Our Privacy Policy

We keep this simple on purpose. Here's exactly what we collect, what we do with it, and what we don't.

Last updated: May 2026

1. Who We Are

Frank ("we", "us", "our") operates the design QA platform available at usefrank.io. We are based in the United Kingdom.

For questions about this Privacy Policy, contact us at: support@usefrank.io

2. What This Policy Covers

This Privacy Policy explains how we collect, use, store, and share your personal data when you use the Frank platform and website. By using Frank, you agree to the practices described in this policy.

3. Data We Collect

Data you provide directly:

  • Name and email address when registering
  • Password (stored securely and never in plain text)
  • Profile image if uploaded
  • Payment information (processed by Stripe — we do not store card details)
  • Any content you submit through the Service including website URLs and Figma file connections

Data we collect automatically:

  • IP address and approximate location
  • Browser type and device information
  • Session data via authentication cookies (Supabase)
  • Error and crash reports via Sentry (anonymised where possible)

4. How We Use Your Data

We use your personal data to:

  • Create and manage your account
  • Provide and improve the Service
  • Process payments and manage subscriptions
  • Send transactional and service emails (account verification, scan notifications, subscription updates)
  • Diagnose and fix technical errors via Sentry
  • Comply with legal obligations

Our legal bases under UK GDPR:

  • Contract — to provide the Service you have signed up for
  • Legitimate interests — to improve the Service, prevent fraud, and ensure security
  • Legal obligation — where required by law
  • Consent — where we have asked for and received your consent

5. Cookies

We use only essential cookies necessary for the Service to function, specifically authentication session cookies provided by Supabase. These cookies are required to keep you logged in and cannot be disabled without affecting your ability to use the Service.

We do not use advertising cookies, tracking cookies, or any third-party analytics cookies.

6. Third-Party Services

We share data with the following third parties solely to provide the Service:

Service Purpose Data Shared
Supabase Authentication Email, user ID
MongoDB Atlas (eu-west-1) Database storage Account and project data
Amazon Web Services (eu-west-2) Infrastructure and event storage Account and usage data
Stripe Payment processing Name, email, payment details
Sentry Error tracking Error logs, anonymised usage data
Figma Design file integration Figma OAuth tokens (stored securely)
Google OAuth sign-in (optional) Name, email, profile image
AWS SES Transactional email delivery Email address

We do not sell your personal data to any third party.

7. Data Retention

  • Account data is retained for as long as your account is active
  • If you delete your account, your data will be removed from our primary database within 30 days
  • Certain data may be retained longer where required by law or for legitimate business purposes
  • Payment records may be retained for up to 7 years for tax and accounting purposes

8. International Data Transfers

Your data is primarily stored and processed in the United Kingdom and European Union. Where data is transferred outside the UK/EU (for example via AWS or Stripe infrastructure), we ensure appropriate safeguards are in place including Standard Contractual Clauses where required.

9. Your Rights

Under UK GDPR, you have the right to:

  • Access — request a copy of your personal data
  • Rectification — correct inaccurate or incomplete data
  • Erasure — request deletion of your data
  • Restriction — restrict how we process your data
  • Portability — receive your data in a portable format
  • Object — object to processing based on legitimate interests

To exercise any of these rights, contact us at support@usefrank.io. We will respond within 30 days.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.

10. Data Security

We take reasonable technical and organisational measures to protect your personal data, including encrypted data storage, secure authentication, and access controls. However, no method of transmission over the internet is completely secure.

11. Children

Frank is not intended for use by anyone under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at support@usefrank.io.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or via a notice within the Service. Your continued use of Frank after changes take effect constitutes your acceptance of the updated policy.

13. Contact

For any enquiries contact support@usefrank.io

You made it to the bottom. Impressive.

Most people don't read privacy policies. You did. Now go do something more fun — like shipping a site that actually passes QA.

Legend

You're on the list.

We'll be in touch when your spot is ready. In the meantime, feel free to share Frank with anyone who'd find it useful.
Something went wrong. Try again, or email us at support@usefrank.io
Free during beta
No credit card required
Cancel or leave any time