Legal · Privacy Policy
Privacy Policy
Last updated: 2026-06-22
This policy describes what data FrameThrower (“we”, “us”) has access to when you use the Service, why, and the choices you have. The short version: our systems access only what’s needed to run a reference tool with accounts, quotas, and billing — and nothing more. We don’t sell your data, we don’t run ads, and we don’t use third-party advertising trackers.
1. What our system has access to
To run a reference tool with accounts, quotas, and billing, our systems necessarily have access to the data below. This is what it takes to operate the Service — not information we gather to profile, monitor, or review you.
Account information. Your email address, name, and (if you sign in with Google) your Google profile image. If you sign in by magic link, just your email.
Things you create. Saved frames and movies, collections, moodboards and canvases, notes, hotkey and content preferences.
Images you upload. If you upload or drop an image (image search, canvas), we store it to provide the feature and process it with an AI vision model to make it searchable (see Section 3). Uploads are tied to your account.
Usage activity. Search queries, frames you view, downloads, image searches, and approximate time spent in the app. This activity is linked to your account — we use it for quotas and billing, abuse prevention, and improving search quality.
Payment information. Payments are handled by a PCI-compliant payment processor. We store your subscription status, plan, and billing period — never your card number, which goes directly to the processor and never touches our systems.
Technical and security data. IP address and browser user-agent in security and download logs (rate limiting, bot and scraping defense), and error reports if something crashes (which may include the page you were on).
2. What we use it for
We use what the system has access to only to:
- Operating the Service: accounts, libraries, moodboards, sharing.
- Enforcing plan quotas and processing subscriptions.
- Preventing abuse: scraping, bulk downloading, automated access.
- Improving the product — e.g. understanding which searches fail so we can make results better.
- Sending transactional email (sign-in links, billing receipts, important account notices). No marketing email without your consent.
We will never sell your data. We do not sell or rent personal data, share it with advertisers, or use it for purposes unrelated to running FrameThrower — and that’s a commitment, not a current-policy statement.
Aggregate insights. We may analyze usage in aggregated, de-identified form — for example, “which kinds of searches return poor results” or overall feature usage — to improve the product. Aggregate data never identifies you and is never connected back to an individual account when used this way.
3. Service providers
We rely on a small set of vetted, US-based infrastructure providers — covering hosting, database, content delivery and storage, payment processing, AI processing, and transactional email. Each provider is bound to process data only as needed to provide its service to us, under its own security and privacy commitments.
Where AI features are involved (e.g. visual search on an image you upload), the image or search text is processed by our AI provider solely to deliver the feature — it is not used to identify you.
If your company’s compliance or security team needs details about our subprocessors, contact us at hello@framethrower.ai and we’ll work through your review.
4. Cookies
We use cookies only to keep you signed in: a session cookie and a short-lived (60-second) session-cache cookie that reduces database load. No advertising or cross-site tracking cookies.
5. Retention and deletion
Your content (libraries, moodboards, preferences) is kept while your account exists. You can delete saved items, collections, and moodboards in the app at any time.
Complete deletion on request. You can ask us to permanently and completely delete your account and all associated personal data — a true right to be forgotten. Email privacy@framethrower.ai from your account email and we complete the deletion within 30 days, across our live database and provider systems. The only things that survive are minimal records the law requires us to keep (e.g. billing/tax records) or short-lived security logs needed to prevent abuse — never your libraries, moodboards, uploads, or activity — and those are purged on their normal schedule.
6. Your rights
Depending on where you live (e.g. GDPR in the EU/UK, CCPA in California), you may have rights to access, correct, export, or delete your personal data, and to object to certain processing. We honor these requests for all users regardless of location: email privacy@framethrower.ai and we’ll respond within 30 days.
7. Security
Data is encrypted in transit (TLS) and at rest with our providers. Access to personal data is limited to operating the Service. No system is perfectly secure — if a breach affects your data, we will notify you as required by law.
8. Age
FrameThrower is for users 18 and older. We don’t knowingly collect data from minors; if you believe a minor has an account, contact us and we’ll remove it.
9. Changes
If we materially change this policy, we’ll update the date above and notify you in the app or by email before the change takes effect.
10. Contact
Privacy questions or requests: privacy@framethrower.ai. See also our Terms of Service.