Privacy Policy

Last updated: April 2026

1. Introduction

This Privacy Policy explains how Framebaker collects, uses, stores, shares, and otherwise processes personal data in connection with its website, digital signage platform, downloadable or browser-based player software, trials, support, and related services.

In this Privacy Policy, “Framebaker”, “we”, “us”, and “our” mean:

Framebaker
The Netherlands
Email: Email us

2. Scope

This Privacy Policy applies to personal data processed by Framebaker when you:

  • visit our website;
  • contact us;
  • request a demo, trial, quote, or support;
  • create an account or use our platform;
  • use downloadable players, browser-based trial environments, or related software;
  • purchase subscriptions or related services; or
  • otherwise interact with us in a business context.

This Privacy Policy does not automatically govern third-party services, integrations, or websites that you access through or alongside our Service. Those third parties may have their own privacy policies.

3. Personal Data We Collect

We may collect the following categories of personal data.

A. Information You Provide Directly

This may include:

  • name;
  • business email address;
  • phone number;
  • company name;
  • job title;
  • account credentials;
  • billing, invoicing, and order information;
  • support requests and communications;
  • content of forms, emails, or other messages you send to us; and
  • any other information you choose to provide.

B. Account and Service Data

When you create an account or use the Service, we may process:

  • account identifiers;
  • workspace, tenant, or organisation information;
  • user roles and permissions;
  • subscription plan and billing status;
  • service settings and configuration data;
  • screen, player, and device registrations;
  • scheduling, publishing, and management activity; and
  • support and administrative actions related to your account.

C. Customer Content and Operational Data

If you use the platform, we may process content and operational data that you upload, connect, schedule, publish, or manage through the Service, such as:

  • media files and creative assets;
  • templates, playlists, layouts, and scheduling data;
  • screen names, tags, and deployment metadata;
  • remote player status information;
  • uptime, diagnostics, crash, health, or telemetry information;
  • prompts and configuration inputs for AI-enabled features; and
  • generated outputs, recommendations, or suggestions produced at your request.

This information may include personal data if you or your users choose to upload or include it.

D. Automatically Collected Information

When you visit our website or use our Service, we may automatically collect certain technical information, such as:

  • IP address;
  • browser type and version;
  • device type and operating system;
  • approximate location derived from IP or regional routing;
  • referral URLs;
  • pages viewed and actions taken;
  • timestamps and session information;
  • log files, error logs, and diagnostic data; and
  • cookie or consent preference information.

E. Sales, Payment, and Transaction Data

If you place an order or pay for the Service, we may process:

  • billing contact details;
  • company and VAT information;
  • invoice history;
  • subscription and payment status;
  • order details; and
  • limited payment-related metadata.

Payment card details are typically processed by our payment service providers, not stored directly by Framebaker unless expressly stated otherwise.

4. Special Categories of Data

Framebaker does not intentionally request or require special categories of personal data.

Please do not upload or submit special categories of personal data, sensitive personal data, or regulated personal data through the Service unless this is strictly necessary and lawful.

5. Purposes of Processing

We may use personal data for the following purposes:

  • to provide, operate, and maintain our website, platform, and related services;
  • to create and manage accounts, workspaces, users, subscriptions, and orders;
  • to deliver content management, scheduling, publishing, playback, monitoring, and support functionality;
  • to provide browser-based trials, downloadable player software, and onboarding flows;
  • to process orders, invoices, payments, and related administration;
  • to respond to enquiries, provide support, and communicate with customers and prospects;
  • to secure our systems, detect abuse, prevent fraud, and troubleshoot issues;
  • to monitor platform reliability, availability, player health, and product performance;
  • to improve the Service, develop new features, and understand how the website and platform are used;
  • to provide AI-assisted or automated features requested by you;
  • to comply with legal obligations, tax obligations, accounting rules, and lawful requests from authorities; and
  • to send service-related communications and, where permitted, business communications about our products and services.

We do not sell personal data.

Where the GDPR or similar laws apply, we process personal data on one or more of the following legal bases:

  • Performance of a contract: where processing is necessary to provide the Service, fulfil an order, manage an account, or take steps at your request before entering into a contract.
  • Legitimate interests: where processing is necessary for our legitimate interests, such as operating and securing the Service, preventing abuse, improving performance, supporting customers, administering our business, and communicating in a business context.
  • Consent: where consent is required, for example for non-essential cookies, certain analytics technologies, or certain marketing communications.
  • Legal obligation: where processing is necessary to comply with applicable laws, regulations, accounting obligations, or lawful requests.

Where we rely on legitimate interests, we consider and balance those interests against the rights and freedoms of data subjects.

7. Website Analytics and Cookies

We use cookies and similar technologies on our website for essential functionality, preference handling, and, where enabled, analytics.

Where required by law, non-essential cookies are only placed after consent.

If enabled, we may use Google Analytics 4 to understand how visitors use our website. We configure analytics in a privacy-conscious way intended to reduce unnecessary data collection and avoid advertising-related use where not needed.

More information is available in our Cookie Policy.

8. AI and Automated Features

Some parts of the Service may include AI-assisted or automated functionality, such as help with scheduling, content generation, configuration, anomaly detection, or performance insights.

When you use such features, we may process prompts, related Customer Content, operational context, and generated outputs as needed to provide the requested functionality, improve reliability, prevent misuse, and support the Service.

You are responsible for reviewing generated output before publishing or relying on it. You should not submit personal data, confidential information, or regulated data into AI-enabled features unless doing so is lawful and necessary.

9. How We Share Personal Data

We may share personal data with the following categories of recipients where relevant to the purposes described above:

  • hosting, cloud infrastructure, storage, and CDN providers;
  • payment processors and billing providers;
  • email delivery and transactional messaging providers;
  • customer support and service desk providers;
  • security, logging, and monitoring providers;
  • analytics providers;
  • identity, authentication, and access management providers;
  • professional advisers such as lawyers, accountants, auditors, and insurers; and
  • public authorities or regulators where we are legally required to do so.

We may also share personal data in connection with a merger, acquisition, financing, corporate reorganisation, or sale of assets, subject to appropriate confidentiality protections.

We require processors acting on our behalf to process personal data under appropriate contractual safeguards.

10. International Data Transfers

Your personal data may be processed in countries outside the European Economic Area, depending on the providers we use and how the Service is delivered.

Where personal data is transferred internationally, we take steps intended to ensure an adequate level of protection, such as:

  • relying on an adequacy decision where available;
  • entering into Standard Contractual Clauses or similar approved safeguards; and
  • implementing supplementary contractual, organisational, or technical measures where appropriate.

11. Data Retention

We retain personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements.

Retention periods may vary depending on the type of data, the nature of the relationship, and legal requirements. In general:

  • Account and customer relationship data: retained for the duration of the account or business relationship and for a reasonable period afterwards.
  • Billing, invoicing, and tax records: retained for the period required under applicable accounting and tax laws.
  • Website enquiry and support communications: retained for as long as necessary to respond and maintain an appropriate business record.
  • Logs, diagnostics, and operational telemetry: retained for a limited period appropriate to security, troubleshooting, and service reliability needs.
  • Trial and inactive account data: may be deleted or anonymised after a defined inactivity period or after the trial has ended, unless retention is needed for legal, security, or business reasons.

Where possible, we may anonymise data instead of deleting it.

12. Security

We take reasonable technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure.

These measures may include:

  • encryption in transit;
  • encryption at rest where appropriate;
  • access controls and role-based permissions;
  • monitoring, logging, and alerting;
  • environment separation and infrastructure controls;
  • secure development and update practices; and
  • administrative safeguards for staff and service providers.

No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

13. Your Rights

If the GDPR or similar laws apply to you, you may have the right to:

  • request access to your personal data;
  • request correction of inaccurate or incomplete personal data;
  • request deletion of personal data in certain circumstances;
  • request restriction of processing in certain circumstances;
  • object to processing carried out on the basis of legitimate interests;
  • request portability of personal data where applicable;
  • withdraw consent at any time where processing is based on consent; and
  • lodge a complaint with a competent supervisory authority.

You may exercise privacy rights by contacting us at Email us .

We may need to verify your identity before responding to a request. Some rights are subject to legal exceptions and limitations.

14. Business Contact Data

Where you interact with Framebaker in a business capacity, we may process your business contact data to communicate about our products, respond to enquiries, manage contracts, provide support, and maintain our customer or prospect relationship.

Where permitted by applicable law, we may send relevant B2B communications based on our legitimate interests. Where consent is required, we will request it.

You can unsubscribe from non-essential communications at any time.

15. Controller and Processor Roles

For personal data processed in connection with operating our website, accounts, sales, contracts, and our own business administration, Framebaker generally acts as a data controller.

Where Framebaker processes personal data on behalf of a customer as part of providing the Service, Framebaker may act as a processor or subprocessor, depending on the specific use case and contractual arrangements.

More information about processor terms and data processing arrangements is available on our separate Data Processing Agreement (DPA) page where applicable.

16. Children’s Privacy

Our website and Service are intended for business use and are not directed to children under the age of 16.

We do not knowingly collect personal data from children under 16. If you believe personal data relating to a child has been provided to us in error, please contact us.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, technical, operational, or business changes.

Any updated version will be posted on this page together with a revised “Last updated” date.

18. Contact

For privacy-related questions or requests:

Framebaker
The Netherlands
Email us