Legal · 02
Privacy Policy
- Version
- 1.0 — Founding Edition
- Effective
- 26 June 2026
- Last Updated
- 26 June 2026
- Reading
- 2 min
1. Who We Are
1×1 FRAME ("we", "us") is the data controller for personal data processed through the Platform. We are based in Czechia. For any privacy matter you may contact privacy@1x1frame.com.
2. Data We Collect
We collect data you provide directly (account details, profile information, films, reviews, payment details processed by Stripe), data we generate (submission status, jury notes, award assignments), and a minimal set of technical data (IP address, device, browser, basic event logs) required to operate the Platform securely.
We do not display public view counts and we do not sell personal data.
3. How We Use Your Data
We process personal data to: operate your account; deliver films, reviews, festival submissions, and awards; process payments; send transactional emails (registration, submission status, festival outcomes, payment receipts); moderate content; prevent fraud and abuse; and comply with legal obligations.
4. Legal Bases
We rely on the following legal bases under the GDPR: performance of a contract (operating your account, processing payments); legitimate interests (security, fraud prevention, product analytics in aggregate); consent (optional marketing, where applicable); and legal obligations (tax, accounting, responding to lawful requests).
5. Sharing
We share personal data with vetted processors strictly to operate the Platform: Stripe (payments), Lovable Cloud / Supabase (hosting, database, storage, authentication), and our transactional email provider. These processors act under written agreements and may process data outside the European Economic Area only under appropriate safeguards (Standard Contractual Clauses).
6. Retention
We keep account data while your account is active and for a reasonable period afterwards to satisfy legal, accounting, and dispute-resolution requirements. Films and editorial credits accepted into the permanent archive may be retained indefinitely, as described in the Creator Submission & Licensing Agreement. Payment records are retained for the period required by Czech tax law.
7. Your Rights
If you are in the European Economic Area, the United Kingdom, or another jurisdiction with similar laws, you have rights to: access your data; rectify inaccurate data; request erasure; restrict or object to certain processing; data portability; and lodge a complaint with a supervisory authority. To exercise any right, write to privacy@1x1frame.com. We respond within thirty (30) days.
8. Cookies
We use a minimal set of cookies and equivalent local-storage entries: a session cookie for authentication, a small set of preferences, and Stripe's cookies on payment pages. We do not use third-party advertising cookies.
9. Security
We use industry-standard safeguards including encryption in transit, role-based access controls, row-level security in the database, and signed URLs for private video access. No system is perfectly secure; we will notify you and the relevant authority of any qualifying personal data breach without undue delay.
10. Children
The Platform is not intended for children under sixteen (16). We do not knowingly collect personal data from children. If you believe a child has provided us personal data, contact privacy@1x1frame.com and we will delete it.
11. Changes
We will announce material changes to this Policy via email and the Platform at least thirty (30) days before they take effect.
Contact
1×1 FRAME
- legal@1x1frame.com (placeholder)
- privacy@1x1frame.com (placeholder)
- Website: https://1x1frame.com (placeholder)
Version History
- Effective 26 June 2026
Version 1.0 — Founding Edition
Initial publication.