Trust · Security & Confidentiality
Your scripts stay yours
Last updated: 2026-06-18
We know an unreleased screenplay is one of the most sensitive things you own. FrameThrower is built so that your script is private to you — not read by our team, not used to train any AI, and gone the moment you delete it. Here is exactly how.
Isolated to your account
Every script and project is bound to your account. Our servers enforce ownership on every request — there is no path for another user (or an unauthenticated request) to read your scripts or uploaded files.
Encrypted in transit and at rest
All traffic runs over TLS. Stored data — including the uploaded PDF and the parsed screenplay — is encrypted at rest, with an additional layer of application-level encryption on the script content so that even a database compromise yields ciphertext, not your pages.
Never used to train AI
To power features like script breakdown and shot suggestions, your text is sent to our AI processor (Google’s Gemini API) solely to fulfill that request. Under the API terms, your content is not used to train any model and is not retained by the provider beyond processing your request.
No human at FrameThrower reads your scripts
Our staff do not read user scripts. Access to user content is restricted, access-controlled, and logged. Your screenplay is never written into our application logs or error reports.
You can permanently delete everything
Deleting a project is a hard delete: the database record, the uploaded PDF in storage, and any derived analytics are all removed immediately. When it’s gone, it’s gone.
We keep our footprint small
We store only what’s needed to run the tool. Our internal analytics record generated abstractions (e.g. search descriptions) to improve the product — never verbatim passages of your screenplay.
Who processes your data
We rely on a small set of established infrastructure providers, each bound by their data-processing terms, and only to deliver the Service:
- · Google (Gemini API) — AI processing of your text; no training on your data.
- · Neon — encrypted Postgres database.
- · Cloudflare R2 — encrypted file storage (uploaded PDFs).
- · Vercel — application hosting.
Questions about security, or need something specific for your production? Reach out — we’re happy to walk through it. See also our Privacy Policy.