Privacy Policy

Who We Are

Data Controller: FrameCoach Ltd, registered in England and Wales (Company No. 17007433), registered office at 1 Nashleigh Hill, Chesham, United Kingdom, HP5 3JF. For any question about your data or this policy, contact us at contact@framecoach.io.

Overview

FrameCoach ("we," "us," or "our") respects your privacy. This policy explains what information we collect, how we use it, and what choices you have. We keep things simple because your data isn't our business — camera coaching is.

What We Collect & Why

Everything we collect exists to make FrameCoach work for you — or to help us make it better. Here's the full picture:

• Your account — name and email via Apple Sign-In, Google Sign-In, or email magic link, so you can securely access your coaching across devices
• Camera frames — when you submit a frame for analysis, it's sent to our servers so our AI can analyse the shot and return feedback. We store a 720p copy of each submitted frame in Supabase Storage so we can review coaching quality, debug edge cases, and improve the Service. The original full-resolution frame is also retained when its file size exceeds 200KB. Frames are not used to train any AI model, are not shared with anyone outside our processors listed below, and can be deleted at your request — email contact@framecoach.io with your account email
• Your coaching history — we save your past sessions so you can revisit feedback and track how your skills develop over time
• Voice input — speech-to-text runs entirely on your device using Whisper. Audio is not transmitted off-device
• Subscription data — subscription status, plan, and transaction identifiers (Apple handles all card data — we never see it)
• How you use the app — pseudonymous usage data linked to your device (which features you use, how often you shoot) helps us understand what's working and where to improve
• Device info — your device model, OS, and screen size help us ensure FrameCoach runs smoothly on your setup
• Crash reports — if something breaks, we collect diagnostic data so we can find and fix the issue quickly
• Beta signups — name and email you submit on our website to manage open-beta invitations

What We Don't Do

• We do not sell your personal data to third parties
• We do not track you across other websites

How We Use Your Information

In short: only to run and improve FrameCoach.

• To power your coaching sessions — analysing frames, generating feedback, and saving your history
• To keep the app reliable — monitoring performance, fixing crashes, and resolving issues
• To make FrameCoach better — understanding which features filmmakers use most so we can focus on what matters
• To process your subscription, including manage renewals and refunds via Apple
• To send you updates you've opted into (you can unsubscribe anytime)

Why We Can Process Your Data (Legal Bases)

Under UK and EU GDPR, we rely on the following legal bases:

• Performance of a contract — to deliver the Service you signed up for, run coaching sessions, and manage your subscription
• Legitimate interests — to keep the app reliable, debug crashes, prevent abuse, and improve coaching quality (you can object — see "Your Rights" below)
• Consent — for optional marketing emails (withdraw at any time)
• Legal obligation — where the law requires us to keep certain records

Services We Work With

We rely on a small number of trusted services to run FrameCoach. Each has its own privacy policy, and we only partner with providers who meet strong data protection standards:

• OpenAI — analyses your camera frames to generate coaching feedback. OpenAI may retain API inputs for up to 30 days for abuse monitoring, and does not use API inputs to train its models
• Supabase — securely stores your account, coaching history, frames, and app data
• Apple & Google — handles sign-in so you never need to create a separate password
• RevenueCat — manages subscriptions and purchases
• PostHog — pseudonymous product analytics inside the app and on our website (framecoach.io), including aggregated interaction data and session replays of website visits so we can understand where visitors drop off and improve the experience. Input fields are automatically masked in replays
• Sentry — helps us catch and fix bugs before they affect your experience
• Resend — sends transactional and beta-invite emails
• Vercel — hosts this website, and provides privacy-friendly, cookieless web traffic analytics (Vercel Analytics) and Core Web Vitals measurements

International Transfers

Several of our processors are based in the United States (OpenAI, RevenueCat, Sentry, Vercel) or operate globally (Supabase, Apple, Google). Where personal data is transferred outside the UK or EEA, we rely on Standard Contractual Clauses and the UK Addendum, plus our processors' certified transfer frameworks (such as the EU-US Data Privacy Framework where applicable).

Cookies

FrameCoach uses minimal cookies and similar storage technologies — primarily to keep analytics consistent across pages of our website and to remember your preferences. Specifically, PostHog sets a first-party cookie and uses browser storage to maintain a pseudonymous visitor ID across page loads. You can disable cookies in your browser settings, though some features may not work as expected.

How Long We Keep Things

• Camera frames — retained while we improve the coaching pipeline. We're working towards a published retention window; until then, you can request deletion of your frames at any time by emailing contact@framecoach.io
• Account and subscription data — while your account is active, plus up to 6 years for accounting and tax purposes
• Coaching history — while your account is active
• Usage analytics — up to 12 months rolling
• Crash reports — up to 90 days
• Beta signups — until you ask us to delete them

If you delete your account, we'll remove your personal data within 30 days, unless the law requires us to keep specific records longer.

Keeping Your Data Safe

We protect your information with encrypted connections (TLS) and secure cloud infrastructure, row-level security on user data, and credential storage in the iOS Keychain. While no system is 100% bulletproof, we follow industry best practices to keep your data safe. If a breach affecting your personal data occurs, we'll notify you and the UK Information Commissioner's Office within 72 hours.

Your Rights

Under UK and (where applicable) EU GDPR, you have the right to:

• Access the personal data we hold about you
• Request correction or deletion of your data
• Receive your data in a portable, machine-readable format
• Restrict or object to processing based on our legitimate interests
• Withdraw consent at any time (for consent-based processing)
• Opt out of marketing communications at any time
• Lodge a complaint with the UK Information Commissioner's Office (ico.org.uk) or your local supervisory authority

To exercise any of these rights, email contact@framecoach.io. We respond within 30 days.

Children's Privacy

FrameCoach is not directed at children under 13. We do not knowingly collect personal information from children.

Changes to This Policy

We may update this policy from time to time. We'll note the date of the latest revision at the top of the page. Continued use of FrameCoach after changes constitutes acceptance of the updated policy.

Contact Us

Questions about this privacy policy? Reach out at contact@framecoach.io.