Terms of Service

FrameScope (hereinafter "Service") is a web-based SaaS application for managing client requirements, generating project quotes, planning timelines, and tracking running costs for Shopify projects.

The Service includes:

• Management of client projects, tasks, and requirements
• Generation of quotes, timelines, and cost calculations
• Questionnaire functionality for requirements gathering
• AI-powered semantic search functionality
• Meeting note import via Google Drive/Gemini integration
• API access via the Model Context Protocol (MCP)

Each user account is associated with a single natural person. Sharing of login credentials is not permitted, as this undermines the audit trail and multi-tenant data isolation.

• You are responsible for maintaining the confidentiality of your login credentials.
• You must promptly notify us of any suspected unauthorized access to your account.
• Organization administrators are responsible for appropriately managing member roles.
• You are responsible for the security of your own devices and browsers.

The following activities are prohibited when using the Service:

• Storage of special categories of personal data within the meaning of Art. 9 GDPR (health data, political opinions, biometric data, etc.), as the security measures of the Service are not designed for this level of sensitivity.
• Scraping, automated bulk access, or abusive use of the MCP API and semantic search endpoints.
• Attempts to circumvent multi-tenant data isolation or access data belonging to other organizations.
• Misuse of the embedding function for purposes unrelated to legitimate project management.
• Use of the portal/questionnaire function for unauthorized data collection from individuals without an appropriate legal basis.
• Sharing or joint use of account login credentials.

The provider reserves the right to impose rate limits on API calls, embedding generation, and other resource-intensive operations. You acknowledge that your use of the Service must comply with all applicable laws.

Your data belongs to you:

• All content you upload or create (client records, tasks, costs, questionnaire responses, meeting notes) remains the property of your organization. We receive only a limited license to process this data for the purpose of providing the Service.
• Generated outputs (quotes, timelines, cost calculations) are considered part of your data and belong to you.
• Semantic embeddings (vector representations) are generated solely for your search functionality, are deleted when the source record is deleted, and the provider claims no ownership over them.

Each organization's data is logically isolated at the database level through Row-Level Security (RLS). No cross-organization access is possible during normal operation.

A data export function is available in the application under account settings.

• The provider's liability for intent (Vorsatz) and gross negligence (grobe Fahrlässigkeit) is unlimited (Sections 276, 309 No. 7 BGB).
• Liability for injury to life, body, or health is unlimited (Section 309 No. 7a BGB).
• In cases of ordinary negligence, the provider is liable only for breach of material contractual obligations (Kardinalpflichten). Liability in such cases is limited to foreseeable, typically occurring damage.
• Indirect and consequential damages (including lost profits) are excluded in cases of ordinary negligence.
• Liability is capped at the fees paid by the user in the preceding 12 months.
• The provider is liable for data loss only within the scope of its backup obligations. You are responsible for regularly creating your own backups using the export function.

The provider makes no warranties regarding the accuracy of AI-generated or AI-processed content, including imported Gemini meeting notes and semantic search results. The user is responsible for verifying such content.

The provider delivers the Service on a best-effort basis. No specific availability or uptime is guaranteed. The Service is classified as a service contract (Dienstvertrag) under German law.

The provider reserves the right to temporarily restrict or suspend the Service for scheduled and unscheduled maintenance. Planned maintenance will be announced in advance where possible.

The processing of personal data is governed by our Privacy Policy, available at /privacy.

In the event of a confirmed data breach, affected users will be notified within 72 hours, in accordance with the requirements of Art. 33 GDPR.

Business customers who require a Data Processing Agreement (Auftragsverarbeitungsvertrag) pursuant to Art. 28 GDPR should contact us at the email address provided in the Privacy Policy. A standardized DPA will be made available.

The Service uses the following third-party services, which you acknowledge by using the Service:

• OpenAI: Text content (task names, descriptions, comments, questionnaire responses) is transmitted to the OpenAI API for generating embedding vectors. Data sent via the API is not used by OpenAI for model training.
• Google Drive/Gemini: Importing meeting notes brings AI-generated content (Gemini summaries) into the platform. The user is responsible for verifying the accuracy of imported content.
• MCP integration: AI-assisted operations (creating, updating, deleting clients and tasks) are initiated by the user through AI tools. The user remains responsible for the outcomes.

The provider commits to notifying users about new sub-processors with a 30-day objection period.

• The user may terminate and delete their account at any time.
• The provider is entitled to suspend or terminate accounts in case of violations of these Terms of Service.
• After termination, the user has a 30-day period to export their data using the export function.
• Deleted records are initially marked as deleted (soft delete) and can be restored within 30 days.
• After the restoration period expires, data is permanently and irrecoverably deleted.

The provider implements appropriate technical and organizational measures to protect your data:

• Encryption of all data in transit via HTTPS/TLS
• Encryption of sensitive data at rest using Supabase Vault
• Row-Level Security (RLS) for multi-tenant data isolation
• Role-based access control within organizations
• Notification of confirmed security incidents within 72 hours

These Terms of Service are governed by the laws of the Federal Republic of Germany, excluding the UN Convention on Contracts for the International Sale of Goods (CISG). The place of jurisdiction for all disputes arising from or in connection with these Terms of Service is, to the extent permitted by law, the registered office of the provider.

The provider reserves the right to amend these Terms of Service with reasonable advance notice. Material changes will be communicated via email or through a notification within the application. Continued use of the Service after the changes take effect constitutes acceptance.

All prices are stated in euros (EUR) and are exclusive of applicable value-added tax (VAT), which will be added where required by law.

• Subscriptions are billed monthly in advance. The billing cycle begins on the date of the initial subscription.
• Subscriptions renew automatically at the end of each billing period unless cancelled before the renewal date.
• Payments are processed by Stripe, Inc. Accepted payment methods include credit card and SEPA direct debit, subject to availability.
• Failed payments will be retried in accordance with Stripe's retry schedule. If payment cannot be collected after all retry attempts, the subscription may be suspended.

• Upgrades take effect immediately. The price difference for the remainder of the current billing period is prorated and charged at the time of the upgrade.
• Downgrades take effect at the end of the current billing period. You retain access to the higher-tier features until the period expires.

• You may cancel your subscription at any time via the account settings. Cancellation takes effect at the end of the current billing period.
• After cancellation, you retain access to paid features until the end of the already-paid billing period.
• No partial refunds are issued for unused time within a billing period.
• The provider reserves the right to issue refunds at its own discretion in exceptional circumstances.

• New organizations are eligible for a 14-day free trial of the Pro plan. No payment method is required to start the trial.
• At the end of the trial period, the organization is automatically downgraded to the Free plan unless a paid subscription has been activated.
• The provider reserves the right to modify or discontinue the free trial offer at any time.