Privacy Policy

Last updated: December 22, 2022

The Frame.io Privacy Policy describes the privacy practices of Frame.io’s Services and anywhere we display or reference this policy. Your use of Frame.io’s Services is subject to our Terms of Service, which incorporates this Privacy Policy. Any terms we use in this Policy without defining them have the definitions given to them in the Terms of Service.

Frame.io is an Adobe Company. Frame.io discloses personal information with other entities in the Adobe family of companies in order to enhance and improve Adobe products and services, as well as for other legitimate business purposes. Your personal information will also be used to send you information about other Adobe products and services that may be of interest to you, consistent with your choices on how we disclose your data (as detailed more below). A list of these entities and their respective privacy policies can be found here.

Privacy Policy Table of Contents

• What does this Privacy Policy cover?

• What information does Frame.io collect about me?

  • Categories of Personal information We Collect

  • Categories of Sources of Personal information

  • Our Business or Commercial Purposes for Collecting Personal information

• How We Disclose Your Personal information

• Cookies, Tracking Tools, and Advertising

• Information about Interest-based Advertisements

• What rights do I have regarding my personal information?

• Withdrawing consent or otherwise objecting to direct marketing

• Data Security and Retention

• Personal information of Children

• Additional US State Privacy Rights

• Information for European Union Data Subjects

• Changes to this Privacy Policy

• Contact Information

What this Privacy Policy Covers

• This Privacy Policy covers how we treat personal information that we gather when you access or use our Services. “Personal information” means any information that identifies or relates to a particular individual or when combined with other information could be used to identify a specific individual and also includes information referred to as “personally identifiable information” or similar terms used in applicable data privacy laws, rules, or regulations. This Privacy Policy does not cover the practices of companies we don’t own or control or people we don’t manage.

• This Privacy Policy covers how Frame.io (also referred to as “we,” “us,” or “our) will make use of your personal information in the context of:

  • Frame.io websites and web-based services;

  • Services that display or include a reference to this policy; and

  • Frame.io’s marketing, sales, and advertising practices.

What information does Frame.io collect about me?

Categories of personal information

When you purchase, register, or use our Services, or contact us for support or other offerings, Frame.io collects information that identifies you. This includes identifiers and contact information, such as:

• Name;

• Email address;

• Telephone number;

• Postal or physical address;

• Country;

Commercial and transaction information, such as:

• Payment/billing information (payment card type, last 4 digits of payment card, billing address, and contact information);

• Purchase history;

• Consumer profiles;

• Content (e.g., documents, photos, videos, activity logs, direct feedback from you, and metadata about your content) which is sent or received using any online features which is stored on servers belonging to Frame.io or its parent company;

• Content of and information provided through customer support communications;

Professional, education, or other demographic information, such as:

• Date of birth;

• Company or school name;

• Title or occupation;

• Job function or expertise;

• Company details, such as the size, industry, and other information about the company where a user may work (when the user has provided the company name);

Analytics or other electronic network activity, such as:

• IP address, browser, domain server, mobile device ID, and non-identifiable request IDs:

• Use and navigation of Services (collected through cookies and similar technologies), referring webpage or source through which you accessed the Services.

Inferred information

To help keep our databases current and to provide you the most relevant content and experiences, we may infer or generate information based on the information we collect or combine information provided by you with information from third party sources, in accordance with applicable law. For example, we may profile user attributes or create profiles reflecting user behavior. We may also infer, generate, or collect and receive information from third parties, including partners, and from publicly accessible sources, for purposes that include to detect, prevent, or otherwise address fraudulent, deceptive, or illegal activity, misuse of our Services and Software, security or technical issues, as well as to protect against harm to the rights, property or safety of Frame.io and Adobe employees, uses, children, or the public.

Categories of Sources of personal information

We collect Personal information about you from the following categories of sources:

• Personal information you provide directly to us, such as on a form, via a browser or mobile-based chat session, via email or telephone, etc. or create an account and use our interactive tools and services.

• Personal information we automatically or programmatically collect or generate from your access to and use of Frame.io websites, products, or services including our mobile application and any software we make available to you.

• Personal information we infer or generate from your access to and use of our websites, products, or services, such as your approximate location (such as your IP address), likely preferences or other characteristics

• Personal information we obtain or receive from other sources including:

  • Data brokers and aggregators from which we obtain information to supplement the personal information we collect.

  • Third party partners, such as third-party applications and services including social networks you choose to connect or interact with through our services.

  • Service providers such as advertising partners that collect or provide data in connection with assisting us in marketing and promotional services analyzing how you interact and engage with our Services on our behalf.

  • Service providers that generate leads and create user profiles in connection with sales and marketing efforts.

  • Publicly available sources, such as open government databases.

Our Business or Commercial Purposes for Collecting Personal Information

• Providing, Customizing and Improving the Services

  • Creating and managing your account or other user profiles.

  • Processing orders or other transactions; billing.

  • Operating and maintaining our features and Services

  • Providing you with the products, features, services or information you request.

  • Meeting or fulfilling the reason you provided the information to us.

  • Providing support and assistance for the Services.

  • Responding to user inquiries.

  • Improving the Services, including testing, research, internal analytics and product development.

  • Providing and monitoring the effectiveness of the Services.

  • Personalizing the Services, website content and communications based on your preferences.

  • Remembering your preferences and settings, such as username, so that you will not have to re-enter it during your visit or the next time you visit the Services;

  • Monitoring aggregate metrics such as total number of visitors, traffic, usage, and demographic patterns on our website and our Services;

  • Maintaining interoperability with third party services.

  • Doing fraud protection, security and debugging.

  • Diagnosing or fixing technology problems.

  • Carrying out other business purposes stated when collecting your personal information

• Marketing the Services

  • Marketing and selling the Services.

  • Showing you advertisements, including interest-based or online behavioral advertising.

• Corresponding with You

  • Responding to correspondence that we receive from you, contacting you when necessary or requested, and sending you information about Frame.io or the Services.

  • Sending emails and other communications according to your preferences or that display content that we think will interest you.

• Meeting Legal Requirements and Enforcing Legal Terms

  • Fulfilling our legal obligations under applicable law, regulation, court order or other legal process, such as preventing, detecting and investigating security incidents and potentially illegal or prohibited activities.

  • Protecting the rights, property or safety of you, Frame.io or another party.

  • Enforcing any agreements with you.

  • Responding to claims that any posting or other content violates third-party rights.

  • Resolving disputes.

How We Disclose Your Personal Information

We disclose your personal information to the categories of service providers and other parties listed in this section.

• Service Providers. These parties help us provide the Services or perform business functions on our behalf. They include:

  • Hosting, technology, and communication providers.

  • Security, spam, and fraud prevention consultants and providers.

  • Analytics providers that allow us to provide you with a more personalized experience, investigate issues, and help us improve product quality and features.

  • Fraud monitoring and prevention providers.

  • Support and customer service vendors.

  • Product fulfillment and delivery providers.

  • Payment processors.

    • Our payment processing partner Stripe, Inc. (“Stripe”) collects your voluntarily-provided payment card information necessary to process your payment.

    • Please see Stripe’s terms of service and privacy policy for information on its use and storage of your personal information.

• Advertising Partners. These parties help us market our services and provide you with other offers that may be of interest to you. They include:

  • Ad networks.

  • Marketing partners and providers.

• Business Partners. These parties partner with us in offering various services and include businesses that you have a relationship with.

• Parties You Authorize, Access, or Authenticate

  • Third parties you access through the services.

  • Social media services.

  • Other users.

Legal Obligations

We may disclose any personal information that we collect with third parties in conjunction with any of the activities set forth under “Meeting Legal Requirements and Enforcing Legal Terms” in the “Our Commercial or Business Purposes for Collecting Personal information” section above.

Business Transfers

All of your personal information that we collect may be transferred to a third party if we undergo a merger, acquisition, bankruptcy, or other transaction in which that third party assumes control of our business (in whole or in part). Should one of these events occur, we will make reasonable efforts to notify you before your information becomes subject to different privacy and security policies and practices.

Deidentified and Aggregated Data

We may create aggregated, de-identified, or anonymized data from the personal information we collect, including by removing information that makes the data personally identifiable to a particular user. We may use such aggregated, de-identified, or anonymized data and disclose it to third parties for our lawful business purposes, including to analyze, build, and improve the Services and promote our business, provided that we will not disclose such data in a manner that could identify you.

Cookies, Tracking Tools, and Advertising

The Services use cookies and similar technologies to collect usage information to provide you with a more personalized experience, improve our products and services, and in some cases, to tailor ads to your likely interests. To change your collection settings, click on “Cookie preferences.”

Cookies are small text files stored by your web browser when you use websites. You can control how websites use cookies by configuring your browser’s privacy settings (please refer to your browser’s help function to learn more about cookie controls). Note that if you disable cookies entirely, our website may not function properly.

Frame and the companies that help us run our business use cookies in several ways, such as:

• Authenticating and identifying you on our websites so we can provide you the services you requested

• Keeping track of any information you have provided to us

• Providing you the Frame websites that you use

• Remembering your preferences or where you left off in your use of a Frame website

• Measuring your use of Frame websites so that we can improve them, tailor our websites to your likely interests, and conduct market research

• Understanding your likely interests so we can provide you more relevant ads and content on non-Frame websites and in non-Frame apps

Web beacons and embedded scripts are other technologies that we use in our websites, as well as in some of our emails and ads. Web beacons (or “tags”) are bits of programming code included in web pages, emails, and ads that notify Frame (or the companies that help us run our business) when those web pages, emails, or ads have been viewed or clicked on.

Embedded scripts are bits of programming code included within some of our web pages that measure how you use those web pages, such as which links you click. We use this information to improve our websites, tailor our websites to your likely interests, conduct market research, and for anti-fraud monitoring purposes. You may be able to turn off scripting functionality, such as JavaScript, within your browser (please refer to your browser’s help function). Note that if you disable scripting functionality, some Frame websites may not function properly.

Your browser may also offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services that you do not wish such operators to track certain of your online activities over time and across different websites. Currently, there is not an accepted standard on how companies should respond to web browsers’ “Do Not Track” signals. Accordingly, our Services do not currently recognize or respond to “Do Not Track” browser signals.

Information about Interest-Based Advertisements

We may serve advertisements, and allow third-party ad networks, including third-party ad servers, ad agencies, ad technology vendors and research firms, to serve advertisements through the Services. These advertisements may be targeted to users who fit certain general profile categories or display certain preferences or behaviors (“Interest-Based Ads”). Information for Interest-Based Ads (including personal information) may be provided to us by you, or derived from the usage patterns of particular users on the Services and/or services of third parties.

We comply with the Digital Advertising Alliance (“DAA”) Self-Regulatory Principles for Online Behavioral Advertising. Through the DAA and Network Advertising Initiative (“NAI”), several media and marketing associations have developed an industry self-regulatory program to give consumers a better understanding of, and greater control over, ads that are customized based a consumer’s online behavior across different websites and properties.

To make choices about Interest-Based Ads from participating third parties, including to opt-out for all companies who are members of those groups, please see:

• Digital Advertising Alliance

• Network Advertising Initiative

• European Interactive Digital Advertising Alliance (“EDAA”)

To opt out of advertising solutions that tailor ads shown within mobile apps based on your likely interests please either:

• Set the preference on your mobile device to limit ad tracking, or

• Download the DAA’s AppChoices app

Please also review the privacy policies on the website and mobile apps that you use because they may offer additional privacy choices.

What rights do I have regarding my personal information?

Under the law of some jurisdictions, you have certain rights with respect to your personal information. You may have the right to ask for a copy of your personal information; to correct, delete, or restrict (stop any active) processing of your personal information; and to obtain the personal information you provide to us for a contract or with your consent in a structured, machine-readable format, and to ask us to port this information to another controller. You may be entitled to additional rights based on applicable data privacy laws in your jurisdiction.

These rights may be limited, for example, if fulfilling your request would reveal personal information about another person, or if you ask us to delete information which we are required by law to keep or which we need to defend claims against us. In some cases, we may also need you to provide us with additional information, which may include personal information, if necessary to verify your identity and the nature of your request. To exercise any of these rights, you can get in touch with us using the details set out below. You may also be able to access, correct, or delete some of your personal information by logging into your account.

In addition to these rights, see the “Additional US State Privacy Rights” section and the “EU Data Subject Rights” section further below for more information about rights you may be entitled to.

Withdrawing consent or otherwise objecting to direct marketing

Frame.io and companies we hire to help market our Services on our behalf may use your information to provide you with information and offers related to Frame.io.

Where we rely on your consent, you will always be able to withdraw that consent, although we may have other legal grounds for processing your information for other purposes, such as those set out above. In some cases, we are able to send you direct marketing without your consent, where we rely on our legitimate interests. You have an absolute right to opt out of direct marketing, or profiling we carry out for direct marketing, at any time by:

• updating your preferences in your specific website or app accounts;

• clicking on the unsubscribe link in the email footer;

• connecting with us through our online support chat; or

• contacting us using the details provided at the end of this privacy policy.

Data Security and Retention

We seek to protect your personal information from unauthorized access, use, and disclosure using appropriate physical, technical, organizational, and administrative security measures based on the type of personal information and how we are processing that data. You should also help protect your data by appropriately selecting and protecting your password and/or other sign-on mechanisms; limiting access to your computer or device and browser; and signing off after you have finished accessing your account. Although we work to protect the security of your account and other data that we hold in our records, please be aware that no method of transmitting data over the internet or storing data is completely secure.

We retain personal information about you for as long as you have an open account with us or as otherwise necessary to provide you with our Services. When you close your account, we begin deleting certain personal information that we no longer have a business reason to retain. In some cases, we retain personal information for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule, or regulation.

Personal information of Children

As noted in the Terms of Service, we do not knowingly collect or solicit personal information about children under 13 years of age and our Services are not intended for minors under the age of 13. If you are a child under the age of 13, please do not attempt to register for or otherwise use the Services or send us any personal information. If we learn we have collected personal information from a child under 13 years of age, we will delete that information as quickly as possible. If you believe that a child under 13 years of age may have provided personal information to us, please contact us at support@frame.io.

Additional US State Privacy Rights

Some states in the US have passed state-specific privacy laws. This section supplements our privacy policy by explaining your privacy rights if you are a resident in one of these states, provides certain mandated disclosures about our treatment of personal information, and includes:

• Colorado, Connecticut, Utah and Virginia specific disclosures and rights

• California specific disclosures and rights

• Opt-outs for sale or sharing of personal information

• Metrics on consumers exercising their rights

Colorado, Connecticut, Utah, and Virginia:

If you are a resident of Colorado, Connecticut, Utah, or Virginia, we have certain obligations, and you have certain rights with respect to your personal information, including:

• Right to confirm whether the controller is processing the consumer’s personal information and the right to access such information;

• Right to correct inaccuracies in personal information;

• Right to delete personal information;

• Right of data portability;

• Right to opt out from targeted advertising; and

• Right to opt out from the sale of personal information.

In certain states, you also have the right to opt out from profiling in furtherance of decisions that produce legal or similarly significant effects on the consumer (such as Virginia, Colorado, and Connecticut) and appeal a decision regarding a request to exercise your rights.

If you wish to exercise one or more of these rights, please review the “What rights do I have regarding my personal information?” section above. If you would like to opt out of targeted advertising or the selling or sharing of personal information, please see the instructions below.

California

The California Consumer Privacy Act of 2018 (as amended by the California Privacy Rights Act of 2021) (“CCPA”) requires us to provide California consumers with some additional information related to how Frame.io collects, uses, retains, and discloses personal information as well as describe additional rights, which are summarized below.

California Privacy Policy Disclosures

We collect, use, disclose, sell, share, and retain personal information as further described in this Privacy Policy and summarized below.

Personal information We Collect:

In the preceding 12 months, we have collected the categories of personal information described above in the section “Categories of Personal information.”

Sources of Personal information We Collect

The “Categories of Sources of Personal information” section above details the sources of personal information that we collect from you.

Business or Commercial Purposes for Collecting Personal information

The “Our Business or Commercial Purposes for Collecting Personal information” section above details the business or commercial purposes for collecting personal information from you.

Categories of Personal information Sold or Shared in the Preceding 12 Months: