Privacy Policy

Last updated: January 2025

This page is provided in English for convenience. The German version is the legally binding original.

1. Data Controller

The data controller within the meaning of the GDPR for the operation of FrameTrain is:

Karol Paschek

Mainz, Germany

Email: framesphere@gmx.net

2. Data We Collect

We collect the following personal data:

  • Email address: For account creation, authentication, and support
  • Password (hashed): For secure authentication, never stored in plain text
  • Payment data: Processed directly by Stripe – we do not store any credit card data
  • API key usage: Anonymized logs for abuse detection and license validation
  • Support tickets: Voluntarily submitted messages in the support system

3. Purpose of Processing

Your data is processed exclusively for the following purposes:

  • Providing the FrameTrain service and desktop app
  • License validation via API key
  • Processing payments (via Stripe)
  • Handling support requests
  • Sending important service emails (no marketing without consent)

4. Diagnostic & Error Data from the Desktop App

The FrameTrain desktop app does not automatically transmit telemetry. If you explicitly enable optional error reporting in the app's settings, the app may send the following data to us when a crash or error occurs:

  • Error type and stack trace
  • App version and operating system
  • Anonymized hardware information (e.g. GPU type, available VRAM)

Never included:

  • Your training data or datasets
  • Model weights or checkpoints
  • File paths or file contents from your machine

This feature is off by default and can be switched on or off at any time in the app's settings. Enabling it means you consent to this data processing (Art. 6(1)(a) GDPR); you may withdraw this consent at any time with future effect.

We use this data exclusively to fix bugs, improve the product, and provide better support when you contact us.

5. Third-Party Providers

StripePayment processingPrivacy policy →
VercelWebsite hostingPrivacy policy →
CloudflareAPI infrastructure / CDNPrivacy policy →
GoogleOAuth login (optional)Privacy policy →
GitHubOAuth login (optional)Privacy policy →
FrameSphereSSO login (optional)Privacy policy →

6. Your Rights (GDPR)

You have the following rights regarding your personal data:

  • Right to access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure ("right to be forgotten", Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)

To exercise your rights, please contact: framesphere@gmx.net

7. Cookies

FrameTrain only uses technically necessary cookies. See our Cookie Policy for the full list. No tracking or marketing cookies are used.

8. Data Security

All data transfers are encrypted via HTTPS/TLS. Passwords are hashed with bcrypt and never stored in plain text. Payment data is processed exclusively by Stripe (PCI-DSS Level 1 certified).

9. Contact & Complaints

If you have questions or complaints about this privacy policy, please contact framesphere@gmx.net. You also have the right to lodge a complaint with your competent data protection authority.