Back

Privacy Policy

Last updated 6 June 2026

This policy explains what personal data Framelines collects, why, and what your rights are. Framelines is operated by Framelines Publishing Limited (“Framelines”, “we”, “us”), a company registered in England & Wales (company number 13671353), with its registered office at Belmont Suite Paragon Business Park, Chorley New Road, Horwich, Bolton, England, BL6 6HG. You can reach us at info@frame-lines.com.

What we collect

  • Account information — your name, email address, username, profile photo, bio, and any links you add (such as Instagram or a website).
  • Authentication — we sign you in via Patreon and/or an email and password. Card details are never handled by us.
  • Content you submit — photographs, captions, chat posts, comments, and reactions.
  • Direct messages — the private messages you send to and receive from other members, including their content and timestamps.
  • Membership & payments — your membership status and billing history. Payments are processed by Stripe or Patreon; we do not store your card number.
  • Technical & usage data — basic device and usage information, and, if you opt in, a push-notification subscription token.

How we use it

  • To provide the service — your account, the assignment loop, profiles, and community features.
  • To take membership payments and manage your subscription.
  • To display the work and posts you submit, and to send you notifications you’ve enabled (by email or push).
  • To feature standout submissions — across the app, the Framelines magazine, the featured wall, and social-media roundups (e.g. Instagram) — always with credit. See our Terms for the licence this relies on.
  • To keep the service secure and to improve it.

Direct messages

Direct messages are private to the people in the conversation. We do not read them, and moderators have no general access to your inbox. There are two exceptions:

  • If you report a message, a copy of the recent messages in that conversation is shared with our moderators so they can review what happened.
  • We may access specific messages where we’re required to by law, or where it’s strictly necessary to investigate a serious safety issue or a breach of our Terms.

Messages are stored on our infrastructure (Supabase) and are kept for as long as your account exists, unless you delete them or ask us to remove your data. Deleting a conversation removes it from your own inbox; the other participant keeps their copy.

Legal bases (UK GDPR)

We process your data to perform our contract with you (providing your membership), for our legitimate interests in running and securing the community, and — for things like push notifications and optional marketing — on the basis of your consent.

Who we share it with

We don’t sell your personal data. We share it only with the providers that run the service for us:

  • Supabase — database, file storage, and authentication.
  • GitHub (a Microsoft company) — encrypted, off-site database backups.
  • Stripe and Patreon — membership payments.
  • Vercel — hosting and basic analytics.
  • PostHog — product analytics.
  • Resend — transactional email.

Some of these providers are based outside the UK; where that’s the case, we rely on appropriate safeguards for the transfer.

How long we keep it

We keep your data for as long as your account exists. If your membership lapses, your data is retained so you can reactivate, until you ask us to delete it.

We also keep encrypted backups of our database for disaster recovery. These backups are stored securely off-site and are automatically deleted after 12 weeks. When you delete your account or ask us to remove your data, it is erased from the live service straight away, but copies may remain in these backups until they expire.

Your rights

Under UK data-protection law you can ask to access, correct, delete, restrict, or port your data, and to object to certain processing. Email info@frame-lines.comand we’ll help. You also have the right to complain to the UK’s Information Commissioner’s Office (ICO) at ico.org.uk.

Cookies

We use essential cookies to keep you signed in, and basic analytics to understand how the service is used. We don’t use advertising cookies.

Children

Framelines is not intended for anyone under 16. If you believe a child has given us their data, contact us and we’ll remove it.

Changes

We may update this policy from time to time. We’ll change the date above when we do.

Contact

Questions about your data? Email info@frame-lines.com.