Privacy Policy

Last updated: 2026-05-10 • Free preview

Plain English: FrameIQ takes the video you upload, sends the audio to AI services for transcription, generates short clips, and delivers them to you. We don't sell your data, run ads, or build profiles. This page spells out exactly what data passes through which service, how long we keep it, and your rights under EU/UK data-protection law.

Legal basis for processing (EU/UK GDPR)

Under GDPR Articles 6 and 9, we rely on the following legal bases:

Performance of contract (Art. 6(1)(b)) — processing your video, audio, and transcripts is required to deliver the FrameIQ service you requested.
Legitimate interest (Art. 6(1)(f)) — processing your IP address for abuse prevention and daily-quota enforcement, and storing logs to debug and improve the service. We've assessed that this interest does not override your rights given the limited scope and short retention.
Consent (Art. 6(1)(a)) — where you explicitly opt in to optional features (e.g., creating an account, agreeing to a sample-clip preview).

What we collect

Video files or links you submit. When you upload a file, it's stored on our servers. When you paste a public link, we download the video on your behalf.
Audio-derived text (transcripts). When we transcribe your audio, we store the complete text and per-segment language tags. We use this for clip regeneration without re-transcribing, for fixing subtitle errors you report, for improving language detection on code-switched and underrepresented languages, and for service reliability. See How long we keep things below for the retention window.
Your IP address. Used to enforce daily project limits and to detect abuse. Not used for advertising or sold to third parties.
Browser localStorage. We store your recent project list, your beta access key (if you have one), and your UI preferences (language, aspect ratio) on your own device. This data never leaves your browser unless you create a project.
Logs and usage records. We log API calls, transcription costs, and errors so we can run the service. These logs may include your IP, project IDs, and timing information.

We do not use cookies, ad networks, or third-party trackers.

International data transfers

Several of our subprocessors operate from the United States. Where personal data of EU/UK residents is transferred outside the European Economic Area or the UK, we rely on the European Commission's Standard Contractual Clauses (SCCs, 2021/914) and equivalent UK transfer mechanisms, supplemented by the contractual terms each subprocessor publishes for cross-border processing. The data we send is limited to what's necessary for transcription and analysis, and subprocessors are bound by their own published privacy and security commitments (linked below).

Where your data goes

To produce clips, parts of your video pass through these third-party services:

OpenAI (USA) — your audio is sent to OpenAI for transcription (Whisper, GPT-4o-transcribe) and content analysis (GPT-4 family). OpenAI's policy says they don't train on API data by default. See openai.com/policies/privacy-policy.
AssemblyAI (USA) — when configured, your audio is sent for an additional transcription pass. See assemblyai.com/legal/privacy-policy.
Cloudflare R2 — when configured, large uploads are temporarily stored here before processing. See cloudflare.com/privacypolicy.
Render (USA) — our application server and persistent storage. See render.com/privacy.
Webshare — used to fetch public videos from platforms like YouTube. The video request goes through their proxy network. See webshare.io/privacy.

How long we keep things

Generated clip exports: deleted after 30 days.
Source uploads / downloaded videos: deleted after 7 days.
Temporary processing files: deleted within 6 hours.
Project metadata (titles, clip records, the cleaned transcript text shown in the editor): kept while the project file exists; deleted when you delete the project.
Full transcripts and language metadata (the complete speech-to-text output, per-segment language tags, and decoder diagnostics produced when we transcribe your audio): stored for up to 90 days by default — this window is configurable per deployment via the FRAMEIQ_TRANSCRIPT_RETENTION_DAYS setting. We keep them so you can regenerate clips without re-running transcription, so we can investigate and fix subtitle errors you report, and so we can improve language detection (especially for code-switched and underrepresented languages) and overall service reliability. Deleting a project deletes its full transcript record immediately; otherwise it ages out automatically when the retention window passes.
Logs: currently kept indefinitely while we tune the service. We may rotate or shorten this in future updates.

If you want your full-transcript record removed before the retention window passes, deleting the project in the app removes it immediately, or you can email support@getframeiq.com with the project ID. See Your rights below for the formal GDPR right of erasure.

Helping us improve our models (optional, off by default)

FrameIQ's value depends on transcribing multilingual and code-switched speech well. Improving that quality over time is much easier when we can learn from real corrections from real creators. To do that responsibly we offer an explicit, GDPR-compliant opt-in.

What you get if you do nothing: the service works exactly as described above. Your data is used to deliver the FrameIQ service you requested and is retained per the windows above. We do not use it to train or fine-tune any machine-learning models. This is the default for every account.

What you opt into if you choose to: we may include the following anonymized data in internal datasets used to improve our transcription, language-detection, and caption-correction models:

Cleaned transcript text and per-segment language tags
Caption corrections you make in the timeline editor (the "before" and "after" of each edit)
Decoder confidence scores and code-switching flags

What we never include even if you opt in (today): your audio file, your face or any visual content, your name or email, your IP address, any identifying metadata that could link the dataset back to your individual account, and your project's source filename. Identifiers like project IDs and clip IDs are replaced with single-use salted hashes that cannot be linked across export batches by design.

Legal basis: consent under Article 6(1)(a) of the GDPR. We record the moment you opt in or out so we can prove compliance if asked. Your processing rights (access, rectification, erasure, restriction, portability, objection, and withdrawal — see below) apply equally to data included under this opt-in.

How to opt in: open the account menu in the top-right of the app and toggle Help improve multilingual AI. Today the toggle records your preference only — no model training pipeline is running yet. When that pipeline launches, your opt-in (or opt-out) at that point is what we'll honour, with the audit timestamp recorded under GDPR Art. 7.

How to withdraw: a single click (or email) at any time, with no effect on prior service. Withdrawal stops new data from being included; data already collected under prior consent is retained until the standard retention windows above expire, after which it is deleted automatically.

Your rights

If you're an EU/UK resident, you have the following rights under GDPR Articles 15-22:

Access (Art. 15) — request a copy of the data we hold about you.
Rectification (Art. 16) — ask us to correct inaccurate data.
Erasure / "right to be forgotten" (Art. 17) — request deletion of your data. Delete a project by visiting it in the app and using the delete option, or email us with the project ID. For full-account erasure, email the address below; we'll confirm within 7 days.
Restriction (Art. 18) — ask us to pause processing while a dispute is resolved.
Portability (Art. 20) — request a machine-readable export of your data.
Objection (Art. 21) — object to processing based on legitimate interest.
Withdraw consent — for any processing based on consent, you may withdraw it at any time without affecting prior lawful processing.
Lodge a complaint — you have the right to file a complaint with your national data-protection authority. In the Netherlands this is the Autoriteit Persoonsgegevens (autoriteitpersoonsgegevens.nl); other EU/UK residents should contact their local supervisory authority.

To exercise any of these rights, email support@getframeiq.com. We aim to respond within 30 days as required by GDPR Art. 12(3).

Children

FrameIQ is not directed at children. We do not knowingly collect data from anyone under 16 years of age (the GDPR default for digital services consent; some EU member states set a lower age — see your country's implementation). If you believe a child has used the service, please contact us and we'll delete the relevant data promptly.

Changes to this policy

We may update this policy as the product evolves. The "Last updated" date at the top reflects the current version. Material changes will be communicated to active beta users where possible.

Contact

Questions, deletion requests, or concerns: support@getframeiq.com

Disclosure: FrameIQ is in free preview and our policies will continue to evolve as the product matures. This policy is provided in good faith but is not legal advice. If you operate under specific compliance requirements (HIPAA, PCI, regulated data, etc.), do not use FrameIQ for that data. EU/UK clients with formal Data Processing Agreement (DPA) requirements: please contact us directly to set one up before processing personal data through the service.