Privacy Policy
Who we are
Frank is operated by Mighty Startup Adventures Ltd, a company registered in England and Wales (company number 14264229). Our registered address is 7 Bell Yard, London, WC2A 2JR. We are the data controller for the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Frank is a tool for couples who want to understand their sexual compatibility. By its nature, it collects sensitive personal data. We take that seriously. This policy explains what we collect, why, and how we protect it.
What we collect
When you create an account, we collect:
- Your email address (for authentication)
- Your partner code (to link you with your partner)
During the assessment, your responses are temporarily stored so you can complete it across sessions. Once you finish the assessment, your individual question-level responses are permanently deleted. Only your computed profile is retained: aggregate scores across dimensions like attachment, desire, power, novelty, and communication.
To be clear: we do not retain your answers to individual questions. The raw data, including how you rated specific sexual activities, is processed into summary scores and then immediately and permanently deleted. If someone were to access our database, they would find psychological dimension scores, not your responses to individual questions.
How we use your data
Your data is used for one purpose: to generate your individual profile and, if you link with a partner, to compute your overlap. That is it.
We do not sell your data. We do not share your data with advertisers. We do not use your data for marketing beyond our own service. We do not build advertising profiles from your sexual preferences.
AI-generated insights
Frank uses the Claude API (by Anthropic) to generate personalised narrative insights about your profile and your overlap with your partner. When this happens, your profile data (scores and dimensions, not raw answers) is sent to the Anthropic API to generate text. Anthropic does not store or train on data sent through their API. The generated text is cached in our database so it only needs to be generated once.
Your partner cannot see your raw data
This is a core design principle. Your individual assessment responses are never shown to your partner. The overlap computation happens on our server. Your partner only sees the areas where you both expressed interest, never your individual answers to specific questions.
Data storage and security
Your data is stored in Google Cloud Firestore, hosted in secure Google Cloud data centres. Access is authenticated via Firebase Authentication. All data in transit is encrypted via HTTPS/TLS. Our API server runs on Vercel with automatic SSL.
Access to the database is restricted to authenticated server-side operations. Client applications cannot read or write to the database directly.
Data minimisation
We follow a principle of data minimisation. We only store what is necessary for the service to function. Raw assessment responses are deleted immediately after your profile is computed. We do not retain data we do not need.
Data retention and deletion
Your computed profile and account data are retained for as long as you have an account. You can delete your account and all associated data at any time from the Settings tab within the app. Deletion is immediate and permanent. It removes your profile, your partner link, any generated insights, and your authentication credentials. You can also email us at hello@getfrank.love if you prefer.
Legal basis for processing
We process your data on the basis of contractual necessity (providing the service you signed up for) and your explicit consent (for the collection of special category data relating to sexual preferences, given during account creation). You may withdraw consent at any time by deleting your account.
Cookies and local storage
Frank uses Firebase Authentication, which stores authentication tokens in your browser's local storage. These are strictly necessary for the service to function. We do not use tracking cookies, analytics cookies, advertising cookies, or any third-party cookies. Because we only use strictly necessary storage, no cookie consent banner is required under UK GDPR and the Privacy and Electronic Communications Regulations (PECR).
Age requirement
Frank is intended for adults aged 18 and over. We do not knowingly collect data from anyone under 18. Users must confirm they are 18 or older before creating an account.
Changes to this policy
If we make material changes to this policy, we will update the date at the top of this page. We encourage you to review this policy periodically.
Your rights
Under UK GDPR, you have the right to access, rectify, or erase your personal data, restrict or object to its processing, and request data portability. You also have the right to withdraw consent at any time and to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk. To exercise any of these rights, contact us at hello@getfrank.love.
Contact
If you have questions about this policy or your data, contact Mighty Startup Adventures Ltd at hello@getfrank.love.