1. Introduction

This Privacy Policy describes how Preframe ("we," "our," or "us") collects, uses, and shares information about you when you use our website and services (collectively, the "Service"). Preframe is committed to protecting your privacy and ensuring transparency about our data practices.

2. Information We Collect

Personal Information

We collect information you provide directly to us, including:

• Account information (name, email address, password)
• Contact information for support requests
• Payment information (processed securely through Stripe)
• Company data you upload for research purposes
• Communications with our support team

Automatically Collected Information

When you use our Service, we automatically collect:

• Usage data (features used, time spent, click patterns)
• Device information (browser type, operating system, IP address)
• Log data (access times, pages viewed, errors encountered)
• Cookies and similar tracking technologies

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our Service
• Process transactions and manage your account
• Conduct AI-powered research on company data you provide
• Send administrative communications and support responses
• Analyze usage patterns to enhance user experience
• Comply with legal obligations and protect our rights
• Prevent fraud and ensure security

4. Information Sharing and Disclosure

Third-Party Service Providers

We share information with trusted third parties who assist us in operating our Service:

• Clerk: Authentication and user management
• Stripe: Payment processing (PCI DSS compliant)
• OpenAI: AI-powered research and analysis
• Google/Serper: Web search for company research
• Railway: Cloud hosting and infrastructure

Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption in transit and at rest
• Regular security assessments and updates
• Access controls and authentication requirements
• Secure data centers and infrastructure

6. Your Rights and Choices

Data Rights

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request a copy of your personal information
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your personal information
• Portability: Request transfer of your data to another service
• Opt-out: Withdraw consent for certain data processing

Cookie Controls

You can control cookies through your browser settings. Note that disabling certain cookies may affect the functionality of our Service.

7. International Data Transfers

Your information may be processed and stored in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses and adequacy decisions.

8. Data Retention

We retain your personal information for as long as necessary to provide our Service and fulfill the purposes outlined in this Privacy Policy. We will delete or anonymize your information when it is no longer needed, unless retention is required by law.

9. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take steps to delete it promptly.

10. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information we collect and how it's used
• Right to delete personal information
• Right to opt-out of the sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising your privacy rights

11. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR), including the rights mentioned in Section 6 above. Our legal basis for processing your information includes:

• Contract performance (providing our Service)
• Legitimate interests (improving our Service, security)
• Consent (where explicitly obtained)
• Legal compliance (meeting regulatory requirements)

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For material changes, we may also send you an email notification.

13. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us at: