Privacy policy

Framebridge, Inc.

Privacy Statement

Effective date: January 1st, 2026

Framebridge, Inc. ("Framebridge") provides this Privacy Statement to let you know our policies and procedures regarding the collection, use and disclosure of information through www.framebridge.com, our mobile application (the "App"), our retail stores and any other websites, features, applications, widgets or online services that are owned or controlled by Framebridge and that post a link to this Privacy Statement (collectively, the "Site"), as well as any information Framebridge collects offline in connection with the Site. This Privacy Statement applies to information collected from the effective date forward; information collected while a previous Privacy Statement was in effect remains subject to the terms of that former policy.

Framebridge provides custom on-line and in-store custom framing services to household consumers in the United States. This Privacy Statement also explains how we may use and disclose such information, as well as your ability to control certain uses of it. By using this site, you agree to the data collection, use, disclosure and storage practices described in this Privacy Statement. Framebridge is a Shopify merchant. Please also review the Shopify privacy policy, which governs how Shopify collects and uses your information.

We collect information about you in a range of forms, including personal information, when you choose to provide it to us. Personal information (or personal data) means information about an individual from which that person can be identified. It does not include personal information where the identity has been removed (anonymous personal information). This may include when you purchase a product, contact us with inquiries or otherwise contact us.

When you interact with us through the Services, we may collect information from you, as further described below.

We are committed to protecting your personal information and your right to privacy. Please read this Privacy Statement carefully as it will help you make informed decisions about sharing your personal information with us. Please see your US State Privacy Rights for additional information and rights.

By accessing or using the Site, you consent to the information collection, disclosure and use practices described in this Privacy Statement. Please note that certain features or services referenced in this Privacy Statement may not be offered on the Site at all times. Please also review our Terms of Use, which governs your use of the Site, and which is accessible at www.framebridge.com/terms.

We may sell or share your Personal Information as further described below.

If you are located in the United States, including Connecticut, Maryland, Nebraska, New Hampshire, Tennessee, Texas, Utah and Virginia and would like to opt-out of the sale or sharing of your personal information, click here, call us at 1-888-236-5612 or email us at privacy@framebridge.com.

DO NOT SELL OR SHARE MY INFORMATION

You are not required to create a new account with us to exercise your privacy rights. However, we do consider requests made through your password protected account sufficiently verified when the request relates to personal information associated with that specific account.

We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child, though Framebridge does not knowingly sell or share information with third parties, of children under age 18.

We will process your sales or sharing opt-out request within 15 business days.

Information Collection

Information You Provide to Us

Categories of Data

Sales of Personal Information and Do Not Sell Disclosure

User Submitted Materials

Information Received from Third Parties

Information Collected from Other Sources

Information Collected from Users Automatically and Cookie Policy

User Generated Postings

Social Media

Information Sharing and Disclosure

Service Providers and Third Parties and Do Not Sell Disclosure

Information Sharing

Third Party Analytics Providers, Ad Servers and Similar Third

Your Choices and Opting Out

Retention of Information

Security

Data Storage and Retention

International Transfers

Children's Privacy

Links to Other Sites

Changes to this Statement

Contacting Information

Your U.S. State Privacy Rights

Overview of Rights

Response Timing and Format

Non-Discrimination; Notice of Permitted Financial Incentives

Other California Privacy Rights

INFORMATION COLLECTION

Information You Provide to Us

We collect information from you when you choose to provide it to us, and which is adequate, relevant, and reasonably necessary in relation to our processing of your information. We limit our collection of personal data to what is adequate, relevant, and reasonably necessary in relation to the disclosed purposes for which the personal data is processed, as disclosed in this privacy statement. This may include when you purchase a product, create an account with us, sign up for our email lists, use our Services, submit a rating or review, participate in a survey or promotion, or otherwise contact us.

In the course of using the Site, we may collect information that identifies you as a specific individual and can be used to contact or identify you ("Personal Information"). Examples of Personal Information we may collect include your name, email address, postal address, shipping address, phone number, mobile number, geolocation information, photos or videos, user name, purchase history and shopping history on our Site or pseudonymous data when the data is used in conjunction with additional information that reasonably links the data to you. Our mobile application may request access to the photographs stored on your mobile device; if you choose to allow that access some of the photographs may be personally identifiable. You may also provide us with your email address or other personal information in an offline format. If you register using a social media account (such as Facebook Connect or Google Connect), we collect information from the site you use to register consistent with that site's privacy policy as described in the Social Media section below.

If you use the Site to make purchases, we will also collect certain payment information, such as payment card, PayPal, Square, or other financial account information, and billing address. A third-party payment processor collects that information; we do not store your credit card information. We may also collect additional types of personal information that you choose to provide to us. This could include information about yourself or family members. It's up to you whether you provide this information. We will not disclose any of this personal information unless you expressly authorize us to do so.

We also may collect other information, such as ZIP codes, and other information regarding your use of the Site ("Non-Identifying Information") or from you in response to surveys. Certain Non-Identifying Information would be considered a part of your Personal Information if it were combined with other identifiers in a way that enables you to be identified (for example, combining information with your name). We may combine your Personal Information with Non-Identifying Information, but Framebridge will treat the combined information as Personal Information.

Categories of Data

In particular, we have collected the following categories of personal information from its consumers within the last twelve (12) months. Framebridge does not generally collect or process sensitive information of consumers.

Category	Examples	Collected	Sold or Shared?	Retention Period
A. Identifiers.	A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.	YES, a real name, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name.	YES	For as long as needed for legitimate business purposes.
B. Personal information, including categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.	YES: name, signature, address, telephone number. Some personal information included in this category may overlap with other categories.	YES	N/A
C. Protected classification characteristics under California or federal law, or other state laws	Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).	YES for employees only	NO	For as long as needed for legitimate business purposes.
D. Commercial information.	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.	YES, records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.	YES	For as long as needed for legitimate business purposes.
E. Biometric information.	Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.	NO	NO	N/A
F. Internet or other similar network activity.	Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.	YES, as set forth in our privacy policy	YES	N/A
G. Geolocation data.	Physical location or movements.	NO	NO	N/A
H. Sensory data.	Audio, electronic, visual, thermal, olfactory, or similar information.	NO	NO	N/A
I. Professional or employment-related information.	Current or past job history or performance evaluations.	YES, for employees only	NO	For as long as needed for legitimate business purposes.
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).	Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.	NO	NO	N/A
K. Inferences drawn from other personal information.	Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.	NO	NO	N/A
Sensitive Personal Information	Government identifiers (social security, driver's license, state identification card, or passport number)	YES, for employees only	NO	For as long as needed for legitimate business purposes.
	Complete account access credentials (user names, account numbers, or card numbers combined with required access/security code or password)	NO	NO	N/A
	Precise geolocation data	NO	NO	N/A
	Any data revealing racial or ethnic origins	Yes, for employees only if they choose to disclose it.	NO	For as long as needed for legitimate business purposes.
	Any data revealing religious or philosophical beliefs	NO	NO	N/A
	Union membership	NO	NO	N/A
	Genetic data	NO	NO	N/A
	Mail, email, or text messages contents not directed to us	NO	NO	N/A
	Unique identifying biometric information or data	NO	NO	N/A
	Health, sex life, or sexual orientation, status as transgender or non-binary	Yes, for employees only if they choose to disclose it.	NO	For as long as needed for legitimate business purposes.
	That is generated by measuring the activity of a consumer's central or peripheral nervous system, and that is not inferred from nonneural information.	NO	NO	N/A
	Medical history, mental or physical health condition or medical treatment or diagnoses	NO	NO	N/A
	Personal data of a child under the age of 13.	NO	NO	N/A
	Citizenship or immigration status	Yes, for employees only if they choose to disclose it.	NO	For as long as needed for legitimate business purposes.

Framebridge goes not generally collect sensitive information from consumers. If we collect any other personal information that is categorized as sensitive personal information under applicable law, which is not covered by the above, we will notify you of such at the point of collection and the use of such information will comply with this privacy statement.

Disclosures of Personal Information for a Business Purpose

In the preceding twelve (12) months, Company has disclosed the following categories of personal information for a business purpose to service providers and contractors:

Category A: Identifiers.

Category B: California Customer Records personal information categories.

Category D: Commercial information.

Category F: Internet or other similar network activity.

Sales of Personal Information

We share your personal information with Service Providers and with third party advertisers, analytics, aggregators, and content providers.

In the preceding twelve (12) months, we have shared or sold the following categories of personal information with the third parties listed below:

A. Identifiers.

B. California Customer Records personal information.

We share or sell your personal information to the following categories of third parties:

Third party data brokers and for list exchange purposes with other companies as part of a list cooperative membership environment, such as with Epsilon, Oracle, Wiland, to enable them and us to provide you with information about products or services.

California prohibits a third party from reselling personal information unless you have received explicit notice and an opportunity to opt-out of further sales. The following businesses receive personal information from us and may resell that information. To opt-out of those sales, please visit the third-party opt-out notices at the links provided below:

Oracle America Inc.: https://datacloudoptout.oracle.com/optout
Epsilon Data Management LLC: https://www.epsilon.com/us/marketing-data-summary-request
Wiland Inc.: https://privacyportal-cdn.onetrust.com/dsarwebform/7567ece3-2d27-4ee0-a506-1153cb7a62b7/a5485eb1-f1ee-4a9f-9ed4-2b8ee48b550f.html

Framebridge obtains the categories of personal information listed above from the following categories of sources:

Directly from you. For example, from forms you complete or products and services you purchase.

Indirectly from you. For example, from observing your actions on our Site.

DO NOT SELL OR SHARE MY INFORMATION

We will process your sales or sharing opt-out request within 15 business days.

Once you make a sales opt-out request, we will wait at least twelve (12) months before asking you to reauthorize personal information sales. However, you may change your mind and opt back in to personal information sales at any time by calling us at 1-888-236-5612 or emailing us at privacy@framebridge.com.

User Submitted Materials

You also may provide information to be published or displayed on public areas of the Site, or transmitted to other users of the Site or third parties, or in connection with placing an order (collectively, "User Submitted Materials").

If you have created an account, you may be able to voluntarily provide additional information in various areas of the Site. For example, you may want to provide additional information as part of an optional profile to enhance your experience and use its features. We may use this information to personalize the Site and its features just for you.

Your User Submitted Materials are posted on and transmitted to others at your own risk. Although you may set certain privacy settings for such information by logging into your account profile, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Website with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.

Information Received from Third Parties

We also may receive information about you from third parties. If you provide us with personal information about others, or if others give us your information, we will only use that information for the specific reason for which it was provided to us. For example, we may supplement the information we collect with outside records, or third parties may provide information in connection with a co-marketing agreement or at your request (such as if you choose to sign in with a third-party service such as Facebook). If we combine the information we receive from others with Personal Information we collect through the Site, we will treat the combined information as Personal Information as described in this Privacy Statement.

Information Collected From Other Sources

We may obtain information about you from other sources, including social networks that you use to connect with Us. If you use a third party service to login, link to us, or communicate with us (such as a social network or third party video chat), we may receive certain information about you from the third party based on your registration and privacy settings on those third party services. This information may include name, user name, demographic information, updated address or contact information, interests, and publicly-observed data, such as from social media and online activity.

Combination of Information

We may combine the information we receive from and about you, including information you provide to us and information we automatically collect through our Services as well as information collected offline or from third party sources to help us tailor our communications to you and to improve our Services.

Information Collected from Users Automatically and Cookie Policy

We and our third party service providers, including advertisers, analytics, and third party content providers, may automatically collect certain information from you whenever you access or interact with the Site. This information may include, among other information, the browser and operating system you are using, the URL or advertisement that referred you to the Site, the search terms you entered into a search engine that led you to the Site, areas within the Site that you visited, and other information commonly shared when browsers communicate with websites. When service providers receive this information, they are not permitted to use the information collected on our behalf except to help use conduct and improve our business.

As is true of most web sites, we automatically gather information about your computer such as your IP address, browser type, referring/exit pages, and operating system.

We may use cookies, web beacons, pixel tags, log files, or other technologies to automatically collect certain information when you use our Services or interact with our emails and online or mobile advertisements. For example, we may automatically collect certain non-personal information from you such as your mobile device identifier or MAC address, browser type, operating system, device model, software version, Internet Protocol ("IP") address, mobile or ISP carrier information, and the domain name from which you accessed the Services. We also may collect information about your use of the Services including the date and time you access the Services, the areas or pages of the Services that you visit, the amount of time you spend using the Services, the number of times you return, whether you open forward or click-through emails and ads, and other usage data so that we can understand the statistical use trends of our Site in order to make improvements. This information may be stored and used with your personal information attached to it.

We capture the following information:

Domain Name – through which you access the Internet
IP address – from the computer or network used to access our website
Web browser – and operating system used
Date and time – you accessed our site
Referral Internet address – of the website from which you clicked to get to our website
Search terms – used in a search engine (like google.com) that brought you to our website.

We may also use third-party tools or services, such as Google Analytics, to assist us with analyzing and improving the Site and Services. These service providers are not permitted to use the information collected on our behalf except to help use conduct and improve our business.

The information we collect also includes the Internet Protocol ("IP") address or other device identifier ("Device Identifier") for any device (computer, mobile phone, tablet, etc.) used to access the Site. A Device Identifier is a number that is automatically assigned or connected to the device you use to access the Site, and our servers identify your device by its Device Identifier. Some mobile service providers may also provide us or our third party service providers with information regarding the physical location of the device used to access the Site. If such information is linked to your Personal Information, we will treat it as Personal Information under this Privacy Statement.

The technology used to collect information automatically from Framebridge Users may include the following:

Cookies: Like many websites, we use "cookies" to collect information. A cookie is a small data file that we transfer to your computer's hard disk for record-keeping purposes. We use both persistent cookies that remain on your computer or similar device (such as to save your registration ID and login password for future logins to the Site and to track your compliance with any Framebridge applicable policies) and session ID cookies, which expire at the end of your browser session (for example, to enable certain features of the Site, to better understand how Framebridge Users interact with the Site and to monitor aggregate usage by Framebridge Users and web traffic routing on the Site). You may be able to instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you do not accept cookies, however, you may not be able to use all functionality of the Site.

Web Beacons: We may also employ software technology known as "web beacons" or "tracking tags" to help us keep track of what content on our Site is effective and to serve relevant advertising to you. Web beacons are small graphics with a unique identifier that may be invisible to you, and which are used to track the online activity of Internet users. Web beacons are embedded in the web pages you review or email messages you receive. Web beacons or similar technologies may be used for a number of purposes, including, without limitation, to count visitors to our Site, to monitor how Framebridge Users navigate the Site, to count how many e-mails that were sent were actually opened, or to count how many particular articles or links were actually viewed.

Embedded Scripts: An Embedded Script is programming code that is designed to collect information about your interactions with the Site, such as the links you click on. The code is temporarily downloaded onto your computer or other device and is deactivated or deleted when you disconnect from the Site.

In addition, we may use a variety of other technologies that collect similar information for security and fraud detection purposes and we may use third parties to perform these services on our behalf.

Choices About How We Use and Disclose Your Information and California Do Not Track Disclosures.

We strive to provide you with choices regarding the personal information you provide to us.

You may adjust your browser or operating system settings to limit this tracking or to decline cookies, but by doing so, you may not be able to use certain features on the Services or take full advantage of all of our offerings. Check the "Help" menu of your browser or operating system to learn how to adjust your tracking settings or cookie preferences.

We work with third parties to collect user data through our website or mobile device for purposes of serving ads targeted to your interests. We do not control third parties' collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative ("NAI") on the NAI's website by clicking here.

When you download, access, and use our App, it may use technology to automatically collect:

Usage Details. When you access and use the App, we may automatically collect certain details of your access to and use of the App, including [traffic data,] [location data,] [logs,] [and other] communication data and the resources that you access and use on or through the App.
Device Information. We may collect information about your mobile device and internet connection, including the device's unique device identifier, [IP address,] operating system, browser type, mobile network information, and the device's telephone number.
Stored Information and Files. The App also may access metadata and other information associated with other files stored on your device. This may include, for example, photographs, audio and video clips, personal contacts, and address book information.
Location Information. You can choose whether or not to allow the App to collect and use real-time information about your device's location through the device's privacy settings. If you block the use of location information, some parts of the App may become inaccessible or not function properly.

If you do not want us to collect this information, do not download the App or delete it from your device. Note, however, that opting out of the App's collection of location information will disable its location-based features.

On your mobile device, you can adjust your privacy and advertising settings to limit your tracking for advertising or control whether you receive more relevant advertising. Note that our systems may not recognize Not Track headers or requests from some or all browsers.

Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly.
Disclosure of Your Information for Third-Party Advertising. If you do not want us to share your personal information with unaffiliated or non-agent third parties for promotional purposes, you can opt-out by clicking here [link], calling us at 1-888-236-5612 or emailing us at privacy@framebridge.co.
Promotional Offers from Us. If you do not wish to have your email address used by us to promote our own or third parties' products or services, you can opt-out by clicking here [link], calling us at 1-888-236-5612 or emailing us at privacy@framebridge.co. If we have sent you a promotional email, you may send us a return email asking to be omitted from future email distributions. Targeted Advertising. If you do not want us to use information that we collect or that you provide to us to deliver advertisements according to our advertisers' target-audience preferences, you can opt-out by clicking here [link], calling us at 1-888-236-5612 or emailing us at privacy@framebridge.co. We do not knowingly engage in targeted advertising for children under age 18.

User Generated Postings

The Site may provide you the opportunity to participate and post content publicly on blogs, as reviews, through interactive features and through other communication functionality on the site ("User Generated Postings") or through third-party social media services as described separately below. You may choose, through such features or otherwise, to submit or post questions, comments, or other content. Such User Generated Content, as well as User Submitted Materials described above, may be displayed publicly along with certain of your Personal Information, such as your name or a screen name. Please note that your use of User Generated Postings is subject to our Terms of Use (www.framebridge.com/terms).

Note that any User Generated Postings that you make are public – others will have access to your User Submitted Materials and may use it or share it with third parties. Your User Submitted Materials and User Generated Postings may remain accessible on our Site even after your account is terminated, though we will endeavor to remove such data as appropriate. We are not responsible for User Submitted Materials or User Generated Postings you submit that are made available through the Site. Information you share or post may also be indexed by internet search engines. As noted above, we cannot ensure that information shared on the Site will not be viewed by unauthorized persons.

Social Media

You may register with the Site using your social media accounts, such as your Facebook, Instagram, or Google account. When you create your account in this way, we may collect your personal information from that social media account, consistent with that social media website's privacy policy. Once you create your account with us, whether through a social media platform or not, your use of the Site will not apply.

INFORMATION SHARING AND DISCLOSURE

Service Providers and Third Parties

We may disclose information we collect, including Personal Information, to third parties to operate and maintain our business and our Site. These third parties may assist us with advertising, communications and marketing, data analytics, data storage and hosting, customer support, technology, and other functions. We may also provide information to our other affiliated companies or partner brands, which may use the information for the purposes described in this Privacy Statement, including their own marketing purposes. We limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions, and we require them to agree to maintain the confidentiality of such information. Service providers are not permitted to use the information collected on our behalf except to help use conduct and improve our business.

We will process your sales or sharing opt-out request within 15 business days.

Information Sharing

In particular, we share your data with the following third parties:

Advertising: Google, Meta, Bing, Pinterest, LiveIntent, Criteo, TikTok, Attentive

Analytics: Google Analytics

Content: Bazaarvoice, Nosto

Aggregators: Narvar, Daasity

In certain situations, Framebridge may be required to disclose personal information in response to lawful requests by public authorities, including to meet law enforcement requirements.

We may also disclose your information in order to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a court order or a subpoena.

We may also disclose your information (i) to respond to government requests including but not limited to meeting national security requirements, (ii) when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request, (iii) if Framebridge is involved in a merger, acquisition, or sale of all or a portion of its assets, and/or (iv) to any other third party with your prior consent to do so.

THIRD PARTY ANALYTICS PROVIDERS, AD SERVERS AND SIMILAR THIRD PARTIES

Framebridge may work with analytics service providers and other third parties to help us understand how the Site is being used, such as data collection, reporting, ad response measurement, and website and mobile application analytics, as well as to assist us with delivering relevant marketing messages and advertisements on our Site and elsewhere on the web.

We may use third parties to serve advertisements on the Site and on third-party websites. These third parties may set their own cookies or similar web technologies to collect information about users' online activities over time and across different websites. The information is used to allow them to help us serve ads that are more relevant to you. To manage your preferences you may opt out using the opt-out link embedded in any marketing email we send to you, or by calling 1-888-236-5612 or emailing us at privacy@framebridge.com.

YOUR CHOICES AND OPTING OUT

Registered Users may update their choices regarding the types of communications you receive from us through your online account. You also may opt-out of receiving marketing emails from us by following the opt-out instructions provided in those emails. If you sign up to receive SMS or MMS messages that may be offered on the Site, you may unsubscribe from any SMS or MMS messages received by replying "STOP" to the last text message received. Please note that we reserve the right to send you certain communications relating to your account or use of the Site (for example, administrative and service announcements) via email and other means and these transactional account messages may be unaffected if you opt-out from receiving marketing communications. If you sign up to receive SMS or MMS messages, message and data rates will apply to each text message sent and received. Framebridge is committed to compliance with the Telephone Consumer Protection Act. For questions regarding our text messaging programs, you may text HELP for more information. Message frequency will vary, and standard message and data rates may apply. Carriers are not liable for delayed or undelivered messages. We may modify or terminate our SMS service or any individual receiving party's participation in it at any time, with or without notice, including, for example, if we learn that a receiving party is under the age of 18. At the time of registration, you will be prompted to confirm your subscription by replying "Y" to the registration text message. Response to the registration text message is a requirement of registration. You may also email, call, or text us at 1-888-236-5612 or privacy@framebridge.com. Message and data rates may apply to each text message sent and received.

RETENTION OF INFORMATION

You are responsible for maintaining the accuracy of the information you submit to us. We will retain your information for the period necessary to fulfill the purposes outlined in this Privacy Statement unless a longer retention period is required or permitted by law.

SECURITY

The security of your personal information is important to us. We follow generally accepted standards to store and protect the personal information we collect, both during transmission and once received and stored, including utilization of encryption where appropriate.

We retain data in accordance with applicable laws and only for as long as reasonably necessary for the purposes described in this Privacy Statement. However, please note that no method of transmission over the Internet, or method of electronic storage, is 100% secure. We cannot ensure or warrant the security of any information you transmit to us or store on the Site, and you do so at your own risk. We also cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. If you believe your personal information has been compromised, please contact us as set forth in the "Contact Us" section of this Privacy Statement. If we learn of a security systems breach, we will inform you and the authorities of the occurrence of the breach in accordance with applicable law.

DATA STORAGE AND RETENTION

Your personal information is stored by Framebridge on its servers, and on the servers of the cloud-based database management services Framebridge engages, located in the United States. Framebridge retains data for the duration of the customer's or member's business relationship with Framebridge. For more information on where and how long your personal information is stored, and for more information on your rights of erasure and portability, please contact our Privacy Officer at privacy@framebridge.com or at the Contact Us information listed below.

We retain personal information where we have a legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax, or accounting requirements). When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible. For any deletion/portability requests, we will need to verify the requestor's identity before processing the request. If you have an account with us, we will verify your identity through existing authentication practices for the account (e.g. login and password). If you do not have an account with us, we may request additional information, including personal information, in order to verify your identity and to ensure that we are providing the information or taking the action for the correct individual. Any personal information you provide in a verified request to us will only be used to verify the requestor's identity and nothing more.

INTERNATIONAL TRANSFERS

The Site is currently only available in the U.S. While it is possible to access the Site outside of the U.S., the Site is not designed for or directed to individuals outside of the U.S. and we do not knowingly collect Personal Information from individuals outside the United States.

CHILDREN'S PRIVACY

Protecting children's privacy is important to us. We do not direct the Site to, nor do we knowingly collect any personal information from, children under the age of thirteen. If Framebridge learns that a child under the age of thirteen has provided personally identifiable information to the Site, it will use reasonable efforts to remove such information from its files. Please contact us at privacy@framebridge.com for more information.

LINKS TO OTHER SITES

This Privacy Statement applies only to the Site. The Site may contain links to other websites not operated or controlled by us (the "Third-Party Sites"). The policies and procedures we described here do not apply to the Third-Party Sites. The links from the Site do not imply that we endorse or have reviewed the Third-Party Sites. We suggest contacting those sites directly for information on their privacy policies.

CHANGES TO THIS PRIVACY STATEMENT

The Site and our business may change from time to time. As a result, at times it may be necessary for us to make changes to this Privacy Statement. We reserve the right, in our sole discretion, to update or modify this Privacy Statement at any time (collectively, "Modifications"). Modifications to this Privacy Statement will be posted to the Site with a change to the "Updated" date at the top of this Privacy Statement. In certain circumstances, Framebridge may, but need not, provide you with additional notice of such Modifications, such as via email or with in-Site notifications. Modifications will be effective 30 days following the "Updated" date or such other date as communicated in any other notice to you. Please review this policy periodically, and especially before you provide any Personal Information. This Privacy Statement was updated on the date indicated above. Your continued use of the Site following the effectiveness of any Modifications to this Privacy Statement constitutes acceptance of those Modifications. If any Modification to this Privacy Statement is not acceptable to you, your sole remedy is to cease accessing, browsing and otherwise using the Site. If you have any questions about changes to this Privacy Statement, please contact us at privacy@framebridge.com or the contact information listed below. If you disagree with the changes to this Privacy Statement, you should deactivate your account. Contact the Privacy Officer at privacy@framebridge.com if you wish to request the removal of your personal information under the terms of the revised Privacy Statement.

CONTACT INFORMATION

If you have questions about this Privacy Statement, please contact us via regular mail at Attn: Privacy Officer, Framebridge Inc., 3101 N. Fort Meyer Drive, Suite 1200, Arlington, Virginia 22201, or by email at privacy@framebridge.com, or by telephone at 1-888-236-5612.

YOUR US STATE PRIVACY RIGHTS

Overview of Rights

Consumers in the following states may have additional rights: California, Colorado, Connecticut, Delaware, Indiana, Iowa, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia.

In compliance with the data privacy laws of the states listed above, and in addition to information included above, the following additional information is for consumers residing in those states. Please also review the information in this notice about the information we collect, how we use it, how we share information, and the choices available to you to manage your preferences.

Rights may include the right to:

Know about information collected and how it is used and shared.
Request a portable copy of personal information.
Delete personal information, subject to exceptions.
Correct personal information, subject to exceptions.
Opt out of sale and/or sharing of personal information
Opt out of the use of automated decision-making
Opt out of targeted advertising
Opt out of profiling
Non-discrimination for exercise of any consumer privacy rights
Appeal decisions regarding their privacy rights requests

Only you, or a person authorized by you, may make a request related to your personal information. You may designate, in writing or through a power of attorney, an authorized agent to make such a request on your behalf. We may deny a request from an authorized agent that does not submit proof of authorization from you. To verify your identity and protect your personal information, we may require you to provide additional personal information about you to verify your identity before acting upon the request. We will not disclose your personal information in response to a request that we are unable to verify. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.

You may exercise these rights free of charge. If we deny your request, you may appeal our decision by contacting us at 1-888-236-5612 or emailing privacy@framebridge.com.

To submit a privacy rights request, you may contact us at 1-888-236-5612, privacy@framebridge.com, or use the applicable form at the bottom of our website. We may need to verify your request, and may request additional information about you to verify your identity. We will review and respond to your request consistent with applicable law, taking into account the type and sensitivity of the personal information subject to the request. We may need to request additional personal information from you, such as a state ID and email address, in order to protect against fraudulent requests and to verify your identity, and the information we use to verify your identity may depend on the nature of the request. If we need to verify your identity before processing your request, we will compare the information you provide with the information we have on file. We may also request additional information from you to verify your identity. If we are unable to verify your identity, we may deny your request. If we deny your request, we will explain the reason for the denial. Where you have an account with us, we may verify your identity through our existing authentication practices for the account and may require you to re-authenticate before we disclose or delete your personal information. We will respond to your request within 45 days, unless we need additional time, in which case we will notify you that we need additional time.

We do not sell personal information of consumers we know to be less than 18 years of age, unless we receive affirmative authorization (the "right to opt in") from the consumer who is between 13 and 18 years of age, or the parent or guardian of a consumer less than 13 years of age. The right to opt-in may be exercised for one who is between 13 and 18 years of age by that individual, or by a parent or guardian for one less than 13 years of age. If you believe that a minor under the age of 18 has provided us with personal information, please contact us at privacy@framebridge.com, or at the information listed above, and we will use best efforts to remove that information about them.

Response Timing and Format

For all verifiable consumer requests, we try to respond within forty-five (45) days of receiving it. If we need more time (up to 90 days in the aggregate), we will inform you of the reason and the extension period in writing.

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

Non-Discrimination; Notice of Permitted Financial Incentives

We will not discriminate against you for exercising any of your rights. Unless permitted by applicable law, we will not deny you goods or services; charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties; provide you a different level or quality of goods or services; suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

We may offer you certain financial incentives (which can also result in different prices, rates, or quality levels). We may provide promotional offers or promotions. For example, we may provide a discount code upon signing up for our marketing lists. We have determined that the value of the personal information shared when joining a mailing list or loyalty program is reasonably related to these promotions and offers. In many cases, the value is based on the expense related to offering those discounts and programs. You can opt-in to these financial incentives by signing up or joining the relevant marketing list or loyalty program. You can opt out of these financial incentives by not joining, or by cancelling your participation in these programs at any time.

Other California Privacy Rights

Pursuant to California Civil Code §1798.83, California residents who provide personal information in obtaining products or services for personal, family, or household use may be entitled to request and obtain information about the information we shared, if any, with other businesses for their own direct marketing uses. If applicable, this information would include the categories of information and the names and addresses of those businesses with which we shared such personal information for the immediately prior calendar year (e.g. requests made in 2022 will receive information about 2021 sharing activities). To obtain this information, please send an email message to privacy@framebridge.com with "Request for California Privacy Information" in the subject line and in the body of your message. We will provide the requested information to you in your email address in response.