Privacy Policy
Effective date: May 3, 2026 · Last updated: May 3, 2026
This Privacy Policy explains what data Franklinn collects, how we use it, who we share it with, and the choices you have. It applies to franklinn.ai and all related Franklinn products.
If you are an end customer messaging a Franklinn user, the business you are messaging is the controller of your messages; Franklinn acts as a processor on their behalf. Please contact that business directly for requests about your messages.
1. Data we collect
| Category | Examples | Source |
|---|---|---|
| Account data | Name, email, company, password hash, plan, billing address | You |
| Payment data | Card token (Stripe), USDT wallet address, transaction hash | Stripe / Fireblocks |
| Connected Channel data | OAuth tokens, channel IDs, phone numbers, webhook secrets for Telegram / WhatsApp / Discord / Instagram / LINE / Slack / Messenger | The third-party platform (with your authorization) |
| Message content | Customer messages and your replies, attachments, translated outputs | Connected Channels |
| Usage data | Feature clicks, API call counts, error logs, device and browser info, approximate location (country/region) | Your browser / SDK |
| AI Copilot queries | Natural-language questions you ask Franklinn about your own data, and the resulting answers | You |
| Support data | Emails, chat transcripts, screenshots you send us | You |
2. How we use data
- Provide the Service — translate messages, deliver them to customers, run Account Shield, power the AI Copilot.
- Bill and collect payments — via Stripe (card) and Fireblocks (USDT).
- Improve the product — aggregate, de-identified usage patterns. We do not use Customer Data to train third-party foundation models.
- Detect abuse and fraud — identify spam patterns, compromised accounts, or activity that threatens platform bans.
- Communicate with you — product updates, security alerts, billing notices. Marketing emails are opt-in and you can unsubscribe at any time.
- Comply with law — respond to lawful requests, enforce our Terms, and protect our rights.
3. Legal bases (GDPR)
If you are in the EU/UK, we rely on the following legal bases:
- Contract — to provide the Service you signed up for.
- Legitimate interests — to operate, secure, and improve the Service; to prevent abuse; to run our business.
- Consent — for marketing emails, optional cookies, and where required by law.
- Legal obligation — for tax, accounting, and regulatory compliance.
4. Sharing
We share data only as described below. We do not sell personal information.
- Sub-processors — infrastructure and service providers acting on our instructions: AWS (hosting, EU/Frankfurt default), Cloudflare (CDN, DDoS), OpenAI and Anthropic (LLM translation and AI Copilot, under enterprise no-train agreements), Stripe (card billing), Fireblocks (crypto custody), MoonPay (fiat on-ramp), Postmark (transactional email), PostHog (product analytics, EU-hosted), Sentry (error tracking).
- Connected Channels — when you send messages through Telegram, WhatsApp, Discord, Instagram, LINE, Slack, or Messenger, the message content is transmitted to those platforms as needed to deliver it.
- Legal requests — we may disclose data to respond to valid legal process (subpoena, court order, government request) or to protect rights, safety, and property.
- Business transfers — if Franklinn is acquired, merged, or reorganized, your data may be transferred to the successor entity, subject to this Policy.
5. International transfers
Franklinn is operated from Singapore and our primary data region is EU (Frankfurt), with optional regions in Singapore and US-East on the Scale plan. When we transfer EU/UK personal data to countries without an adequacy decision, we rely on Standard Contractual Clauses (SCCs) and supplementary measures.
6. Retention
- Message content — retained while your account is active, plus up to 90 days after deletion, then purged. On Scale, custom retention (as low as 24 hours) is available.
- Account and billing data — retained for up to 7 years to meet tax and accounting obligations.
- Logs — rotated within 30 days.
- Free-tier sandbox data — reset every 24 hours.
7. Security
- Encryption in transit (TLS 1.2+) and at rest (AES-256).
- Least-privilege access controls; MFA enforced for internal systems.
- Quarterly access reviews; annual penetration tests.
- SOC 2 Type II audit in progress. Status page at status.franklinn.ai.
No online service is perfectly secure. If you believe your account has been compromised, email security@franklinn.ai.
8. Your rights
Depending on your jurisdiction (GDPR, UK GDPR, CCPA/CPRA, PDPA, LGPD, etc.), you may have the right to:
- Access the personal data we hold about you.
- Correct inaccurate data.
- Delete your data ("right to be forgotten").
- Port your data to another provider.
- Object to or restrict certain processing.
- Withdraw consent at any time (without affecting prior processing).
- Lodge a complaint with your supervisory authority.
To exercise any of these rights, email privacy@franklinn.ai. We will respond within 30 days (or sooner if required by local law).
9. Cookies and tracking
We use essential cookies to keep you logged in and to remember your language preference. We use first-party, privacy-respecting analytics (PostHog, EU-hosted) with IP truncation to understand product usage. We do not use third-party advertising trackers. You can manage cookies via your browser settings; note that disabling essential cookies may break the Service.
10. Children
The Service is not directed at children under 16, and we do not knowingly collect personal data from them. If you believe a child has provided us with data, please contact privacy@franklinn.ai and we will delete it.
11. Changes to this Policy
We may update this Policy from time to time. Material changes will be announced by email or in-app at least 14 days before they take effect.
12. Contact
Data Protection Officer: dpo@franklinn.ai.
General privacy questions: privacy@franklinn.ai.
Postal address: Franklinn, 1 Raffles Place, Singapore.