1. Data Controller
Framiq is the data controller responsible for your personal data. Contact: privacy@framiq.ai
2. Data We Collect
- Account data: Name, email address, password (hashed)
- Usage data: Generation history, credit transactions, feature usage
- Technical data: IP address, browser type, device information, cookies
- Payment data: Billing information processed by our payment provider (Stripe) — we do not store card details
3. How We Use Your Data
- Providing and improving the Service
- Processing payments and managing credits
- Sending transactional emails (account, billing)
- Detecting and preventing abuse or fraud
- Complying with legal obligations
We do not sell your personal data to third parties. We do not use your generated content to train AI models.
4. Legal Basis (GDPR)
- Contract performance: Account management, service delivery
- Legitimate interest: Security, fraud prevention, service improvement
- Legal obligation: Tax and accounting requirements
- Consent: Marketing communications (optional)
5. Data Retention
Account data is retained for the duration of your account plus 3 years after deletion. Generation history is retained according to your plan limits. Payment records are retained for 10 years as required by French law.
6. Third-Party Services
- Cloudflare R2: Media storage (EU region)
- Stripe: Payment processing
- AI model providers: Prompts are transmitted to third-party AI APIs for generation
7. Your Rights (GDPR)
Under the GDPR, you have the right to:
- Access your personal data
- Rectify inaccurate data
- Request deletion ("right to be forgotten")
- Data portability
- Object to processing
- Lodge a complaint with the CNIL (France)
To exercise your rights: privacy@framiq.ai
8. Cookies
We use essential cookies for authentication and session management. We do not use advertising or third-party tracking cookies.
9. Changes to this Policy
We may update this Privacy Policy. We will notify you by email for material changes. The date at the top reflects the latest revision.