§1. Introduction

1 This Privacy Policy explains how Safe Frame Technologies FZCO ("Safe Frame", "we", "our", "us") collects, uses, and protects your personal information when you use our services, including the Safe Frame Pro platform, the My Safe Frame mobile app, and related websites (mysafeframe.com, safeframe.app, and associated domains).

2 We are committed to protecting your privacy and processing personal data in compliance with the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act (CCPA), the Brazilian LGPD, and other applicable international privacy laws.

3. By using our services, you agree to the terms of this Privacy Policy.

§2. Data We Collect

1. We collect only the data necessary to provide and improve our services. Depending on your role (photographer or client), this may include:

2. For photographers (Safe Frame Pro users):

• Account data (name, email, business name, address, password)

• Billing and payment details (processed by Stripe or equivalent)

• Uploaded content (photos, metadata, gallery names)

• Communication with clients via Safe Frame

3. For photography clients (My Safe Frame app users):

• Access credentials to assigned galleries

• Device and technical information (browser type, OS, IP address, log files)

• Actions in the app (favorites, comments, photo selections)

4. We do not knowingly collect data from children under the age of 16 without verifiable parental consent.

§3. Purpose of Data Processing

1. We use collected data to:

• Provide and maintain our services (gallery hosting, photo viewing, account management)

• Process payments and manage subscriptions

• Communicate service updates or respond to customer requests

• Ensure data security and prevent fraud

• Improve user experience and app performance

• Send optional marketing updates or newsletters (only with consent)

§4. Newsletter and Marketing Communication

1. If you subscribe to our newsletter, we may send you emails about new features, offers or educational materials related to Safe Frame.

2. You can unsubscribe at any time by clicking the "unsubscribe" link in any email or by contacting us at info@mysafeframe.com.

3. We use secure and GDPR-compliant email marketing tools (e.g., MailerLite, ActiveCampaign or equivalent).

§5. Data Storage and Servers

1. All user data – including personal information, photos and metadata – is securely stored on Amazon Web Services (AWS) servers located in Frankfurt, Germany (EU region).

2. This region was chosen to ensure the highest level of security, privacy and compliance with GDPR and other international data protection laws.

3. Safe Frame applies industry-standard security measures, including encryption at rest (AES-256), encryption in transit (TLS/SSL), and continuous monitoring of integrity and access.

4. User data outside the EU and the UK may be processed in the EU region in accordance with Standard Contractual Clauses (SCCs) approved by the European Commission, ensuring an equivalent level of protection as in the EU.

5. Safe Frame may also use CDNs (e.g., Cloudflare, Google Cloud) solely to improve performance.

6. These entities do not store data permanently and are required to comply with GDPR-like standards.

7. Backups are created automatically in data centers within the EU and are deleted after the retention period or account deletion.

8. Safe Frame does not store user data outside the European Union without appropriate legal safeguards (SCCs or adequacy decisions).

§6. Legal Basis for Processing

1. We process personal data based on:

• Contract – to provide services

• Legal obligations – e.g., tax and accounting requirements

• Legitimate interests – e.g., fraud prevention, security

• Consent – for marketing communications

§7. Data Retention

1. We retain personal data only for the period necessary to provide services or required by law.

2. After account deletion or subscription expiry, data – including photos and backups – is permanently deleted from our servers within 30 days.

3. Photographers are responsible for creating their own backups before ending cooperation or deleting the account.

§8. Data Sharing

1. Data may be shared only with trusted partners and only as needed to provide services:

• Payment processors (e.g., Stripe)

• IT infrastructure providers (e.g., AWS, Cloudflare)

• Marketing and analytics tools (e.g., Google Analytics, Trackdesk)

• Legal and regulatory authorities – only when required by law

2. We never sell or rent user data.

§9. User Rights

1. Every user has the right to:

• Access their data

• Rectification or deletion

• Withdraw consent at any time

• Object to processing

• Data portability

• Lodge a complaint with a supervisory authority

2. Requests should be sent to: info@mysafeframe.com. We respond within 30 days.

§10. Cookies and Tracking

1. We use cookies and similar technologies to improve website performance and user experience. See our Cookie Policy on mysafeframe.com for more information.

§11. Data Protection for Minors

1. Our services are intended for photographers and their clients.

2. We do not knowingly collect data from children under 16 without explicit parental consent.

3. If you believe a child’s data was processed without consent, contact us: info@mysafeframe.com.

§12. International Data Protection Compliance

1. Safe Frame operates globally and complies with major data protection laws, including:

• GDPR (EU/UK) – General Data Protection Regulation

• CCPA/CPRA (USA) – California Consumer Privacy Act

• LGPD (Brazil) – Lei Geral de Proteção de Dados

• PDPB (India) – Personal Data Protection Bill

2. Where required, Safe Frame appoints local data protection representatives.

§13. Updates to This Policy

The Privacy Policy may be periodically updated to reflect legal or technical changes.

The current version is always available on mysafeframe.com and safeframe.app.

§14. Contact

Safe Frame Technologies FZCO

IFZA Business Park, DDP, PO Box 342001, Dubai, United Arab Emirates

info@mysafeframe.com