Frameo Privacy Policy

Frameo A/S (“Company” or “frameo” or “we” or “us” or “our”) operates http://frameo.net/ and http://frameo.com/ (the “site”) and provides the frameo mobile app for Android and iOS (the “app”) and the frameo frame app (the “frame”).

We take your privacy seriously and are committed to protecting the information we collect. We have written our privacy policy to be understandable for humans (not just lawyers). By using our app or frame, future products, services or features we develop and introduce, or our website (together the “Services”), you consent to the collection, processing and disclosure of data concerning you in accordance with this Privacy Policy.

You may find our Terms of Service here.

Data collection

Information we collect when you use our Services:

We collect some of the information generated by our services (“Log Data”). This Log Data may include information such as your device’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our site that you visit, the time and date of your visit or use of the app or frame, the time spent on those pages, which IPs communicate together through our servers and other statistics. IP addresses are anonymized wherever possible.

Photos, videos and reactions shared through the app are never collected by us or third parties. Communication between app and frame is end-to-end encrypted which makes it impossible for us or any third party to see what you send, including your photos or videos. 

This ensures your privacy when sending media through our Services.

Cookies and Similar Technologies:

Cookies are small pieces of data that are stored on your mobile phone, computer, or other device. Pixels, often used in connection with cookies, are small instances of code placed in web pages that do things like allow another server to measure how frequently web pages are viewed and used.

We use different categories of cookies and similar technologies on our Services. These include: (i) strictly necessary cookies required for functionality, (ii) analytics cookies to understand usage and improve the Services, (iii) functional cookies to enhance user experience, and (iv) advertising/targeting cookies. Except for strictly necessary cookies, we only place cookies where you have provided your explicit consent in accordance with the ePrivacy Directive and GDPR. You can withdraw or change your cookie preferences at any time using your browser/device settings.

Third parties may also use cookies to collect information about your activities on our website. Your browser or device may offer you control over the use of cookies or other technologies when you use the Services. For example, you may be able to set your browser or device to disable, clear, reset or block the use of cookies or similar technologies.

Information we collect when you create an Account:

When you create an Account in your Frameo app you may provide us with the following data: Name, Email address. No other personal information is collected from the creation of the user account.

Information we collect when you add a subscription to your Account:

None. The payment is handled by Google Payments or Apple Pay, so there is no need for Frameo to collect any personal information. Furthermore, information regarding your payment, such as credit card information, is not shared with Frameo by Google Payments or Apple Pay.

Third Party Data Processing

We use automated devices and applications to evaluate usage of our app, frame devices, the Frameo solution infrastructure and our website. We also may use other analytics to evaluate our Services. We use these tools to help us improve our Services, performance and user experience. We do not share your personal information with these providers. Some of our providers of these devices and applications are either located or have parent companies in the US. Where this is the case, our providers are certified under the EU-U.S. Data Protection Framework and all data transfer is protected with the necessary safeguards in accordance with GDPR art. 45.

For providers located outside of the EU who are not DPF certified, data processing agreements in accordance with the EU standard contractual clauses have been entered providing the necessary safeguards in accordance with the GDPR art. 46. If you wish to receive a copy hereof, you are welcome to contact us.

Joint controllership:

Frameo may from time to time use pixel technology such as Facebook Pixel, LinkedIn insight Tag and Google analytics. These tools allow us to measure and optimize our website and ads to make them more relevant to you. The collected data remains anonymous to Frameo since we cannot identify you from this data. However, the data may be saved and processed by Facebook, LinkedIn and Google for their own advertising purposes and they may in some cases be able to identify you by combining the data with data about you that they have previously obtained. It is Facebook, LinkedIn and Google who has the ultimate control of the information gathered through the mentioned pixel technology. You can opt-out of these technologies by declining tracking and performance cookies as well as targeting and advertising cookies on our website.

Legal basis for processing personal data

When we process your personal data, we always ensure that the processing is in accordance with the GDPR, namely that we always have a legal basis for the processing.

The legal basis for our processing of analytic data from cookies on our website is the GDPR art. 6(1)(a) and the Danish Executive Order on cookies section 3.

The legal basis for our processing of analytic data from our website and app, that is not derived from the use of cookies, is the GDPR Art. 6 (1)(f), as it is in our legitimate interest to make our Services available to you, including improving and optimising the user experience.

Lastly the processing of contact information such as e-mail addresses and names are processed based on the GDPR art 6(1)(f) as it is in our legitimate interest to be able to contact our customers. Where we use your contact information to send newsletters and other marketing material, this is based on GDPR Art. 6(1)(a) (your consent) and the Danish Marketing Act. You can withdraw your consent at any time by following the unsubscribe link in our emails or through the relevant settings in our app.

Our Services are not directed to children under the age of 16 (or the minimum age of consent for data processing in your jurisdiction). We do not knowingly collect personal data from children. If we learn that we have collected personal data from a child without appropriate consent, we will delete such information promptly.

Your rights as data subject

You have the rights as described below which you can exercise by contacting us at the below mentioned contact information. Your request will be answered free of charge, as soon as possible and no later than one month after receipt, however, up to two months if necessary due to the complexity or number of requests. In the event of unfounded or excessive requests, we have the right to reject it or charge a reasonable fee for answering it.

Your specific possibilities are:

• Withdraw consent
  To the extent processing is based on your consent, you may at any time withdraw your consent by contacting us at the below mentioned information or as otherwise explained when you provided your consent. This will not affect the lawfulness of the processing before its withdrawal.
• Access
  You have the right to access the personal data that we process about you, as well as certain information about how the processing takes place. No access is granted to information which must remain confidential because of public or private interests, including your own interests.
• Rectification
  You have the right to have incorrect personal data corrected or to have incomplete personal data about you completed.
• Erasure
  You have the right to have personal data about you deleted in the circumstances specified in Article 17 of the GDPR. This may be the case, for example, if the information is no longer necessary for the fulfilment of our obligations and exercising of our rights or if the information is processed on the basis of your consent which has been withdrawn.
• Restriction
  In the circumstances mentioned in Article 18 of the GDPR, you have the right to have the processing of your personal data restricted, e.g. if the accuracy of the data is disputed, in the period until we have had the opportunity to determine whether the personal data is correct or if we no longer need the personal data for the processing but they are necessary to establish, exercise or defend a legal claim.
• Object
  You have the right to object to the processing of personal data which we process on the basis of Article 6(1)(f) of the GDPR (the legal basis for processing in our legitimate interest) and always if the processing is for the purpose of direct marketing.
• Data portability
  If the processing is based on your consent or contract, you have the right to receive the information in a plain and readable format and to transmit the information to another data controller. If you wish and if technically possible, we will transmit the information directly to this data controller.
• Automatic decisions
  You have the right not to be the subject of an automatic decision that has legal effect or similarly significantly affects you, which is based solely on automatic processing, including profiling.

Deletion of data

Information required for newsletters is kept until the consent is withdrawn or the consent has not been used for one consecutive year. We keep documentation that you have withdrawn your consent for up to 2 years after the consent has been withdrawn, in order to be able to defend us against any claims made for violation of the Danish Marketing Act, cf. § 37, subsection 3 and the Danish Penal Code § 93, subsection 1, no. 1, however only if there is an actual risk that such a claim will be made.

Personal data contained in cookies is deleted when the cookie expires or is deleted by you. Other analytics data such as IP-addresses are deleted after 13 months.

Your personal data is kept until you choose to delete your Account. After the Account is deleted all personal data will be automatically deleted within 2 days.

Security

We take security of your information seriously and implement appropriate technical and organizational measures (TOMs) in accordance with GDPR Article 32 to protect it from loss, theft, alteration, or misuse. However, please be advised that even the best security measures cannot fully eliminate all risks. We cannot guarantee that only authorised persons will view your information. We are not responsible for third party circumvention of any privacy settings or security measures. Also note that since frames are designed exclusively for home use, the media presented on them is not hidden behind a password screen and can therefore be physically accessed by anyone in the home.

Contact

Should you wish to exercise any of your rights or if you have any questions regarding our Privacy Policy, please contact us via email: [email protected]

Supervisory Authority

You also have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet) or your local supervisory authority if you believe that the processing of your personal data infringes applicable data protection law.

Changes to our Privacy Policy

We reserve the right to alter our Privacy Policy at any time. Where changes are material, we will notify you in advance with reasonable notice through the Services (such as by posting on our website, email, or in-app notice). If you do not agree to the altered Privacy Policy, you should stop using our Services before the changes take effect.

EU Data Act compliance

The Frameo Frame software qualifies as an integral part of a connected product (a Digital Photo Frame) within the meaning of Article 2(5) of the EU Data Act. In the context of the Frameo system the following qualify as related services within the meaning of Article 2(6) of the Data Act: the Frameo iOS app and the Frameo Android app. The data relevant to Data Act compliance that Frameo holds and controls are limited to those generated and transmitted by these three services.

Certain digital photo frames may be equipped with preinstalled OEM (original equipment manufacturer) systems that generate OEM data. Frameo does not receive or control such OEM data and is therefore not able to provide them. In these cases the OEM is the data holder within the meaning of the Data Act.

This notice therefore concerns only the product data and related service data that are generated during the use of a photo frame running the Frameo software and that are accessible to and controlled by Frameo via the related services described above.

Part A: information about the connected product (Article 3(2) Data Act)

1. Type, format and estimated volume of product data

User content data (e.g. videos and photos transferred to a frame) is covered by GDPR in other privacy policy sections and is therefore considered outside the scope of the Data Act.

Besides user content data, a Frameo frame generates primarily three categories of product data:

• Application data: This data is core to the function of the frame. It contains feature data (e.g. reactions, weather data, etc.), information about connected apps (i.e. ‘friends’) and data related to app settings. Recorded as structured logs in machine-readable standard formats (XML, comma separated text files and other structured text saved to files). The total size is modest (often just a few megabytes).
• Usage data: This data is encapsulated as events that details how features and functionality of the frame have been used. The raw data is temporarily stored in a proprietary binary format on the device. It is then uploaded and stored remotely in a structured, event-based format. The total size is modest (often just a few megabytes for each day’s normal use).
• System data: Information about the frame’s hardware/software (device ID, OS version) and operational metrics (uptime, available memory, Wi-Fi status), logged in text (XML and binary data) files. Typical volume is very small in the range of a few kilobytes per day of use.

2. Continuous and real-time generation

The product is capable of generating data continuously (real-time) while it is powered on.

This data is transmitted to our servers in near real-time when the product is connected to the internet. This allows for immediate analysis of performance issues and timely updates to improve your experience.

3. Storage and retention

The Frameo product is capable of storing data on-device and on remote servers. Specifically:

• On-device storage: Application data and some system data is stored in the frame’s internal storage. This data remains on the frame until manually deleted by the user (i.e. indefinite retention by default). Some system and environment data may persist a factory reset (e.g. permanent device identifiers such as a serial number).
• Remote/server storage: Frameo may store encrypted copies of application data on secure cloud servers to support frame backups upon the user’s own request through interacting with the backup feature of the Services. System logs and anonymized usage data are uploaded for diagnostics. Anonymized usage data may be retained on our servers for as long as it is relevant for statistical purposes. Per design, Frameo does not impose an automatic deletion timeline.

4. Access, retrieval and, where relevant, erasure

Data stored on device

• Local data retrieval: Accessing local data on the Frame can be done through Android adb access, or by creating a backup of the Frame: https://support.frameo.com/hc/en-us/articles/360021672160--How-to-Make-a-Backup-of-a-Frame 
• Data erasure: Users can delete most data at any time. Clearing the data can be done by resetting the frame through the frame Settings. Some system and environment data may persist a factory reset (e.g. permanent device identifiers such as a serial number).

Data stored remotely

• Cloud data requests: To obtain data stored on Frameo’s servers, users should contact Frameo Support ([email protected]). Upon request, we will provide a complete copy of the user’s data associated with their Frameo account (delivered to the user’s registered email) within 30 days. There is no charge for such data requests.
• Data erasure: Users can delete data at any time. To erase remote/server data, a user can delete their Frameo account via the app or request account deletion from support. After an account deletion, Frameo will erase all personally identifiable data from its servers as described in our Privacy Policy.

Part B: Information about related services (Article 3(4) DA)

1. Nature, estimated volume and collection frequency of product data obtained by related services

In practice, the Frameo Service apps collect system information from connected frames, e.g. screen size, and metadata about the relationship between the frame and app, e.g. user permissions granted from the frame. The data volumes are small – typically only a few kilobytes per frame per day under normal use.

The Frameo Service transmits these product data to Frameo’s secure cloud servers as they are generated.

2. Nature and estimated volume of related service data

The Frameo Service generates the following service data:

• App usage logs and performance data: The Service logs app usage and behavioral events such as login times, events related to sending photos, changes to app settings, number of connected frames and performance statistics. This data is used in anonymized form to improve the service. Typical volume is small (e.g. each “send photo” event might be a few bytes).

3. Storage arrangements and retention

All related service data generated by the Service is stored on Frameo’s cloud servers. Same retention rules apply as described in A.3.

Product data obtained by related services may be stored locally on-device. On-device data can be cleared by clearing the app data or uninstalling the app. Accessing the on-device data can be done by following the platform’s (iOS or Android) standard methods for accessing app data.

4. Use of readily available data by Frameo and third parties

Frameo uses the data collected from the frame and Services for its internal service purposes. For instance, we analyze usage logs and system metrics to troubleshoot issues, optimize performance, bug fixing, and develop new features. Any use of data is in accordance with user agreements and privacy policies.

By default, Frameo does not share user data with any external third parties for independent use. We do not sell or disclose personal usage data outside Frameo. The only exceptions are as required by law or with the user’s explicit consent. If a user explicitly requests to transfer their data to a third-party service (for example, migrating their photos and logs to another platform), Frameo will enable that transfer as described below. Aside from such cases, Frameo ensures that all data use will be internal.

5. Identity and contact of the prospective data holder and other data processing parties

The Frameo Services are provided by Frameo A/S (Business registration number DK37206113) based in Denmark at Daugbjergvej 26B, 1.1, 8000 Aarhus C. Frameo is the sole data holder for the services; we also engage authorized cloud hosting providers as data processors under contract. Those providers store and process the data on Frameo’s behalf but do not act as independent data holders. No other company controls the data we collect from the services.

Users can reach Frameo at:

• Email: [email protected]
• Postal Address: Frameo A/S, Daugbjergvej 26B, 1.1, 8000 Aarhus C, Denmark

These channels allow users to quickly contact Frameo about data, technical issues, or account questions.

6. How users can request data sharing

Frameo fully supports data portability: a user may ask Frameo to provide their data to another service (for example, if switching to a different photo-frame platform). To do this, the user should contact Frameo Support (e.g. via email) and specify which data to share and with which recipient. Upon request, Frameo will package the user’s data (in a structured, machine-readable format) and transfer it to the indicated party, at no cost to the user.

7. Complaint right

Users have the right to lodge a complaint alleging an infringement of Chapter II of the Data Act with the competent authority designated pursuant to Article 37 of the Data Act.

8. Trade secrets

Data is not expected to contain trade secrets and as such Frameo does not treat the data as proprietary trade secrets. Should this however be the case, disclosure and access will be provided under safeguards that protect confidentiality, in accordance with the Data Act.

9. Terms of use and quality of service for access and transmission

Requests under the Data Act are handled without undue delay and free of charge. Data is provided in a structured, commonly used and machine-readable format (e.g. JSON). Availability of the access channel may be subject to maintenance windows and system uptime of the related services and backend systems.

10. Duration and termination of the contract between the user and the prospective data holder

The Frameo Service is offered under an ongoing user agreement. The user may terminate this contract at any time by deleting their Frameo account, uninstalling the app, or canceling any paid subscription (if applicable). After an account deletion, Frameo will erase all personally identifiable data from its servers as described in our Privacy Policy. Conversely, Frameo may terminate the service if the user violates the terms of use or for other reasons stated in our policies.

Last updated: 02-10-2025