Privacy Policy

Framedeck ("we", "us", "our") is operated by Peter Schafflechner, based in Austria. This Privacy Policy explains how we collect, use, and protect your personal data when you use our service at framedeck.app.

1. Data We Collect

When you use Framedeck, we collect the following data:

• Account data: email address, display name, and profile picture (if you sign in with Google or Microsoft).
• Content you create: boards, cards, columns, comments, checklists, attachments, voice notes, and any text you enter.
• Usage data: activity logs of actions you take in the app (creating, editing, moving cards) for audit and notification purposes.
• Billing data: if you subscribe to a paid plan, we collect billing address, VAT ID (if provided), and a Stripe customer reference. We do not store credit card numbers — those are handled by Stripe.

2. Why We Collect It

• To provide the Framedeck service (your boards, syncing, sharing).
• To authenticate you and protect your account.
• To process payments for paid subscriptions.
• To send transactional emails (account changes, billing receipts).
• To investigate abuse and security incidents.

3. Where Your Data Is Stored

Your data is stored on Supabase infrastructure in the European Union (Frankfurt region). Backups are managed by Supabase. Stripe processes billing data per its own privacy policy.

4. Third Parties We Share Data With

• Supabase — database, authentication, storage (EU region).
• Stripe — payment processing for paid plans.
• Google / Microsoft — only if you choose to sign in with them (we receive your email, name, and profile picture).
• Vercel — application hosting and CDN.
• OpenRouter / AI providers — if you use AI features, your prompts are sent to the selected provider for processing. We do not store AI prompts beyond the duration of the request.

We do not sell your data to anyone.

5. Cookies and Local Storage

We use browser local storage to keep you signed in (Supabase auth token) and to remember your UI preferences (theme, active board, filters). We do not use third-party tracking cookies or advertising cookies.

6. Your Rights (GDPR)

If you are in the European Economic Area, you have the right to:

• Access the personal data we hold about you.
• Correct inaccurate data.
• Delete your account and all associated data.
• Export your data in a portable format.
• Object to processing or restrict it.
• Lodge a complaint with your local data protection authority.

To exercise any of these rights, email support@framedeck.app. We will respond within 30 days.

7. Data Retention

We retain your data as long as your account is active. If you delete your account, your data is deleted within 30 days. Billing records may be retained longer where required by Austrian tax law (typically 7 years).

8. Children

Framedeck is not intended for users under 16. If you believe a child has created an account, please contact us and we will delete it.

9. Changes to This Policy

We may update this policy from time to time. The "Last updated" date at the top reflects the most recent change. Material changes will be notified by email or in-app banner.

10. Contact

For privacy questions or to exercise your rights, contact:

Peter Schafflechner
Email: support@framedeck.app
Austria