← Main site

Privacy Policy

This Privacy Policy describes how FRANK, OOO collects, uses, stores, and protects personal information in connection with our AI-powered financial infrastructure platform and related services.

Section 01

Scope and purpose

This Policy applies to all personal information processed by FRANK, OOO in the course of providing its AI financial infrastructure platform to institutional and business clients, and to individuals who interact with FRANK through its website or APIs.

FRANK operates primarily as a data processor on behalf of business clients (data controllers). Where FRANK independently determines the purposes of processing — such as for platform security, fraud prevention, or product development — FRANK acts as a data controller.

Section 02

Data we collect

Identity and account data

  • Name, job title, and organizational affiliation of authorized users.
  • Business email address and work phone number.
  • Authentication credentials and multi-factor authentication records.

Platform and API usage data

  • API request logs, response times, and error records.
  • Product configuration settings and integration parameters.
  • Audit trail entries recording all actions taken within the platform.

Financial workflow data

  • Transaction records, scoring inputs, and model outputs submitted by clients to FRANK APIs.
  • Reconciliation records, compliance screening results, and generated reports.

FRANK does not independently collect end-customer personal financial data. All financial data processed through FRANK APIs is submitted by institutional clients under their own data governance obligations.

Section 03

How we use data

  • To operate and maintain the FRANK platform and APIs.
  • To authenticate users and enforce access control policies.
  • To produce AI model outputs, reports, and compliance documentation for clients.
  • To detect platform security incidents and unauthorized access.
  • To fulfill legal, regulatory, and contractual obligations.
  • To improve platform reliability, model accuracy, and latency — using anonymized or aggregated signals only.
Section 04

Disclosure to third parties

FRANK does not sell or rent personal data. Limited disclosure occurs only:

  • To vetted cloud infrastructure providers processing data solely on FRANK's instruction under binding data processing agreements.
  • To business clients in their capacity as data controllers, for data associated with their own authorized users.
  • To regulators, courts, or law enforcement where required by applicable law.
  • In connection with a merger, acquisition, or corporate restructuring, provided equivalent protections continue to apply.
Section 05

Retention and deletion

  • Platform access logs and audit trails: retained for the period required by applicable financial regulation or client contractual terms, whichever is longer.
  • Identity and contact data: retained for the duration of the client relationship, plus a reasonable period for legal and accounting purposes.
  • Support correspondence: retained for 3 years from closure.
  • Anonymized model performance data: retained indefinitely.
Section 06

Security

  • Encryption in transit (TLS 1.3) and at rest for all sensitive data.
  • Role-based access controls and least-privilege provisioning.
  • Continuous security monitoring and vulnerability management.
  • Air-gapped deployment available for clients with strict data residency requirements.
Section 07

Your rights

Subject to applicable law, individuals may request access to, correction of, deletion of, or restriction on the processing of their personal data. Where FRANK acts as a processor, requests should be directed to the relevant business client. Where FRANK acts as a controller, submit requests to: dev@frankk.click

Section 08

International transfers

When personal data is transferred across borders, FRANK relies on appropriate legal mechanisms — including standard contractual clauses or equivalent instruments — to ensure adequate protection under applicable data protection law.

Section 09

Children's privacy

The FRANK platform is designed for business use only. It is not directed at individuals under 18. FRANK does not knowingly collect data from minors. Contact dev@frankk.click if you believe such data has been submitted.

Section 10

Policy updates

FRANK may revise this Policy to reflect changes in law, technology, or business practices. Continued use of the platform after material changes constitutes acceptance of the revised Policy.