Privacy Policy

1. Data Controller

Framo ("we", "us", "our") is the data controller responsible for your personal data. For any privacy-related questions, contact us at contact@framo.app.

2. Information We Collect

Personal Information You Provide:

• Account information: name, email address, username, profile photo
• Payment information: billing details, subscription status (processed securely via Polar)
• Content: 3D models, files, and projects you create or upload
• Communications: support requests, feedback, and correspondence

Information Collected Automatically:

• Usage data: features used, actions taken, time spent
• Device information: IP address, browser type, operating system
• Cookies and similar tracking technologies
• Performance data: crash reports, error logs

3. Legal Basis for Processing (GDPR)

We process your personal data based on:

• Contract: To provide our services and fulfill our agreement with you
• Legitimate Interest: To improve our services, ensure security, and prevent fraud
• Consent: For marketing communications and optional features
• Legal Obligation: To comply with applicable laws and regulations

4. How We Use Your Information

• Provide, maintain, and improve our services
• Process transactions and manage subscriptions
• Send service-related communications and updates
• Provide customer support and respond to inquiries
• Send marketing communications (with your consent)
• Detect, prevent, and address technical issues and fraud
• Comply with legal obligations
• Analyze usage patterns to improve user experience

5. Data Sharing and Disclosure

We may share your information with:

• Service Providers: Third parties who help us operate our business (hosting, payment processing, analytics)
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• With Your Consent: When you explicitly agree to sharing

We never sell your personal information to third parties.

6. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.

7. Data Security

We implement industry-standard security measures including:

• Encryption of data in transit and at rest
• Regular security audits and assessments
• Access controls and authentication measures
• Employee training on data protection

While we strive to protect your data, no method of transmission over the Internet is 100% secure.

8. Data Retention

We retain your personal data for:

• Account data: As long as your account is active
• Content: Until you delete it or close your account
• Legal records: As required by applicable laws (typically 5-7 years)
• Marketing data: Until you unsubscribe or withdraw consent

After deletion, some information may persist in backups for up to 90 days.

9. Your Rights (GDPR & CCPA)

You have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data ("right to be forgotten")
• Portability: Receive your data in a structured format
• Restriction: Limit processing of your data
• Object: Oppose processing based on legitimate interests
• Withdraw consent: For processing based on consent
• Lodge a complaint: With your local data protection authority

To exercise these rights, contact us at contact@framo.app. We'll respond within 30 days.

10. Cookies and Tracking

We use cookies and similar technologies for:

• Essential cookies: Required for service functionality
• Analytics cookies: To understand usage patterns
• Preference cookies: To remember your settings
• Marketing cookies: To deliver relevant advertisements (with consent)

You can manage cookie preferences through your browser settings. Disabling cookies may limit functionality.

11. Third-Party Services

We use the following third-party services:

• Polar: Payment processing and subscription management (Data Processor)
• Convex: Database and real-time synchronization (Data Processor)
• Vercel: Hosting and content delivery (Data Processor)
• Google Analytics: Usage analytics - anonymized (Data Controller)
• Fal.ai: AI image and video processing (Data Processor)
• Resend: Email service (Data Processor)
• NextAuth: Authentication services (Data Processor)

Each service has its own privacy policy. We recommend reviewing them.

12. Children's Privacy

Our service is not directed to individuals under 16. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately.

13. California Privacy Rights

California residents have additional rights under CCPA including the right to know, delete, and opt-out of the sale of personal information (we do not sell personal information). For requests, email contact@framo.app.

14. Changes to This Policy

We may update this policy periodically. Material changes will be notified via email or prominent notice within the service. Continued use after changes constitutes acceptance.

15. Contact Information

For privacy-related questions or to exercise your rights:

• Email: contact@framo.app
• Address: [Your company address]