← Back to Frametap

Privacy policy

This page explains what personal data Frametap (a product of djump.io, a Lithuanian software studio based in Klaipėda) collects from visitors to frametap.eu, how we use it, and the rights you have under the EU General Data Protection Regulation (GDPR, Regulation 2016/679).

Frametap is currently in pre-launch. The only personal data we collect today is the information you voluntarily submit via the waitlist form. The product itself (the mobile measurement app) is not yet available and is not addressed by this policy.

1. Who we are

Data controller: djump.io, Klaipėda, Lithuania. Contact: start@djump.io.

We are a single-team studio. No external sales or marketing partners have access to your data.

2. What we collect

When you join the waitlist, we collect only the data you give us:

• Required: email address.
• Optional: name, company name, role, country, team size, and a free-text answer about your current tooling.

We also receive limited technical information when your browser connects to the site: IP address (used only for short-term rate limiting and discarded within 1 hour), language preference (used to pick a default locale), and standard request headers logged by our hosting provider (Vercel). We do not set marketing cookies.

3. Why we collect it

• To contact you about Frametap. Specifically: launch announcements, early-bird pricing codes, and pilot programme invitations.
• To prioritise development. The "country", "team size" and "current tool" fields help us decide which language and which material (PVC / wood / aluminium) to ship first.
• To prevent abuse. IP-based rate limiting on the waitlist form.

Legal basis under GDPR: Article 6(1)(a) — your explicit consent, given by submitting the form. You may withdraw consent at any time (see Section 6).

4. Who we share it with

Your data is processed by the following sub-processors. Each is GDPR-compliant and has signed an appropriate data-processing agreement:

• Resend (Resend Inc., Delaware, USA — operating EU-region endpoints under Standard Contractual Clauses) — to deliver the email containing your waitlist submission to start@djump.io. Resend privacy policy.
• Vercel (Vercel Inc., USA — operating Frankfurt edge region for EU traffic) — hosts the website and the waitlist API endpoint. Vercel privacy policy.

We do not share data with advertising networks, marketing platforms, analytics vendors that fingerprint visitors, or any third party not listed above.

5. How long we keep it

Waitlist submissions are retained until the earlier of: (a) you ask us to delete them, or (b) 24 months after Frametap publicly launches. After that, the data is permanently erased. Rate-limit IP logs are discarded within 1 hour.

6. Your rights (GDPR Articles 15–22)

As an EU/EEA resident you have the right to:

• Access the personal data we hold about you.
• Rectify data that is incorrect.
• Erase your data ("right to be forgotten").
• Restrict or object to processing.
• Port your data to another provider in a structured format.
• Withdraw consent at any time. Withdrawal does not affect processing that occurred before withdrawal.
• Lodge a complaint with a supervisory authority. In Lithuania this is the State Data Protection Inspectorate (VDAI).

To exercise any of these rights, email start@djump.io with the subject line "GDPR request". We respond within 30 days.

7. GDPR / Data Processing Addendum (DPA) for B2B customers

When Frametap launches as a paid product, paying customers (window manufacturers using Frametap to process end-customer data) will sign a separate Data Processing Agreement with djump.io that designates Frametap as a processor under GDPR Article 28. The DPA will cover:

• Sub-processor list (Frankfurt-hosted production database, Resend for transactional email, Stripe or Paddle for payments).
• Standard Contractual Clauses for any data transfer outside the EEA.
• Encryption at rest (AES-256) and in transit (TLS 1.3).
• Breach-notification commitment (72 hours).
• Right-to-audit and termination clauses.

A draft DPA will be made available alongside the MVP launch in Q4 2026. Email start@djump.io if you need a copy earlier for procurement review.

8. International transfers

All Frametap waitlist data is stored on EU infrastructure (Frankfurt region). Where a sub-processor (Resend, Vercel) is headquartered in the United States, transfers happen exclusively under the EU-US Data Privacy Framework or Standard Contractual Clauses approved by the European Commission.

9. Changes to this policy

If we materially change how we use your data, we will send an email notice to everyone on the waitlist at least 14 days before the change takes effect. The version history of this document is committed publicly on our development repository.

10. Contact

Questions, complaints, or GDPR requests: start@djump.io.

---

v1.0 EFFECTIVE 2026-05-15 GDPR · ART 13