Privacy Policy

1. Introduction

This Privacy Policy explains how FusedFrames Technologies Ltd ("FusedFrames", "we", "us" or "our") collects, uses, stores, shares and protects your personal data when you use our website at fusedframes.com ("Marketing Website"), our web application at dashboard.fusedframes.com ("Dashboard"), our macOS desktop application ("Desktop App"), our command-line interface ("CLI"), our public API at api.fusedframes.com ("API") and any related services (collectively, the "Service").

FusedFrames Technologies Ltd is a company registered in England and Wales (company number 17097980) with its registered office at 23 King Street, Suite 191, Cambridge, CB1 1AH, United Kingdom. We are the data controller responsible for your personal data under the UK General Data Protection Regulation ("UK GDPR") and the Data Protection Act 2018.

By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described herein, you must not use the Service.

2. Information We Collect

We collect the following categories of personal data:

• Account information: your name, email address, profile picture and authentication details when you create an account or sign in
• Team and organisation data: team names, membership details, roles and plan selections
• Desktop interaction data: when you use our Desktop App, it captures your interactions with applications on your computer, including clicks, typing, copy and paste activity, keyboard input, drag-and-drop actions, application names, window titles, window content, screen captures and timestamps
• Context data: your voluntary responses to questions generated by the Desktop App about your actions
• Payment information: we do not store your payment card details. Payments are handled by a third-party processor, which independently collects your payment information under its own privacy policy
• Integration data: configuration details for connections and integrations you create
• Feedback: any feedback you voluntarily submit about the Service

3. How and Why We Use Your Information

We process your personal data under the following lawful bases:

3.1 Performance of Contract (Article 6(1)(b))

To provide and operate the Service, including:

• Creating and managing your account and authenticating your access
• Capturing desktop interactions, generating questions and extracting patterns
• Processing payments and managing subscriptions
• Sending transactional emails (verification codes, notifications)
• Enabling team collaboration and data sharing within your team
• Providing API access and delivering webhook notifications
• Delivering software updates

3.2 Legitimate Interests (Article 6(1)(f))

To maintain the security, stability and performance of the Service, including security monitoring, abuse prevention and enforcing our Terms of Service. We also process your data to improve and develop the Service, including training and refining our own learning models, conducting internal analytics and informing product development decisions. You have the right to object to processing based on legitimate interests (see Section 9).

3.3 Consent (Article 6(1)(a))

Where you voluntarily provide feedback. You may withdraw consent at any time by contacting legal@fusedframes.com. Withdrawal does not affect the lawfulness of prior processing.

3.4 Legal Obligation (Article 6(1)(c))

To comply with applicable laws and respond to lawful requests from public authorities.

4. Cookies

Our services use only strictly necessary cookies for authentication and regional preferences. We do not use advertising, tracking or third-party marketing cookies anywhere in the Service. As we use only strictly necessary cookies, consent is not required under the Privacy and Electronic Communications Regulations 2003 (PECR).

5. Who We Share Your Data With

We do not sell or rent your personal data to any third party for any purpose. We only share your data with third parties where necessary to provide and operate the Service.

We share data with the following categories of sub-processors, solely to operate the Service:

• Authentication provider (United States) – to manage user accounts and single sign-on
• Payment processor (United States) – to process payments and manage subscriptions
• AI processing providers (United States) – to extract behavioural patterns from your data, under standard data processing terms that prohibit use of your data for their model training
• Email delivery provider (United States) – to send transactional emails on our behalf
• Cloud hosting and infrastructure providers (United States) – to host and operate the Service

Data within a team is shared with all members of that team in accordance with the roles and structure configured by the team administrator. If you configure webhook integrations, data will be delivered to the external endpoints you specify.

We may disclose your data where required by law, to comply with legal obligations, to protect our rights or property or to protect the safety of our users or the public.

6. International Data Transfers

Some of our sub-processors are located in the United States. When your data is transferred outside the United Kingdom, we rely on the standard contractual clauses and data processing terms included in each provider's service agreements, incorporating the UK International Data Transfer Addendum approved by the ICO where applicable. You may request details of these safeguards by contacting us at legal@fusedframes.com.

7. Data Security

We implement appropriate technical and organisational measures to protect your personal data. No system is completely secure, and we cannot guarantee absolute security.

8. Data Retention and Deletion

You may delete your account at any time through the Dashboard. Deleting your account removes your personal profile data. However, data associated with a team (including interaction data, context data and patterns) remains accessible to that team until the team itself is deleted.

To fully remove all of your data, you must also delete any teams you own. When a team is deleted, all associated data is permanently and irreversibly deleted from our systems within 30 days. This cannot be undone.

You may also delete individual actions or pattern libraries at any time through the Dashboard. Billing records are retained as required by applicable tax and accounting laws (typically six years under UK law).

9. Your Rights

Under the UK GDPR and the Data Protection Act 2018, you have the right to:

• Access the personal data we hold about you (Article 15). You can export your data at any time through the Dashboard.
• Rectify inaccurate personal data (Article 16). You can update your profile information directly through the Dashboard.
• Erase your personal data (Article 17). You can delete your account and teams through the Dashboard. All team data is permanently purged within 30 days.
• Restrict processing in certain circumstances (Article 18).
• Data portability – receive your data in a structured, machine-readable format (Article 20).
• Object to processing based on legitimate interests (Article 21).
• Withdraw consent at any time, without affecting the lawfulness of prior processing.
• Lodge a complaint with the Information Commissioner's Office (ICO).

To exercise any right, contact us at legal@fusedframes.com. We will respond within one month. This may be extended by up to two further months for complex requests, in which case we will inform you.

10. Automated Decision-Making

The Service uses AI to process your data and extract patterns. These automated processes do not produce legal effects or similarly significant effects on you. You retain full control over your data and may review, edit or delete any AI-generated output.

11. Age Requirements

The Service is intended for users aged 16 and over. Users aged 16 to 18 may use the Service only with the consent of a parent or legal guardian. We do not knowingly collect personal data from individuals under 16. If you believe a child under 16 has provided us with personal data, please contact us at legal@fusedframes.com.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Where changes are material, we will notify you by email or by a prominent notice on the Dashboard at least 30 days before the changes take effect. Continued use after the effective date constitutes acceptance. The "Last updated" date at the top of this page indicates the most recent revision.

13. Contact Us

For questions about this Privacy Policy or your personal data:

• Email: legal@fusedframes.com
• Post: FusedFrames, 23 King Street, Suite 191, Cambridge, CB1 1AH, United Kingdom