Last Revised: August 5, 2021
1. INFORMATION WE COLLECT
We collect the following types of information.
Information you provide us directly:
- Your username, date of birth, password and e-mail address when you register for a Frame account.
- Profile information that you provide for your user profile (e.g., first and last name, phone number, zipcode).
- Your Information (e.g., comments, and other information or materials) that may choose to post or share through the Services.
- Communications between you and Frame. For example, we may send you Services-related emails (e.g., account verification, changes/updates to features of the Services, technical and security notices). Note that you may not opt out of Services-related e-mails.
- If you contact our customer care team, we collect the information you give us during the interaction. Sometimes, we monitor or record these interactions for training purposes and to ensure a high quality of service.
- When you choose to participate in our promotions or events, we collect the information that you use to register or enter.
- Credit card information for billing purposes.
- Information submitted for a workshop and information submitted during live Discussions.
- Information you provide regarding the types of services that you are seeking or providing in connection with the Services.
If you are a Provider, you may be required to provide the following additional information to us:
- Banking information for billing purposes; such as account # and routing information for invoicing purposes.
- Clinical license or state registration information.
- Any additional information about your practice that you may provide to us in connection with your use of our Services.
- Any photos or other content you may provide to us in connection with your use of our Services.
Information we receive from others:
We may also receive information from third party service providers we engage with to (i) facilitate phone calls, video calls, and 2-way messaging between Providers and Client Users who have been connected on Frame, and (ii) send SMS notifications from Frame to the Provider and Client (collectively, “In-App Communications”). For example, we receive the date and time of communications and the parties’ phone numbers.
Information collected when you use our Services:
When you use our Services, we collect information about which features you’ve used, how you’ve used them and the devices you use to access our Services.
- Frame uses non-identifying (de-identified) and aggregated information to better design our website and to use in research and trend analysis. Frame also uses non-identifying (de-identified) and aggregated information about the frequency of the utilization of the Frame Services. These efforts enhance program evaluation.
- We use third-party analytics tools to help us measure traffic and usage trends for the Services. These tools collect information about your activity that is sent by your device or our Services, including the web pages you visit, add-ons, that date and time you logged in, features you’ve been using, searches or search parameters, clicks and pages, referring webpage addresses, how you interact with other users (e.g., users that you interact with, time and date of your exchanges, number of messages sent and received), and other information that assists us in improving the Services. We collect and use this analytics information in an aggregated form with the analytics information from other Users so that it cannot reasonably be used to identify any particular individual User.
Cookies and Similar Technologies:
- Some web browsers (including Safari, Internet Explorer, Firefox and Chrome) have a “Do Not Track” (“DNT”) feature that tells a website that a user does not want to have his or her online activity tracked. If a website that responds to a DNT signal receives a DNT signal, the browser can block that website from collecting certain information about the browser’s user. Not all browsers offer a DNT option and DNT signals are not yet uniform. For this reason, many businesses, including Frame, do not currently respond to DNT signals.
- A cookie is a small amount of data, which often includes a unique identifier that is sent to your computer, tablet, phablet, cell phone or other electronic device browser from a website's computer and is stored on your device's hard drive. Each website can send its own cookie to your browser if your browser's preferences allow it, but (to protect your privacy) your browser only permits a website to access the cookies it has already sent to you, not the cookies sent to you by other sites. Many sites do this whenever a user visits their website in order to track traffic flows.
- Information supplied by cookies can help us to analyze the profile of our visitors so we can provide you with a better user experience.
Log file information:
- Log file information is automatically reported by your browser each time you make a request to access (i.e., visit) a web page or app. It can also be provided when the content of the webpage or app is downloaded to your browser or device.
- When you use our Services, our servers automatically record certain log file information, including your web request, Internet Protocol ("IP") address, browser type, referring / exit pages and URLs, number of clicks and how you interact with links on the Services, domain names, landing pages, pages viewed, and other such information. We may also collect similar information from emails sent to our Users which then help us track which emails are opened and which links are clicked by recipients. The information allows for more accurate reporting and improvement of the Services.
- When you use a mobile device like a tablet or phone to access our Services, we may access, collect, monitor, store on your device, and/or remotely store one or more "device identifiers." Device identifiers are small data files or similar data structures stored on or associated with your mobile device, which uniquely identify your mobile device. A device identifier may be data stored in connection with the device hardware, data stored in connection with the device's operating system or other software, or data sent to the device by Frame.
- A device identifier may deliver information to us or to a third party partner about how you browse and use the Services and may help us or others provide reports or personalized content. Some features of the Services may not function properly if use or availability of device identifiers is impaired or disabled.
Other information with your consent:
If you give us permission, we will be able to collect other information about you, such as the type of therapy services you are looking for, and any feedback related to your use of our Services, including any Frame Discussions, In-App Communications, or the Matching Services. If you decline permission for us to collect such information, we will not collect it, but this may prevent us from offering certain features to you that make use of such information.
2. HOW WE USE AND PROTECT YOUR INFORMATION
- Help you efficiently access Your Information after you sign in;
- Remember information so you will not have to re-enter it during your visit or the next time you visit the Services;
- Provide personalized content and information to you and others, which could include other forms of marketing;
- Provide, improve, test, and monitor the effectiveness of our Services;
- Develop and test new products and features;
- Provide customer support and facilitate your use of the Services and your engagement with Providers;
- Monitor metrics such as total number of visitors, traffic, and demographic patterns;
- Diagnose or fix technology problems; and
- Automatically update the Frame application on your device.
We protect nonpublic personal information by:
- Restricting access to Your Information to only those personnel for whom the information is necessary.
- Entering into written confidentiality/non-disclosure agreements with third party service providers for certain disclosures.
- Maintaining physical, electronic, and procedural safeguards that comply with the relevant laws and regulations.
- Conducting a Security Training and Awareness training program to communicate and educate employees about information security policies and procedures in order to make them aware of their roles and responsibilities in safeguarding information resources.
- Frame uses firewall barriers and digital certifications to maintain the security of your online session and information.
- Frame uses third party service providers (i.g., Stream) to facilitate the secure storage and maintenance of Your Information.
- We do not collect any non-public personal information about visitors on our website, unless information is provided to us voluntarily or derived from website navigation and usage of the Frame website and online platforms.
From time to time, Frame may use User information for new, unanticipated uses not previously disclosed in our privacy notice. If our information practices change at some time in the future we will contact you before we use Your Information for these new purposes to notify you of the policy change and to provide you with the ability to opt out of these new uses.
3. SHARING OF YOUR INFORMATION
We will not rent or sell Your Information to third parties outside Frame (or the group of companies of which Frame is a part) without your consent.
Parties with whom we may share Your Information:
- We may share Your Information with third parties and other persons when you have expressly authorized such disclosure.
- With your express consent, we may share some of your Your Information or other information with Providers with whom you want to engage directly with using our Matching Services, or in connection with your access to and use of Frame Discussions. If you do not consent to such use, we will not share your Your Information with Providers, but this may prohibit us from granting you access or otherwise enabling you to use some or all of our Services.
- We may share Your Information with service providers who help us to provide the Frame Services, in order to enable them to help us to provide the Services to you, but only to the extent necessary to provide such Services.
- We may share Your Information (including but not limited to, information from cookies, log files, device identifiers, location data, and usage data) with businesses that are legally part of the same group of companies that Frame is part of, or that become part of that group ("Affiliates"). Affiliates may use this information to help provide, understand, and improve the Services (including by providing analytics) and Affiliates' own services (including by providing you with better and more relevant experiences). But these Affiliates will honor the choices you make about Your Information.
- We also may share Your Information as well as information from tools like cookies, log files, and device identifiers and location data, with third-party organizations that help us provide the Services to you ("Services Providers"). Our Services Providers will be given access to Your Information as is reasonably necessary to provide the Services under reasonable confidentiality terms.
- We may remove parts of data that can identify you and share anonymized data with other parties. We may also combine Your Information with other information in a way that it is no longer associated with you and share that aggregated information.
Parties with whom you may choose to share Your Information:
- Any information or content that you voluntarily disclose in connection with the Services (including In-App Communications), such as Your Information, with a Provider, becomes available to the Provider, as controlled by any applicable privacy settings or parameters that you set or establish, and subject to any applicable privacy laws or regulations.
- If you remove information that you posted to the Services, copies may remain viewable in cached and archived pages of the Services, or if other Users or third parties using the Services have copied or saved that information.
- If you have questions about your rights under HIPAA (the Health Insurance Portability and Accountability Act), or would like more information about HIPAA and how (or if) it may affect you and Your Information, please contact your Provider directly.
What happens in the event of a change of control:
Responding to legal requests and preventing harm:
- We may access, preserve and share Your Information in response to a legal request (like a search warrant, court order or subpoena) if we have a good faith belief that the law requires us to do so. This may include responding to legal requests from jurisdictions outside of the United States where we have a good faith belief that the response is required by law in that jurisdiction, affects users in that jurisdiction, and is consistent with internationally recognized standards. We may also access, preserve and share information when we have a good faith belief it is necessary to: detect, prevent and address fraud and other illegal activity; to protect ourselves, you and others, including as part of investigations; and to prevent death or imminent bodily harm. Information we receive about you may be accessed, processed and retained for an extended period of time when it is the subject of a legal request or obligation, governmental investigation, or investigations concerning possible violations of our terms or policies, or otherwise to prevent harm.
4. HOW WE STORE YOUR INFORMATION
Storage and Processing:
- Your information collected through the Services may be stored and processed in the United States or any other country in which Frame, its Affiliates or Services Providers maintain facilities.
- Frame, its Affiliates, or Services Providers may transfer information that we collect about you, including personal information across borders and from your country or jurisdiction to other countries or jurisdictions around the world. If you are located in the European Union or other regions with laws governing data collection and use that may differ from U.S. law, please note that we may transfer information, including personal information, to a country and jurisdiction that does not have the same data protection laws as your jurisdiction.
- We use commercially reasonable and industry-standard safeguards to help keep the information collected through the Services secure and take reasonable steps (such as requesting a unique password) to verify your identity before granting you access to your account. However, Frame cannot ensure the security of any information you transmit to Frame or guarantee that information on the Services may not be accessed, disclosed, altered, or destroyed.
- Please do your part to help us. You are responsible for maintaining the secrecy of your unique password and account information, and for controlling access to emails between you and Frame, at all times.
5. YOUR CHOICES ABOUT YOUR INFORMATION
Your account information and profile/privacy settings:
- Update your account at any time by logging in and changing your profile settings.
- Unsubscribe from email communications from us by clicking on the "unsubscribe link" provided in such communications. As noted above, you may not opt out of Services-related communications (e.g., account verification, purchase and billing confirmations and reminders, changes/updates to features of the Services, technical and security notices).
- Learn more about reviewing or modifying your account information.
How long we keep Your Information:
- Following termination or deactivation of your account, Frame, its Affiliates, or its Services Providers may retain information (including your profile information) and Your Information for a commercially reasonable and industry-standard time for backup, archival, and/or audit purposes.
- Frame stores data only for as long as it is necessary to provide the Services and any other products to you and other users, including those described above. Additionally, Frame may store data for as long as it is required by applicable laws and regulations, or as reasonably necessary for legal protections.
6. PROTECTING THE PRIVACY OF YOUR FELLOW FRAME USERS
During your use of the Frame Services, you will not send or otherwise post unauthorized commercial communications (such as spam) on the Frame websites, applications, or any other platforms offered by Frame in connection with the Services.
You will not collect other users' content or information, or otherwise access the Services, using automated means (such as harvesting bots, robots, spiders, or scrapers) without our permission:
- You will not upload viruses or other malicious code.
- You will not solicit login information or access an account belonging to someone else.
- You will not bully, intimidate, or harass any other User.
- You will not post content that: is hateful, threatening, or pornographic; incites violence; or contains nudity or graphic or gratuitous violence.
- You will not provide any false personal information on tryframe.com, or create an account for anyone other than yourself without permission. You will not create more than one personal profile.
7. MINOR’S PRIVACY
Frame does not knowingly collect or solicit any information from anyone under the age of 18 or knowingly allow such persons to register for the Services. The Services and its content are not directed at children under the age of 18. In the event that we learn that we have collected personal information from a child under age 18, we will delete that information as quickly as possible. If you believe that we might have any information from or about a minor under 18, please contact us.
8. OTHER WEB SITES AND SERVICES
9. CALIFORNIA CONSUMER PRIVACY ACT (CCPA) USE AND DISCLOSURE OF PERSONAL DATA
Frame recognizes that California has articulated specific privacy rights of Frame Users in that State. California Users should understand that Frame does not sell User data to third parties.
California Right to Know: You may request access to the specific pieces of personal data we have collected about you in the preceding 12 months. In particular, you have the right to request the following from us:
- The categories of Your Information we have collected about you;
- The categories of sources from which Your Information was collected;
- The categories of Your Information about you we disclosed for a business purpose or sold;
- The categories of third parties to whom Your Information was disclosed for a business purpose or sold;
- The business or commercial purpose for collecting or selling Your Information; and
- The specific pieces of Your Information we have collected about you.
California Right to Delete: In addition, you have the right to delete Your Information we have collected from you. However, this is not an absolute right and Frame may have legal grounds for keeping such data.
California Designated Agent. You may designate an agent to make a request on your behalf. We may require that that agent have access to your account in order for us to verify the request. We may also require written proof of the agent’s permission to make a request on your behalf and verify your identity directly.
California Right to Non-Discrimination. You have the right to non-discriminatory treatment by us, should you exercise any of your rights. Frame will never discriminate against you, including by denying or providing a different level of service should you choose to exercise your rights under the CCPA.
California Shine the Light. You have the right to request, once a year: (i) if Frame has shared Your Information with other companies for direct marketing purposes during the preceding calendar year; and if we have, you have the right to request: (a) a list of the categories of Your Information disclosed by us to third parties during the preceding calendar year and (b) a list of the categories of third parties to whom we have disclosed such information. This is California’s “Shine-the-Light Law.” To request a copy of the information disclosed by Frame and a list of the third parties to whom such disclosures have been made, please contact us at firstname.lastname@example.org. Requests must include “California Shine the Light Request” in the first line of the description and include your name, street address, city, state, and ZIP code. We may require additional information from you to allow us to verify your identity and are only required to respond to requests once during any calendar year. Please note that Frame is not required to respond to requests made by means other than through the provided email address or mail address. Please allow reasonable time for a response.
To exercise any of these rights, please submit a request by contacting email@example.com, and specify which right you are seeking to exercise and the scope of the request. We will confirm receipt of your request within 10 days. We may require specific information from you to help us verify your identity and process your request. If we are unable to verify your identity, we may deny your requests to know or delete.
10. COPYRIGHTS AND PROTECTING OTHER PEOPLE’S INTELLECTUAL PROPERTY RIGHTS
11. PRIVACY ENFORCEMENT
12. NO WARRANTIES
We try to keep the Frame Services, including any websites, mobile applications, and other platforms offered by Frame, safe, but you use it at your own risk. We are providing the Services “As Is” without any express or implied warranties. We do not guarantee that the Services will be safe or secure. Frame is not responsible for the actions, content, information, or data of third parties, and you release us, our directors, officers, employees, and agents from any claims and damages, known and unknown, arising out of or in any way connected with any claim you have against any such third parties.
13. HOW TO CONTACT US