Privacy Policy

Last updated: 12 March 2026

1. What Frank Does

Frank is an AI-powered feature prioritisation facilitator for product managers. It helps you organise, compare, and reflect on product features using your own reasoning — Frank facilitates, it does not decide for you.

2. Data We Collect

When you use Frank, we collect:

  • Account information: name, email address, and authentication credentials.
  • Feature data: titles, descriptions, evidence, priorities, and rankings you create within Frank.
  • Usage data: interactions with AI features (e.g. pairwise comparisons, enhancement requests) to improve your experience.
  • Third-party integration data: when you connect external tools (e.g. Notion), Frank reads data you explicitly select. See Section 5 for details.

3. How We Use Your Data

Your data is used to:

  • Provide and improve Frank's prioritisation and facilitation features.
  • Generate AI-powered enhancements, summaries, and insights based on your input.
  • Send transactional emails related to your account (e.g. password resets).

We do not sell your data. We do not use your feature data to train AI models.

4. Data Storage & Security

  • Data is stored in a PostgreSQL database hosted on Neon (EU region).
  • All connections use TLS encryption in transit.
  • Third-party OAuth credentials are encrypted at rest using AES-256-GCM.
  • Authentication uses JSON Web Tokens (JWT) with secrets rotated per environment.
  • Error monitoring is provided by Sentry with minimal PII collection.

5. Third-Party Integrations

Frank integrates with external tools to let you import feature data. Currently supported:

Notion

  • Frank uses Notion's official OAuth 2.0 flow. You choose which pages and databases to share.
  • Frank only reads data — it never creates, modifies, or deletes anything in your Notion workspace.
  • Data imported from Notion (titles, descriptions, properties) is stored in Frank's database to power your prioritisation workflow.
  • OAuth access tokens are encrypted at rest (AES-256-GCM) and are only used to fetch data you have selected.
  • You can disconnect Notion at any time from your Frank profile, which revokes access.

6. AI Processing

Frank uses Anthropic's Claude API to provide AI-powered features such as evidence summarisation, Socratic questioning, and signal conflict detection. When you use these features:

  • Relevant feature data (titles, descriptions, evidence) is sent to the Anthropic API for processing.
  • Anthropic does not use API inputs to train their models (per their privacy policy).
  • AI-generated outputs are stored in Frank to power your workflow.

7. Your Rights

You can:

  • Export your data: download your features, rankings, and decision history as CSV.
  • Delete your account: contact us to permanently delete your account and all associated data.
  • Revoke integrations: disconnect third-party tools from your profile at any time.
  • Rollback imports: undo any import to remove imported features and restore your previous state.

8. Cookies

Frank uses essential cookies only: a session cookie for authentication and a CSRF token for security. We do not use tracking or advertising cookies.

9. Changes to This Policy

We may update this policy as Frank evolves. Material changes will be communicated via email or an in-app notification. The "Last updated" date at the top reflects the most recent revision.

10. Contact

Questions about this policy? Reach us at privacy@frank.pm

Terms of Use · Back to Frank