For parents·privacy

Privacy, in plain language.

No lawyer-speak version on this page; this is the truth in normal sentences. The legal-exact version will be published at /for-parents/privacy/legal before launch.

What we collect

The minimum needed to make the app work. That is:

  • The parent's email. So you can sign in and so we can email you about the account (only when needed; we are not a newsletter).
  • The parent's display name (optional). Whatever you typed in. We never ask for legal name.
  • Aggregate game-play stats. Which games are played, for how long. Stored on your device by default; sent to us only if you turn on cloud-sync (off by default).
  • Crash logs. When the app crashes, we get a stack trace and the device model. No personal content. You can turn this off in settings.

What we do not collect

  • Your kid's name. Your kid's face. Your kid's voice. Your kid's location.
  • Your contacts list. Your photo library. Your microphone.
  • Third-party tracking IDs (no Facebook pixel, no Google Analytics, no advertiser-tracker SDKs).
  • Anything we do not explicitly need to make the app work.

Where it goes

Your account email lives on a database in Canada (specifically, on Vercel's Toronto-region Postgres host). Crash logs (if enabled) go to Sentry. That is the entire vendor list at the time of writing.

We do not have a third-party advertising vendor. We do not have a third-party analytics vendor. We do not sell or share data with anyone for marketing purposes; we have not, will not, and have no commercial reason to.

How long we keep it

  • Account email: until you delete the account. After deletion, gone within 24 hours.
  • Aggregate stats: 30 days, then bucketed into anonymous monthly counts. The monthly counts are kept indefinitely; they cannot be linked back to your account.
  • Crash logs: 90 days, then deleted automatically.

How to delete it

In the app: Settings → Privacy → Delete account. Deletion is immediate and permanent. We cannot recover deleted accounts; do not ask, because we genuinely cannot.

By email: write to [email protected] and we will delete on request within 7 days; you will get a confirmation email.

COPPA, GDPR-K, and Canadian PIPEDA

FrameBright is COPPA-compliant. We do not collect personal information from children under 13 without verifiable parental consent; the parent-account flow is the consent mechanism.

FrameBright is GDPR-K compliant in EU regions where the app is currently available (UK + EU). Parental consent is required at signup; data deletion is a one-tap operation in the parent app.

FrameBright complies with Canadian PIPEDA. Good Ventures Lab is a Canadian entity; the database is in Canada.

Changes to this policy

If we change anything material, we will email every account holder before the change takes effect. Date of last update: 2026-04-24.

Questions

The contact form lands at [email protected]. We answer privacy questions within 7 days; usually within 1.