Privacy Policy

Version 1.0

Effective August 1, 2023

Fireframe is an AI text-to-video company working to build an inspring way to make music videos. This Privacy Policy explains how we collect, use, disclose, and otherwise process your personal data when you use our website and other places where Fireframe may act as a data controller and link to this Privacy Policy—for example, when you use Fireframe’s APIs or other products as a consumer for personal use (“Services"). It also describes your privacy rights. More information about your rights, and how to exercise them, is set out in the “Rights and Choices” section.

This Policy does not apply where Fireframe acts as a “data processor,” such as with respect to personal data we receive, process, store, or host when you use Fireframe’s AI services as or through an enterprise customer, unless otherwise specified in this policy. In those cases, the enterprise customer company is the controller, and you can review their privacy policy for more information about how they handle your personal data.

1. Collection of Personal Data

When we refer to “personal data,” we mean information that relates to you. We collect the following categories of personal data:

Personal data you provide to us directly

  • Identity and Contact Data: Fireframe may collect identifiers, such as your name and email address, when you sign up for an Fireframe account, to receive information on our Services, or submit an application for an employment opportunity. If you do not provide us with this information, we will not be able to administer your Fireframe account. We may also collect indirect identifiers (e.g., “USERABC123”).
  • Payment Information: We will collect your payment information if you choose to purchase access to Fireframe’s products and services. If you don’t provide us with this information, we will not be able to facilitate payment for Fireframe’s products and services.
  • Professional Information: If you apply for employment with us, Fireframe may collect professional information, such as your employment history, your qualifications, and any other information contained in your CV or résumé.
  • Prompts and Outputs: Our AI services allow you to submit text, documents, or other materials to the Services (“Prompts”), which generate responses based on your Prompts (“Outputs”). If you include personal data in your Prompts, we will collect that information and this information may be reproduced in the Outputs. Note, however, that Prompts and Outputs are subject to strict retention periods, as set out in Section 8 (“Data Retention”) below, and that we take steps to de-identify such Prompts and Outputs when using them for our own purposes as a controller.
  • Feedback on your use of our Services: Where applicable, we will collect your Feedback (as defined in our Terms of Service ) regarding Prompts and Outputs, and use it under your authorization to train and improve our Services. This might arise if, for example, you report that Claude returned inaccurate information in an Output, or if you rate an Output to your Prompt using the thumbs-up/thumbs-down icon. We may also collect and use this information for the same purposes when you use our enterprise services.

Personal data we receive automatically from your use of the Services

When you use the Services, we may also receive certain technical data automatically (together “Technical Information”). This includes:

  • Internet or other electronic network activity information, including your device type.
  • IP address (including information about the location of the device derived from your IP address).
  • Device or advertising identifiers, probabilistic identifiers, and other unique personal or online identifiers.
  • Information about your device and operating system, such as time zone setting and location, operating system and platform.
  • Information about your browser, such as browser type and version, browser plug in types and versions.
  • Internet service provider.
  • Pages that you visit before and after the website, browsing history, search history, and the date and time of your visit.
  • Information about the links you click, pages you view, and other information about how you use the Services.
  • The technology on the devices you use to access the Services.
  • Standard server log information.

If you or your device experiences an error, we may collect information about the error, the time the error occurred, the feature being used, the state of the application when the error occurred, and any communications or content provided at the time the error occurred.

In these contexts, Fireframe receives personal data from the following categories of sources: directly from you, such as when you interact with the Fireframe website, and from internet service providers.

Personal data we receive indirectly to train our models

2. Cookies & Similar Technologies

We and our service providers use cookies, scripts, or similar technologies (“cookies”) to manage the Services and to collect information about you and your use of the Services. These technologies help us to recognize you, customize or personalize your experience, offer additional products or services to you, and analyze the use of our Services to make it more useful to you.

These technologies may also allow us to collect demographic and statistical data and provide this information to our service providers to help deliver their services.

We use cookies that are strictly necessary in order to facilitate your access to our Services or ensure your safety, as well as cookies or similar technologies for analytics. These technologies help us improve and optimise the experience we provide—for example, by helping us measure how visitors interact with our platforms. We may collect technical information, such as pages visited and length of time between clicks.  

Most browsers allow you to remove or manage cookie functions and adjust your privacy and security preferences. For information on how to do this, access the “help” menu on your browser, or access http://www.aboutcookies.org/how-to-control-cookies. Please note, however, that disabling our cookies may mean that you may not be able to take full advantage of our Services.

3. Uses of Personal Data and (for Europe) our Legal Bases

We will only use your personal data when the law allows us to. Usually, we rely on the following grounds under European data protection laws (our “Legal Bases”):

  • Where we need it to perform a contract with you. For example, we process Identity and Contact Data, Prompts, Outputs and Payment Information in order to provide Services to you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and rights do not override our interests. Our legitimate interests include:
  • providing, maintaining and improving our products and services;
  • research and developing, including developing new products and features;
  • marketing our products and services;
  • detecting, preventing and enforcing violations of our terms including misuse of services, fraud, abuse, and other trust and safety protocols; and
  • protecting our rights and the rights of others.
  • Where you have given us your consent. You have the right to withdraw your consent at any time.
  • Where we need to comply with our legal obligations.

We use your personal data for the following purposes:

Purpose

Type of Data

Legal Basis

To provide and facilitate the Services, including to fulfil any contracts with you with respect to your Fireframe account

Identity and Contact Data

Payment Information

Feedback

Contract

To communicate with you for non-marketing purposes including by sending you emails, push notifications, and other messages

Identity and Contact Data

Contract

Legitimate interests

To send you marketing communications, where you have signed up to receive them

Identity and Contact Data

Consent

To review and consider your application for employment with Fireframe, if you choose to apply

Identity and Contact Data

Professional Information

Contract

Legitimate interests

To create and administer your Fireframe account

Identity and Contact Data

Payment Information

Feedback

Contract

Legitimate interests

To facilitate payments for products and services provided by Fireframe

Identity and Contact Data

Payment Information

Contract

Legitimate interests

To prevent and investigate fraud notifications, unlawful or criminal activity, unauthorized access to or use of personal data or Fireframe systems and networks, and to meet governmental and institutional policy obligations

Identity and Contact Data

Payment Information

Prompts and Outputs

Technical Information

Legitimate interests

Legal obligation

To investigate and resolve disputes

Identity and Contact Data

Prompts and Outputs

Feedback

Professional Information (if the dispute is connected to your employment with Fireframe)

Legitimate interests

Legal obligation

To investigate and resolve security issues

Identity and Contact Data

Feedback

Technical Information

Legitimate interests

Legal obligation

To debug and to identify and repair errors that impair existing functionality

Identity and Contact data

Feedback

Technical Information

Legitimate interests

To improve the Services and conduct research

Identity and Contact Data

Feedback

Technical information

Consent

Legitimate interests

To de-identify it and train our AI models

Prompts and Outputs

Feedback

Technical Information

Consent

Contract

Legitimate interests

To enforce our Terms of Service and similar terms and agreements, including our Acceptable Use Policy.

Identity and Contact Data

Prompts and Outputs

Technical Information

Contract

Legitimate interests

Aggregated or De-Identified Information.

We may process your personal data in an aggregated or de-identified form for the purposes of analysing the effectiveness of our Services, conducting research, analysing the behaviour of users of our Services and training our models and interfaces. Usually, we only do so under your authorisation—i.e., where you act as the controller for any personal data contained in Prompts and Outputs. We will also do so without reference to you when our purpose is to enforce and train our classification models for trust and safety purposes.

4. How We Disclose Personal Data

Fireframe will disclose personal data to the following categories of third parties for the purposes explained in this Policy:

  • Affiliates & corporate partners. Fireframe discloses the categories of personal data described above between and among its affiliates and related entities.
  • Service providers & business partners. Fireframe may disclose the categories of personal data described above with service providers and business partners for a variety of business purposes, including website and data hosting, ensuring compliance with industry standards, research, auditing, and data processing.

Fireframe may also disclose personal data in the following circumstances:

  • As part of a significant corporate event. If Fireframe is involved in a merger, corporate transaction, bankruptcy, or other situation involving the transfer of business assets, Fireframe will disclose your personal data as part of these corporate transactions.
  • To comply with regulatory or legal requirements, safety and to enforce our terms. We may disclose personal data to governmental regulatory authorities as required by law, including for tax or accounting purposes, in response to their requests for such information or to assist in investigations. We may also disclose personal data to third parties in connection with claims, disputes or litigation, when otherwise required by law, or if we determine its disclosure is necessary to protect the health and safety of you or any other person, to protect against fraud or credit risk, or to enforce our legal rights or contractual commitments that you have made.
  • With an individuals’ consent. Fireframe will otherwise disclose personal data when an individual gives us permission or directs us to disclose this information.

If you access third-party services, such as social media sites or other sites linked through the Services (e.g., if you follow a link to our Twitter account), these third-party services will be able to collect personal data about you, including information about your activity on the Services. If we link to a site or service via our Services, you should read their data usage policies or other documentation. Our linking to another site or service doesn’t mean we endorse it or speak for that third party.

5. Rights and Choices

Subject to applicable law, and depending on where you reside, you may have some rights regarding your personal data, including the following:

  • Right to know. You may have the right to know what personal data Fireframe processes about you, including the categories of personal data, the categories of sources from which it is collected, the business or commercial purposes for collection, and the categories of third parties to whom we disclose it.
  • Access & data portability. You may have the right to request a copy of the personal data Fireframe processes about you, subject to certain exceptions.
  • Deletion. You may have the right to request that we delete personal data collected from you and retained, subject to certain exceptions.
  • Correction. You may have the right to request that we correct inaccurate personal data Fireframe retains about you, subject to certain exceptions. Please note that we cannot guarantee the factual accuracy of Outputs. If Outputs contain factually inaccurate personal data relating to you, you can submit a correction request and we will make every effort to correct this information—but due to the technical complexity of our large language models, it may not always be possible for us to do so. You may also submit a deletion request.
  • Objection. You may have a right to object to some processing activities.
  • Withdrawal of consent. Where Fireframe’s processing of your personal data is based on consent, you have the right to withdraw your consent.
  • Sale & targeted advertising. Fireframe does not “sell” your personal data as that term is defined by applicable laws and regulations. Fireframe also does not engage in targeted advertising using your personal data.
  • Do Not Track. Some web browsers provide a “Do Not Track” option. We currently do not respond to browser “Do Not Track” signals.

To exercise your rights, you or an authorized agent may submit a request by emailing us at privacy@fireframe.ai. After we receive your request, we may verify it by requesting information sufficient to confirm your identity. You may also have the right to appeal requests that we deny by emailing privacy@fireframe.ai.

6. Third-Party Websites and Services

Our Services may involve integrations with, or may direct you to, websites, apps, and services managed by third parties. By interacting with these third parties, you are providing information directly to the third party and not Fireframe and subject to the third party’s privacy policy. For example, if you use the Services to apply for employment, this could involve an integration with a third-party product, subject to that third party product’s privacy policy.

7. Data Transfers

When you access our website or Services, your personal data may be transferred to our servers in the US, or to other countries outside the EEA and the UK. This may be a direct provision of your personal data to us, or a transfer that we or a third party make (the latter being a “Transfer”).

Where information is transferred outside the EEA or the UK, to a country that is not subject to an adequacy decision by the EU Commission or an adequacy decision issued or recognised under UK data protection law (as applicable), you should be aware that it may be subject to a lower standard of protection. In respect of Transfers, we will ensure that your personal data is adequately protected by EU Commission and/or UK data protection law approved standard contractual clauses (as applicable) or applicable Binding Corporate Rules.  

8. Data Retention

Fireframe retains your personal data for as long as reasonably necessary for the purposes and criteria outlined in this Policy.

9. Children

Our Services are not directed towards, and we do not knowingly collect any information of, children under the age of 18. If you become aware that a child under the age of 18 has provided any personal data to us while using our Services, please email us at privacy@fireframe.ai and we will investigate the matter and, if appropriate, delete the personal data.

10. Changes to Our Privacy Policy

Fireframe may update this Privacy Policy from time to time. When we make updates, we will post the updated Privacy Policy on this page and will update the Effective Date. We encourage you to review this page for updates when you access the Services.

11. Contact Information

The responsible entities in respect of your personal data are:

  • Fireframe, Inc with a registered address at: 2370 York Rd Ste G1 #106 Jamison PA 18929 United States.

You can email us at privacy@fireframe.ai.

Please note that you have the right to lodge a complaint with the supervisory authority in the EU country in which you live or work. A full list of EU supervisory authorities’ contact details is available here. If you live or work in the UK, you have the right to lodge a complaint with the UK Information Commissioner’s Office.