Frame

Security at Frame

Your financial data is sensitive. We treat it that way. Here's how we keep your information protected.

Encryption

AES-256 encryption at rest

All documents and sensitive data are encrypted using AES-256, the same encryption standard used by banks and government agencies. Your files are unreadable without the proper decryption keys.

TLS 1.3 in transit

Every connection to Frame uses TLS 1.3, the latest transport layer security protocol. Your data is encrypted from the moment it leaves your device until it reaches our servers.

Short-lived access links

When you upload or download files, we generate temporary signed URLs that expire within minutes. There are no permanent links to your documents—each access requires fresh authentication.

Secure Storage

AWS infrastructure

Your documents are stored on Amazon Web Services (AWS) S3, which provides 99.999999999% durability. AWS maintains SOC 2 Type II, ISO 27001, and numerous other security certifications.

No long-lived credentials

Files are uploaded directly to secure storage using temporary credentials that expire quickly. Your documents never pass through intermediate servers where they could be exposed.

Access Control

Only your planning team

Your data is accessible only to you and your dedicated team of advisors. We don't share your information with third parties, and we never sell your data.

Read-only account connections

When you connect financial accounts through Plaid, we only request read-only access. We can see your transactions and balances, but we can never move money or make changes to your accounts.

Multi-tenant isolation

Your data is logically separated from other clients at every layer of our system. Strict access controls ensure that only authorized users can view your information.

Your Rights

Delete your data anytime

You can request complete deletion of all your data at any time, no questions asked. We'll permanently remove your documents, account connections, and personal information.

Full transparency

You can always see what data we have about you. Export your information, review your uploaded documents, and see exactly what accounts are connected.

We use industry-leading partners who maintain SOC 2 Type II compliance, including Plaid for account connections and eMoney for financial planning. For questions about our security practices, contact us at security@getframe.com