Privacy Policy

Privacy Policy — FramedRight
Legal

Privacy Policy

Last updated: March 12, 2026

This policy explains what data FramedRight collects, why, and what you can do about it. Reading it fully takes under five minutes.

01

Introduction & Scope

FramedRight (framedright.online) is an independent photography gear review website operated as a sole proprietorship. This policy covers data collected through the website, newsletter, and any comment functionality hosted directly on the site. It does not cover the privacy practices of Amazon, Google Analytics, or any other third-party service linked from this site — those services have their own policies, which this document links to where relevant.

By using this site, you acknowledge that some data collection occurs as part of normal website operation. None of that data is sold to third parties. None of it is used for advertising targeting outside of Amazon’s own affiliate attribution system.

02

What We Collect and How

FramedRight collects information in the following ways:

  • Newsletter signups If you subscribe to the newsletter, we collect your email address. That’s all — no name is required.
  • Comment sections If commenting is enabled on a post, we may collect your name (or pseudonym), email address, and the content of your comment. IP addresses may be logged by the hosting platform.
  • Server logs Standard web server logs record IP addresses, browser type, operating system, referring URL, and pages visited. These logs are retained for up to 30 days and used only for security monitoring and performance analysis.
  • Cookies See Section 4 for a complete breakdown.
  • Amazon affiliate attribution When you click an affiliate link and make a purchase, Amazon’s systems record the transaction for commission purposes. FramedRight receives aggregate sales data — not identifiable personal information — from Amazon’s affiliate dashboard.
03

How We Use That Data

The newsletter email list is used only to send the newsletter. It is not shared with third parties, not used for advertising, and not sold under any circumstances. You can unsubscribe from any email using the link at the bottom of every message.

Server log data is reviewed only when investigating security incidents or diagnosing site errors. Aggregate traffic data from analytics (see Section 6) is used to understand which content is useful and where the site’s technical performance could improve.

Comment data is used to display comments on the site. Email addresses attached to comments are not displayed publicly and are not added to any mailing list.

04

Cookies and Tracking

FramedRight uses the following cookies:

  • Essential cookies Set by the hosting platform for session management and security. These cannot be disabled without breaking site functionality.
  • Analytics cookies If Google Analytics is active on the site (see Section 6), it sets cookies to track page views, session duration, and traffic sources. These are anonymized — IP addresses are truncated and no personally identifiable information is stored by Google Analytics as configured on this site.
  • Amazon affiliate cookies When you click an Amazon affiliate link from this site, Amazon sets its own cookies to track referrals for commission attribution. Amazon’s cookie lasts 24 hours from the click. FramedRight does not control Amazon’s cookie behavior — see Amazon’s privacy policy for details.

You can block or delete cookies through your browser settings. Blocking analytics cookies has no effect on site functionality. Blocking Amazon’s affiliate cookies means FramedRight won’t receive commission on purchases you make, but your purchase experience with Amazon is unaffected.

05

Amazon Associates Disclosure

FramedRight participates in the Amazon Associates program. This means that links to products on Amazon.com — including all product review links, gear recommendation links, and ‘buy on Amazon’ buttons — are affiliate links. When you click one of these links and make a qualifying purchase on Amazon within 24 hours, FramedRight earns a commission, typically between 1% and 8% of the purchase price depending on the product category.

This commission is how the site funds itself. There are no manufacturer sponsorships, no paid placements, and no review units accepted. The affiliate relationship is with Amazon only.

Affiliate links are identified in reviews with a disclosure note. Links to the same products at other retailers (where provided for price comparison) are not affiliate links and earn no commission.

The presence of an affiliate link does not influence the editorial verdict. The Nikon 24-70mm Z-mount review — which we currently recommend over the Sony equivalent — earns us a lower commission on the Nikon than it would on the Sony. The verdict is based on the photographs, not the commission rate.

06

Third-Party Services We Use

FramedRight currently uses or may use the following third-party services:

  • Google Analytics Used to measure traffic, session behavior, and content performance. Data is anonymized and IP addresses are truncated. Google’s privacy policy governs how Analytics data is handled on Google’s servers.
  • Mailchimp or ConvertKit Used to manage the newsletter list and send emails. Your email address is stored on whichever provider is in use. You can request deletion of your record at any time — see Section 9.
  • WordPress.com / Self-hosted WordPress The site’s CMS may log comment data and user sessions as part of standard platform operation.
  • Unsplash Images on this site may be sourced from Unsplash. Unsplash images are embedded as direct URLs — no personal data is shared with Unsplash as a result of page loads.
07

How We Protect Your Data

The site is served over HTTPS. Newsletter lists are stored with providers that maintain SOC 2 Type II compliance. Server access is restricted to the site operator.

No security measure is perfect. In the event of a data breach that affects newsletter subscribers, affected users will be notified by email within 72 hours of discovery.

The only personally identifiable data stored directly by FramedRight is email addresses on the newsletter list. If that list were compromised, the data exposed would be email addresses only — no passwords, no financial information, no browsing history.

08

GDPR Rights for EU Visitors

If you are in the European Union or European Economic Area, you have rights under the General Data Protection Regulation (GDPR):

  • Right to access Request a copy of the personal data FramedRight holds about you.
  • Right to rectification Request correction of inaccurate data.
  • Right to erasure Request deletion of your personal data. For newsletter subscribers, this means removal from the email list and deletion of the subscriber record.
  • Right to restrict processing Request that we limit how your data is used without deleting it.
  • Right to data portability Request your data in a machine-readable format.
  • Right to object Object to data processing based on legitimate interests.

To exercise any of these rights, contact us using the information in the contact box below. We will respond within 30 days. If you believe your rights are being violated, you have the right to lodge a complaint with your national data protection authority.

09

Your Controls and Choices

  • Newsletter Unsubscribe at any time using the link in any email, or contact us to request removal. We will process unsubscribes within 5 business days.
  • Analytics You can opt out of Google Analytics across all sites using Google’s browser opt-out tool, or by using a browser extension that blocks analytics tracking.
  • Cookies Block or delete cookies via your browser’s privacy settings. Instructions vary by browser — search ‘[your browser name] clear cookies’ for current steps.
  • Data deletion requests To request deletion of any personal data we hold, contact us with your request. We will confirm what data exists, delete it, and confirm deletion within 30 days.
10

Children and COPPA Compliance

FramedRight is not directed at children under the age of 13 and does not knowingly collect personal data from children under 13. If you believe a child under 13 has provided personal data through this site, contact us and we will delete it promptly.

For visitors between 13 and 16 in the EU, processing of personal data requires parental consent under GDPR. If this applies to you, please have a parent or guardian contact us before subscribing to the newsletter.

11

How This Policy Changes

When this policy changes materially, the ‘Last updated’ date at the top of the page will change and newsletter subscribers will receive a brief notification in the next issue.

Minor changes — correcting typos, clarifying existing language, adding information about services already in use — will be updated without notification. Material changes — new types of data collection, new third-party services, or new uses of existing data — will be flagged in the newsletter.

The previous version of this policy is not archived publicly, but can be provided on request.

Scroll to Top