direct marketing purposes; and the personal data have been unlawfully processed. However, there are certain general exclusions of the right to erasure, including where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for establishing, exercising or defending legal claims.

• the right to restrict processing. In certain circumstances you have the right for the processing of your personal data to be restricted. This is the case where: you do not think that the personal data we hold about you is accurate; your data is being processed unlawfully, but you do not want your data to be erased; it is no longer necessary for us to hold your personal data for the purposes of our processing, but you still require that personal data in relation to a legal claim; and you have objected to processing, and are waiting for that objection to be verified. Where processing has been restricted for one of these reasons, we may continue to store your personal data. However, we will only process it for other reasons: with your consent; in relation to a legal claim; for the protection of the rights of another natural or legal person; or for reasons of important public interest.

• the right to object to processing.  You can object to us processing your personal data on grounds relating to your particular situation, but only as far as our legal basis for the processing is that it is necessary for: the performance of a task carried out in the public interest, or in the exercise of any official authority vested in us; or the purposes of our legitimate interests or those of a third party. If you make an objection, we will stop processing your personal information unless we are able to demonstrate compelling legitimate grounds for the processing, and that these legitimate grounds override your interests, rights and freedoms; or the processing is in relation to a legal claim.

• the right to data portability. You have the right to request that your personal data be moved, copied or transferred from one database, storage or IT environment to another. 

• the right to complain to a supervisory authority.   If you think that our processing of your personal data infringes data protection laws, you can lodge a complaint with a supervisory authority responsible for data protection. You may do this in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.

• the right to withdraw consent.  To the extent that the legal basis we are relying on for processing your personal data is consent, you are entitled to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.

• the right to object to direct marketing.  You can choose whether we process your personal data for direct marketing purposes. If you do not want us to process your personal data for direct marketing purposes, we will not process your personal data for this purpose. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your personal data.

 
If you wish to:

• Request access to, deletion of or correction of, your personal data. Please contact us to arrange this at privacy@framecad.com. 

• Request that your personal data be transferred to another person. You can exercise this right by contacting us at privacy@framecad.com and requesting that your personal data be transferred; and

• Complain to the Information Commissioners Office (ICO). The ICO website which contains the processes for raising a complaint can be found here: https://ico.org.uk/. we would ask that where possible you contact us at privacy@framecad.com in the first instance so we can attempt to resolve any issues you may have. 

 

This Privacy Policy was last updated on: 22 May 2018.

© 2018 FRAMECAD Limited.  All Rights Reserved