Forge ("Forge", "we", "us") provides a hosted workspace where a business owner sets up AI agents that draft work (emails, replies, posts, summaries) for the owner's review and approval. This Privacy Policy explains what we collect, how we use it, how we protect it, and the choices you have. It includes a specific section on data accessed through Google APIs.
1. Information we collect
- Account information you provide: username, password (stored only as a salted hash), business name, and an optional contact email.
- Business context you enter: details about your business, brand voice samples, and the instructions and configuration you give each agent.
- Data from services you choose to connect: when you connect a third-party account (for example Google, Shopify, Stripe, or a tool you add with an API key), Forge reads the specific data needed to draft the work you asked for. These connections are optional and initiated by you, and you can disconnect them at any time.
- Operational logs: timestamps, run status, and error information used to operate and debug the service.
2. Google user data
If you connect a Google account, Forge requests only the scopes needed for the agents you enable. Today these may include Google Business Profile management, Gmail (read and, with your explicit per-item approval, send), and Google Calendar events.
- Business Profile: read reviews, posts, and questions so an agent can draft replies and posts for your approval.
- Gmail (read-only): read recent messages so an agent can draft replies or summaries. Forge does not send any email unless you explicitly approve that specific message.
- Calendar: read upcoming events so an agent can prepare reminders and daily briefs.
Limited Use disclosure. Forge's use and transfer of information received from Google APIs to any other app will adhere to the
Google API Services User Data Policy, including the Limited Use requirements. Specifically: we use Google user data only to provide and improve the features you request inside Forge; we do
not use it for advertising; we do
not sell it; we do
not transfer it to others except as necessary to provide the service, to comply with applicable law, or as part of a merger or acquisition with your consent; and we do
not allow humans to read it except where you give consent for specific items, where it is necessary for security or to comply with applicable law, or where the data has been aggregated and anonymised.
3. How we use information
- To generate drafts and briefings for your review, in your business's context and voice.
- To run agents on the schedule or trigger you configure.
- To operate, secure, debug, and improve the service.
Drafts are never sent or posted on your behalf unless you explicitly approve that specific item.
4. How we store and protect data
- Connection tokens and API keys you provide are encrypted at rest.
- Access is restricted to the systems that operate your agents.
- We retain data only as long as needed to provide the service or as required by law.
5. Sharing
We do not sell your data. We share data only with infrastructure and AI processing providers strictly as needed to run the service, and where required by law. The third-party services you connect remain governed by their own terms and privacy policies.
6. Your choices and data deletion
- Disconnect any integration at any time from the Integrations area; this revokes Forge's access to that service.
- Delete your account and associated data by contacting us at the address below. You may also revoke Google access at any time via your Google Account permissions page.
7. Children
Forge is a business tool and is not directed to children under 16.
8. Changes
We may update this policy; material changes will be reflected by the "Last updated" date above.
9. Contact
Questions or data requests: support@forge.christmas