Security

Every day, thousands of people design, prototype and share projects made in Framer. Your work is valuable, and we strive to ensure that your privacy and data are never compromised. Here are some of the measures we have in place.

Data privacy and management

Complete control over who can access your projects

We manage project storage and sharing via Framer Cloud. To share a link to your project, you must first upload it to your personal Cloud dashboard. By default, anyone you share that link with will have access to your project. You can change these settings to dial down on security levels, including limiting access to just your team or by sending personal invitations. You can also manage the project description for your prototype and restrict or allow downloads of your Framer project file.

Direct file access is protected by the following measures:

Framer Cloud is hosted and managed within Amazon Web Services (AWS) secure data centers. These data centers have been accredited under:

Data storage and servers

Framer services and data are hosted in Amazon Web Services (AWS) facilities. All of our servers live within our own virtual private clouds (VPCs) with rules that prevent unauthorized requests from entering our network. Only a handful of people can access the data and they only do so in order to improve the services we provide. We monitor and audit our usage logs.

Acknowledgements of Third Party services

We use third parties to store user data in order to provide/improve our services:

DDoS mitigation

We use a combination of AWS services such as autoscaling, AWS CloudFront, AWS Shield and Amazon Route53 to implement a proactive and in-depth defense strategy to thwart DDoS attacks.

Payment / Credit Cards

Framer does not store any of your credit card information on our servers. All payment processing is handled by Paddle.

Replication and Disaster Recovery

Framer is fully equipped with real-time replication and automated failover. Services are distributed across servers in multiple AWS availability zones. These zones are hosted in physically separate data centers, protecting services against single data center failures. All non-transient data is backed up on AWS S3 (which has multiple levels of redundancy). In the event of an application-wide disaster, Framer can recover data from these backups.

Communications

We use HTTPS for all resources, including all requests via our public website, application and emails.

Encrypted Transmission

We use SSL (TLS) for data transmissions, ensuring data privacy and integrity. Our endpoints support TLS 1.2 or higher, protecting against unauthorized disclosure, modification, and replay attacks. Our API and application endpoints are TLS/SSL-only and score an “A” rating on Qualys SSL Labs‘ tests.

Single Sign-On (SSO)

Our Framer Enterprise feature offers single sign-on compatibility, which allows teams to have seamless access to Framer Cloud while still enforcing company security requirements through authentication rules. We also offer an additional security admin setting to limit the sharing of prototypes within an SSO organization. SSO is supported over any provider that supports SAML 2.0. Please contact our sales team for more information.

Compliance

The environment that hosts the Framer services maintains multiple certifications for its data centers, including ISO 27001 compliance, PCI Certification, and SOC reports. For more information about their certification and compliance, please visit the AWS Security website and the AWS Compliance website.

You can find out more about our policies in our Terms of Service, Privacy Policy and End User License Agreement. If you have any questions about security at framer, please contact our Customer Support team.

General Data Protection Regulation (GDPR)

As a company, Framer has always had solid security and privacy practices in place, allowing us to meet the high standard of the new European data protection law known as GDPR. That having been said, we are constantly working to ensure that we give all you more control over your own personal data.

Reporting Security Problems to Framer

We review all security reports within one business day. If you run into a security issue or vulnerability, please contact us immediately at security@framer.com.

Start your free 14‑day trial.

Enter your email and we‘ll send you a download link for later.

We recently introduced Frames and Shapes, so some information in these videos may be outdated. To learn more visit our Help Center.