Frameflow
Back to home

Privacy Policy

Last updated: June 2026

Bruo Systems Limited, 2c Grangegorman Lower, Smithfield, Dublin, Ireland, Reg. 765033 ("we", "us", "our") operates Frameflow and respects your privacy. This policy explains what personal data we collect, why we collect it, how we use and share it, how long we keep it, and the rights you have. It applies to your use of the Frameflow service.

We are the controller of the personal data described here. If you have any questions, you can contact us using the details at the end of this policy.

What we collect

We collect the following categories of personal data:

  • Account data, such as your email address, used to sign you in and identify your account.
  • Usage data, such as your credit balance, purchase history, and records of the generations you run.
  • Payment data, such as the fact and amount of a purchase and a payment reference; full card details are handled by our payment provider and are never seen or stored by us.
  • Generated content, meaning the text prompts you submit and the videos you generate through the Service.
  • Technical data, such as basic logs, device and browser information, and security events needed to operate and protect the Service.

How we use your data

We use your personal data to:

  • authenticate you and give you access to your account
  • provide the Service, including running generations and storing your videos
  • process credit purchases and issue invoices
  • maintain security, prevent fraud and abuse, and enforce our Terms
  • respond to your requests and provide support
  • comply with our legal obligations

We do not sell your personal data, and we do not use it for advertising or cross-site tracking.

Legal bases

Where EU data protection law (GDPR) applies, we rely on the following legal bases:

  • performance of our contract with you, to provide the Service and process your purchases
  • our legitimate interests in operating, securing, and improving the Service, and preventing abuse
  • compliance with legal obligations, such as keeping records required by law
  • your consent, where we ask for it, such as for non-essential cookies

Sharing and subprocessors

We share personal data only as needed to run the Service, and only with providers who process it on our behalf under appropriate safeguards. These include:

  • our payment gateway, which processes your card payment and related transaction data
  • third-party AI model providers, which receive your prompts in order to generate videos
  • our hosting and storage providers, which host the Service and store your account data and generated videos

These providers process only the data needed for their task. We may also disclose data where required by law, to enforce our Terms, or to protect the rights, safety, and security of our users and the Service.

International transfers

Some of our providers may process data outside your country. Where personal data is transferred outside the European Economic Area, we rely on appropriate safeguards, such as adequacy decisions or standard contractual clauses, to protect it.

Retention

We keep your personal data for as long as your account is active and as needed to provide the Service. When you delete your account, we remove your personal data, except where we are required to retain certain records, such as transaction and tax records, for a limited period to meet legal obligations.

Security

We use reasonable technical and organisational measures to protect your personal data against loss, misuse, and unauthorised access. No system is completely secure, so we cannot guarantee absolute security, but we work to keep your data safe and to address security issues promptly.

Your rights

Subject to applicable law, you have the right to:

  • access the personal data we hold about you
  • correct inaccurate or incomplete data
  • delete your data, including by deleting your account from Settings
  • export your data in a portable format
  • object to or restrict certain processing
  • withdraw consent where processing is based on consent
  • lodge a complaint with your local data protection authority

To exercise your rights, contact us using the details below. We may need to verify your identity before acting on a request.

Children

Frameflow is not directed to children. You must be at least 18, or the age of legal majority in your country, to use the Service. We do not knowingly collect personal data from children, and we will delete such data if we become aware of it.

Changes to this policy

We may update this policy from time to time. When we make material changes, we will update the "Last updated" date and, where appropriate, notify you. Your continued use of the Service after a change takes effect means you accept the updated policy.

Contact

For any privacy request or question, email hello@frameflow.tech.