Back to Home

Privacy Policy

Last updated: March 1, 2026

Frntl Inc. ("we", "us", "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share your information when you use the Frntl platform ("the Service"). By using the Service, you agree to the practices described in this policy.

1. Data We Collect

Account Information

When you create an account, we collect your email address, name, and profile information provided through Google OAuth.

Usage Data

We collect information about how you interact with the Service, including pages visited, features used, timestamps, and device information (browser type, operating system).

Content You Create

We store the content you create, including voice memos, notes, ideas, generated drafts, and published posts. This data is essential for the Service to function.

Connected Service Data

When you connect third-party services, we access data as authorized by you:

  • Gmail: Email content for processing and drafting responses
  • Google Calendar: Calendar events for scheduling and context
  • Notion: Notes and documents for knowledge base integration

2. How We Use Your Data

  • Provide the Service: Process your ideas, generate content, manage email, and synchronize calendars.
  • AI Processing: Send your content to our AI provider (Anthropic/Claude) for content generation, voice matching, and research assistance.
  • Analytics: Understand usage patterns to improve the Service. We use Vercel Analytics for aggregated, anonymous usage data.
  • Support: Respond to your inquiries and troubleshoot issues.
  • Security: Detect and prevent fraud, abuse, and unauthorized access.
  • Communication: Send service-related notifications, updates, and billing information.

3. Third-Party Services

We use the following third-party services to operate the platform:

  • Supabase: Database hosting and authentication. Your data is stored in Supabase-managed PostgreSQL with row-level security.
  • Anthropic (Claude): AI processing for content generation and analysis. Content is sent to Claude for processing and is subject to Anthropic's privacy policy.
  • Stripe: Payment processing. We do not store your credit card information directly. Stripe handles all payment data subject to their PCI-compliant practices.
  • Google APIs: Gmail and Calendar access, authenticated via OAuth 2.0. We only access data within the scopes you authorize.
  • Notion API: Note and document access, authenticated via OAuth or API key.
  • Vercel: Application hosting and analytics. Vercel processes request data as part of serving the application.

4. Data Storage and Security

  • Encryption at rest: All stored credentials (OAuth tokens, API keys) are encrypted using AES-256-GCM before being written to the database.
  • Encryption in transit: All communications between your browser, our servers, and third-party services use HTTPS/TLS encryption.
  • Row-level security: Database access is restricted so that users can only read and modify their own data.
  • Infrastructure: Our database is hosted on Supabase with data centers in the United States.
  • Access controls: Server-side decryption only. Sensitive credentials are never sent to the client.
  • Rate limiting: API endpoints are rate-limited to prevent abuse.
  • Security headers: We implement Content Security Policy and other security headers to protect against common web vulnerabilities.

5. Data Sharing

We do not sell your personal data. We only share data in the following circumstances:

  • Service providers: With the third-party services listed above, only as necessary to provide the Service.
  • Legal requirements: If required by law, regulation, legal process, or governmental request.
  • Safety: To protect the rights, property, or safety of Frntl Inc., our users, or the public.
  • Business transfers: In connection with a merger, acquisition, or sale of assets, with advance notice to affected users.

6. Your Rights

You have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your account and associated data.
  • Data export: Download your data in CSV format through your account settings.
  • Right to object: Object to certain processing activities, including direct marketing.
  • Withdraw consent: Withdraw consent for data processing at any time by disconnecting services or deleting your account.

To exercise any of these rights, contact us at privacy@frntl.app. We will respond within 30 days.

7. Data Retention

  • Account data is retained for as long as your account is active and your subscription is current.
  • Upon account deletion, all personal data is permanently deleted within 30 days.
  • Usage logs and analytics data may be retained in anonymized form for up to 12 months.
  • Billing records may be retained as required by tax and accounting regulations.

8. Cookies

We use a limited number of cookies to operate the Service:

  • Authentication cookies (Supabase): Essential session cookies that keep you logged in. These are strictly necessary for the Service to function.
  • Analytics cookies (Vercel): Anonymous, aggregated analytics to understand usage patterns and improve the Service.
  • No third-party tracking cookies: We do not use advertising cookies or third-party tracking pixels.

9. GDPR Compliance

We comply with the General Data Protection Regulation (GDPR) for users in the European Economic Area (EEA). Our legal bases for processing your data are:

  • Consent: You provide explicit consent when connecting third-party services and creating your account.
  • Legitimate interest: We process data as necessary to provide, secure, and improve the Service.
  • Contractual necessity: Processing required to fulfill our obligations under the Terms of Service.

If you are located in the EEA and wish to exercise your rights under GDPR, contact us at privacy@frntl.app.

10. Children's Privacy

The Service is not directed to children under 18. We do not knowingly collect personal data from children. If we learn that we have collected data from a child, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will provide at least 30 days notice of material changes by email. Your continued use of the Service after the effective date constitutes your acceptance of the updated policy. The "Last updated" date at the top of this page indicates the most recent revision.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, contact us at privacy@frntl.app.