Privacy Policy

Effective: April 4, 2026

Frame ("we", "us", "our") is an AI-powered eyewear virtual try-on application. We take your privacy seriously. This policy explains what data we collect, how we use it, who we share it with, and the choices you have.

1. Information We Collect

Account Information

When you create an account, we collect:

• Email address
• Name (if provided)
• Authentication credentials from Apple Sign-In or Google Sign-In

Face Data (TrueDepth API & ARKit)

To provide virtual try-on functionality, the app uses Apple's TrueDepth camera and ARKit framework. No 3D face model or mesh is created, stored, or transmitted. Specifically:

• Face scan: The TrueDepth camera captures several photos of your face at different angles during the portrait creation step. ARKit face tracking is used solely to guide the capture process (detecting head pose and angle) and to calculate facial measurements. The captured images are standard 2D photographs
• Face measurements: Pupillary distance, face width, and nose bridge width are calculated on-device from ARKit face geometry data. These measurements are used for accurate frame fitting and are stored only on your device and as metadata on our server
• Face embeddings: A compact mathematical representation (512-dimensional vector) of your facial features is generated by our server for portrait matching. This is not a photo and cannot be used to reconstruct your appearance. The embedding is stored only on your device
• Face analysis: Gender and approximate age may be estimated by our server to improve recommendation accuracy. Only two values (gender string and age integer) are stored
• Try-on generation: Your photos are securely transmitted to our AI processing partners (see Section 3) via encrypted transfer (TLS) solely for generating try-on images. Images are cached temporarily during processing and automatically deleted afterward — they are not permanently stored

All TrueDepth and ARKit data (face anchors, geometry vertices, blend shapes) is processed in real time on your device and held only in temporary memory during the capture session. It is never recorded, stored to disk, or transmitted off-device.

Device Information

• A hashed device fingerprint is used solely to prevent trial abuse. This is a one-way hash and cannot identify you personally
• Device type and OS version for compatibility

Usage Data

• Glasses you browse, save, or try on
• App interaction data for improving recommendations
• Subscription status and in-app currency (gems) balance

2. How We Use Your Data

• Provide virtual try-on and AI-powered recommendation services
• Personalize glasses suggestions based on your face shape and preferences
• Process subscriptions and in-app purchases
• Monitor and improve app performance and stability
• Send service-related communications
• Prevent fraud and abuse

We do not use your photos to train AI models. Your images are processed solely to generate try-on results and are not retained for any other purpose.

3. Third-Party Services

We use the following third-party services to provide and improve Frame. Each service receives only the minimum data necessary for its function.

AI Processing Partners

To generate virtual try-on images, your photos are securely transmitted to our AI processing partners. These partners process your images solely to generate try-on results and do not retain your images after processing is complete.

• Google — Frame image and text processing (does not receive face photos)
• fal.ai — Face AI image processing
• Replicate — Face AI image processing

Infrastructure

• Supabase — Authentication, database, and file storage
• bunny.net — Server hosting and content delivery

Analytics & Error Monitoring

• Mixpanel — Product analytics and anonymous session replay for improving user experience (data stored in the EU). Session replays capture interaction patterns (taps, scrolls, navigation) without recording personal content, photos, or text input.
• Sentry — Error monitoring and crash reporting (no personal photos or face data included)

Payments

• Adapty — Subscription and in-app purchase management

Authentication

• Apple Sign-In — Account authentication
• Google Sign-In — Account authentication

We do not sell your personal data to any third party.

Refund Processing Data (Apple)

When you request a refund for an in-app purchase, we share the following information with Apple through our payments processor (Adapty) so Apple can make an informed decision on the refund request: time since install, time the app was actively used, lifetime purchase and refund totals, consumption status of the purchased item, whether a free trial was used, and an anonymous account identifier. We do not share personally identifiable information, photos, face data, or app content as part of this process. This data sharing is enabled by default and can be disabled at any time in Settings → Purchase Data for Refunds.

4. Data Storage & Security

Your data is protected using industry-standard security measures:

• Encryption in transit: All data is transmitted over HTTPS/TLS
• Data isolation: Your data is stored separately from other users' data
• Temporary image processing: Photos sent for try-on generation are cached only during processing and automatically deleted afterward — they are not stored permanently
• Secure authentication: Account access is managed through industry-standard authentication protocols

5. Data Retention & Deletion

• You can delete individual portraits and try-on results at any time within the app
• You can delete your entire account through the app settings, which removes all associated data from our systems
• Images sent for try-on generation are cached temporarily during processing and automatically deleted — they are not stored permanently on our servers or by our AI processing partners
• If you re-create your account, your subscription status may be restored via your payment provider, but previously deleted content will not be recovered

6. Your Rights

You have the right to:

• Access your personal data
• Request correction of inaccurate data
• Request deletion of your data
• Export your data
• Withdraw consent for AI photo processing at any time in the app's Settings, or withdraw all consent by deleting your account

To exercise any of these rights, contact us at serartinfo@gmail.com or use the account deletion feature in the app.

7. Legal Basis for Processing

We process your personal information only when we have a valid legal reason to do so. Depending on the context, our legal bases include:

• Consent: You have given us permission to process your data for a specific purpose (e.g., facial image processing for virtual try-on). You may withdraw consent for AI photo processing at any time in the app's Settings, or withdraw all consent by deleting your account
• Contract performance: Processing is necessary to provide the services you have requested (e.g., account management, subscription fulfillment)
• Legitimate interests: Processing is necessary for our legitimate business interests, such as improving the App, preventing fraud, and ensuring security, provided these interests are not overridden by your rights
• Legal obligations: Processing is required to comply with applicable laws and regulations

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own, as our AI processing partners and infrastructure providers operate in various jurisdictions. We take reasonable measures to ensure your data is protected in accordance with this Privacy Policy regardless of where it is processed. By using Frame, you consent to the transfer of your information as described in this policy.

9. Children's Privacy

Frame is not intended for anyone under the age of 18. We do not knowingly collect personal information from individuals under 18. If we learn that we have collected data from a person under 18, we will promptly delete it. If you believe we have inadvertently collected such data, please contact us at serartinfo@gmail.com.

10. Cookies & Website Tracking

This website (tryframe.app) does not use cookies, local storage, analytics, tracking pixels, advertising tags, or third-party tracking of any kind. No personal data is collected from your visit beyond the standard server access logs kept briefly by our hosting provider (Cloudflare Pages) for security and abuse prevention.

All fonts, styles, scripts, and images are served from our own domain. No requests are made to third-party content delivery networks when you browse the site, so no external service receives your IP address as part of page rendering.

For this reason, we do not display a cookie-consent banner — there is nothing to consent to. We also do not currently respond to Do-Not-Track (DNT) browser signals because we already do not track visitors.

The separate Frame iOS app uses analytics and third-party services as described in Section 3 above; that processing happens inside the app, not on this website.

11. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes through the app or via email. Your continued use of Frame after changes take effect constitutes acceptance of the updated policy.

12. Contact

If you have questions about this privacy policy or your data, contact us at serartinfo@gmail.com.