CompFrame ("CompFrame," "we," "us," or "our") provides sales compensation planning tools at compframe.com. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.
By accessing CompFrame, you agree to the practices described here. If you do not agree, please discontinue use of the service.
Account information: When you create an account we collect your email address and a hashed password. We do not collect names, phone numbers, or billing addresses directly.
Plan data: Compensation plans you build — including role, stage, deal type, team size, OTE, and quota figures — are stored in our database linked to your account.
Usage data: We collect page-view events, feature interactions, and session metadata (browser type, device type, referrer URL, rough geolocation by country) to understand how users use the product. This is handled through PostHog, a self-hosted or cloud analytics tool.
Payment information: Payments are processed by Stripe. CompFrame never sees or stores your full card number. Stripe returns a customer ID and subscription status that we store to manage your plan tier.
Communications: If you contact us by email, we retain that correspondence.
We do not sell your personal data. We do not use your compensation plan data to train AI models or share it with third parties for marketing purposes.
Stripe: Payment processing. Data shared: email address, subscription intent. Stripe's privacy policy is at stripe.com/privacy.
PostHog: Product analytics. Data shared: page events, device/browser metadata. No compensation plan content is sent to PostHog. You can opt out via browser-level Do Not Track or by blocking analytics scripts.
Meta (Facebook) Pixel: Advertising attribution. If enabled, Meta receives a hashed email and page-view events for ad conversion tracking. You can opt out via Meta's ad preferences at facebook.com/ads/preferences.
Google Fonts: Font files are loaded from Google's CDN. Google may collect IP addresses as part of that request. See policies.google.com/privacy.
Render / Neon: Infrastructure providers hosting our servers and database in the United States.
We retain your account and plan data for as long as your account is active. If you delete your account, your personal data and plans are purged within 30 days, except where we are required to retain records for tax or legal compliance.
Analytics events (PostHog) are retained for 12 months by default.
Depending on your jurisdiction, you may have the following rights:
To exercise any of these rights, email us at privacy@compframe.com. We will respond within 30 days.
Under the California Consumer Privacy Act, California residents have the right to know what personal information we collect, to request deletion, and to opt out of sale. As noted above, CompFrame does not sell personal information. For requests under CCPA, contact privacy@compframe.com.
If you are in the European Economic Area, our legal bases for processing your data are: (a) performance of our contract with you (account and plan functionality), (b) our legitimate interests (analytics, product improvement), and (c) your consent (marketing emails, if any). You may lodge a complaint with your local data protection authority.
We use industry-standard measures including HTTPS/TLS in transit, bcrypt password hashing, and AES-256-GCM encryption for sensitive stored credentials. No system is perfectly secure, and we cannot guarantee absolute security.
CompFrame is not directed at children under 16. We do not knowingly collect personal information from minors. If you believe a minor has provided us data, contact us and we will delete it.
We may update this Privacy Policy from time to time. We will notify you of material changes by posting an updated policy on this page with a revised "Last updated" date. Continued use of CompFrame after changes constitutes acceptance of the updated policy.
Questions, requests, or concerns about this Privacy Policy: