Data Policy

Frame follows the The EU General Data Protection Regulations (GDPR).

Aim of the GDPR

The aim of the GDPR is, among other things, to reinforce the rights and freedoms of individuals, to acknowledge the global reach of privacy protection and to enforce the implementation of privacy legislation.

We have documented and updated our data processing procedures and the person registers we manage, updated our privacy protection and security practices, and appointed a data protection manager. We have created a clearly documented internal process and protocol for the processing of personal data.

Frame’s essential operations include grants and communications, which is why we must manage related person registers. Frame is committed to following the GDPR and to continue to collect only the data we need, only store it for the necessary length of time and report without delay any data security breaches in our registers. Personal data is processed only by the relevant personnel and the processing leaves a trace in our data system. Everyone currently in our registers will have the opportunity to access information about themselves, alter the information and be removed from the register if they so wish and there is no legal basis to store the data for, for example, archiving purposes.


You may send an inquiry to after which we will deliver a report about your information in our registers within a month of your inquiry. Please mention your name and your connection to the Frame Foundation in your message. The report is free of charge.

If you have applied for a grant from the Frame Foundation, you may access your data via the grant application service. If you want to alter or remove information in the grant application system register, please contact

In the future, we will request permission to process the data from new contacts as transparently and clearly as possible. When requesting the permission, we will provide information about why we collect data, how we use it, how long it will be stored and the rights of the data subject. We secure the permission using a two-stage verification process.

Person registers managed by Frame Contemporary Art Finland

The Frame Foundation manages six registers: the grant register, the person register, the contact register, the recruitment register and the open call register and the statistics register. Below you will find the privacy statements of all the registers we manage. The statements explain why the data in each register is collected or stored, how the data is processed, who processes it, the rights of the data subject and how the register’s data security is maintained.

Data subject rights

The Foundation collects only the necessary information from registered data subjects. Unless there are legal grounds for storing the data, each data subject has the right to their own data, to know who has processed their data, the right to correct false information and the right to be forgotten.

The data subject has the right to be notified about any data breach involving their data. The data subject has the right to receive the report on their data within a month of their request.

The data subject has the right to issue a complaint to the supervising authorities if they suspect their personal data has been processed erroneously.

Privacy statements

Frame Privacy statement – Contact register

Download – Link opens in new window

Frame Privacy statement – Open Call Application register

Download – Link opens in new window

Frame Privacy statement – Personnel register

Download – Link opens in new window

Frame Privacy statement – Recruitment register

Download – Link opens in new window

Frame Privacy statement – Statistics register

Download – Link opens in new window

Frame Privacy statement – Grants register