Privacy policy

The data controller is FrameClo Technologies S.L., owner of FrameClo. Contact email: legal@frameclo.com.

We have not appointed a data protection officer. If this changes, we will publish the contact details here.

• Account data: name, email, language, preferences and security.
• Workspace data: brand, organization, members and permissions.
• Billing data: plan, purchases, payment status, invoices, billing address and Stripe metadata. We do not store full card numbers.
• User content: garments, products, logos, references, instructions, models, images, videos, audio, history and generation metadata.
• Technical data: IP, device, browser, logs, errors, security events, credit usage, processing times and usage limits.
• Communications: support, contact forms, transactional email and feedback.

• Provide the platform, process files and deliver outputs.
• Manage subscriptions, credits, invoices, payments and support.
• Protect the service against abuse, fraud and unauthorized use.
• Debug errors and improve quality, prompts, cost and performance.
• Send service, security, product and billing messages.
• Comply with legal, tax, accounting and regulatory obligations.

We process data to perform our contract with you, comply with legal obligations, protect legitimate interests in security and service improvement, and request consent where required, for example for non-essential marketing or certain uses of images of real people.

To generate images, videos, models or analysis, we may send the necessary data to AI and storage providers. Avoid uploading sensitive data unless it is necessary, lawful and you have the required permissions.

If you upload images, voice or traits of real people, you confirm that you have explicit permission for the intended use, including AI generation or modification and commercial use where applicable.

We may share data with infrastructure and product providers, including Vercel, Supabase, Stripe, Google Cloud/Vertex AI, fal.ai as generation fallback, ElevenLabs for voice features, Resend for email, Upstash for rate limits and idempotency, and security, support, accounting or advisory services when needed.

We do not sell personal data to advertisers.

Some providers may process data outside the European Economic Area. Where needed, we use appropriate safeguards such as data processing agreements, adequacy decisions, standard contractual clauses or other valid mechanisms.

We keep data while your account is active and for as long as reasonably needed to provide the service, resolve incidents, maintain security and meet legal obligations.

Invoices and accounting records are kept under applicable tax law. Deleted content may remain for a limited period in backups or technical logs.

You may request access, rectification, erasure, objection, restriction, portability and withdrawal of consent where applicable. You may also lodge a complaint with the competent supervisory authority.

To exercise rights, contact legal@frameclo.com. We may ask for reasonable information to verify your identity.

We apply reasonable technical and organizational security measures, including access controls, credential separation, logs, abuse limits, encryption where appropriate and providers with recognized security practices. No online service can guarantee absolute security.

FrameClo is not directed at minors. Do not upload images of minors or create content involving minors unless it is lawful, appropriate, all required consents are in place and the context is permitted.

Cookies and similar technologies are described in the cookies policy.

For privacy and data protection questions, contact us at legal@frameclo.com.