Forgeable

Last updated: December 5, 2025

Privacy Policy

1. Introduction

This Privacy Policy explains how Forgeable ApS ("Forgeable", "we", "us", or "our") collects, uses, stores, and protects your personal data when you use the Forgeable platform and services ("Service").

We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Data Controller: Forgeable ApS, Denmark. Contact: legal@forgeable.ai

2. Data We Collect

Account Information

When you create an account, we collect:

  • Email address — used for login, verification, and communication
  • Username — your chosen identifier on the platform
  • Display name — your public name shown to others
  • Password — stored only as a secure hash, never in plain text
  • Profile avatar — optional profile image you upload

Content You Provide

When you use the Service, we collect content you create and submit:

  • Projects and Tasks — prompt configurations, names, and descriptions
  • Prompts and Templates — system prompts, user prompt templates, and input/output schemas
  • Execution Data — inputs you provide and outputs generated by AI models
  • Uploaded Files — images and documents you upload for AI processing
  • Feedback — ratings and comments you provide on executions

Technical Information

We automatically collect certain technical information:

  • IP Address — used temporarily for security and rate limiting (not permanently stored)
  • Browser Information — User-Agent header for compatibility
  • Session Data — temporary session identifiers for authentication

Usage Information

We collect information about how you use the Service:

  • Execution History — records of AI task executions including timestamps, duration, and token usage
  • API Usage — API key usage patterns and rate limit data
  • Login Activity — timestamps of account access for security purposes

3. How We Use Your Data

To Provide the Service

  • Process your prompts and execute AI tasks
  • Store and manage your projects, tasks, and execution history
  • Authenticate your identity and maintain account security
  • Send transactional emails (verification, password resets, security alerts)

To Improve the Service

  • Train and improve AI models and algorithms (see Section 5)
  • Analyze usage patterns to enhance features and performance
  • Generate and publish aggregated, anonymized statistics about Service usage

For Security and Compliance

  • Detect and prevent fraud, abuse, and security threats
  • Enforce our Terms of Service and Acceptable Use Policy
  • Comply with legal obligations

For Communication

  • Send service-related announcements and updates
  • Send marketing communications (only with your consent)
  • Respond to your inquiries and support requests

4. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

  • Contract Performance — Processing necessary to provide the Service you requested (account management, task execution, storing your content)
  • Legitimate Interests — Processing for our legitimate business interests (security, fraud prevention, service improvement) where these do not override your rights
  • Consent — Processing based on your explicit consent (marketing communications, AI training opt-in, newsletter subscription)
  • Legal Obligation — Processing required to comply with applicable laws

5. AI Training and Your Content

Your content, including prompts, inputs, outputs, and feedback, may be used to train, improve, and develop AI models operated by Forgeable.

What This Means

  • We may use your execution data to improve our prompt optimization algorithms
  • Aggregated and anonymized usage patterns help us enhance the Service
  • Individual executions may be reviewed to improve AI quality
  • We may retain anonymized or de-identified data for longer periods for research and improvement purposes

Your Control

You can mark individual executions to be excluded from training data. Contact us at legal@forgeable.ai if you wish to opt out of AI training entirely.

Important Limitation

Once data has been used to train AI models, it becomes embedded in the model and cannot be fully removed. Deletion requests apply to your stored data, not to information already incorporated into model training.

6. Data Sharing and Third Parties

Third-Party AI Providers

To execute AI tasks, your prompts and inputs are sent to third-party AI providers:

  • OpenAI — for GPT model access
  • Groq — for alternative model access

These providers process your content according to their own privacy policies. We recommend reviewing their policies to understand how they handle data.

Email Service Provider

We use Postmark to send transactional emails. They receive your email address and email content solely for delivery purposes.

We Do Not Sell Your Data

Forgeable does not sell, rent, or trade your personal data to third parties for their marketing purposes. We also do not:

  • Share your data with advertising networks
  • Use third-party analytics or tracking services
  • Embed social media tracking pixels
  • Allow third parties to collect your data for targeted advertising

Legal Disclosure

We may disclose your data if required by law, court order, or to protect our legal rights, or in connection with a merger, acquisition, or sale of assets.

7. Data Retention

We retain your data for as long as necessary to provide the Service and fulfill the purposes described in this policy.

Retention Periods

  • Account Data — retained until you delete your account
  • Projects and Tasks — retained until you delete them or your account
  • Execution History — retained until you delete them or your account
  • Uploaded Files — retained until you delete them or your account
  • Session Data — automatically deleted after 24 hours
  • Rate Limiting Data — automatically deleted after 1 hour

After Account Deletion

When you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it for legal, regulatory, or legitimate business purposes.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, misuse, or alteration.

Technical Measures

  • Data encrypted in transit and at rest
  • Passwords stored securely using industry-standard hashing
  • API keys stored securely with only partial identifiers displayed
  • Secure session management
  • Protection against common security threats

Organizational Measures

  • Access to personal data limited to authorized personnel on a need-to-know basis
  • Regular security reviews and updates
  • Secure development practices

Security Incidents

In the event of a security incident that affects your personal data, we will notify affected users and relevant authorities as required by applicable law.

While we strive to protect your data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

9. Your Rights

Under GDPR and other applicable laws, you have the following rights regarding your personal data:

Access

You have the right to request a copy of the personal data we hold about you.

Rectification

You have the right to correct inaccurate personal data. You can update most information directly in your account settings.

Erasure ("Right to be Forgotten")

You have the right to request deletion of your personal data. You can delete your account by contacting us at legal@forgeable.ai.

Data Portability

You have the right to receive your data in a structured, commonly used format.

Restriction of Processing

You have the right to request that we limit how we use your data in certain circumstances.

Objection

You have the right to object to processing based on legitimate interests, including for direct marketing purposes.

Withdraw Consent

Where processing is based on consent, you have the right to withdraw consent at any time.

Exercising Your Rights

To exercise any of these rights, contact us at legal@forgeable.ai. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

10. Cookies and Tracking

Essential Cookies Only

We use only essential cookies required for the Service to function:

  • Session Cookie — maintains your authenticated session (HTTP-only, secure, 24-hour expiration)

What We Don't Use

  • No advertising or marketing cookies
  • No third-party analytics cookies (no Google Analytics)
  • No social media tracking pixels
  • No browser fingerprinting
  • No cross-site tracking

Do Not Track Signals

Because we do not use tracking technologies, our Service operates the same way regardless of whether your browser sends a "Do Not Track" (DNT) signal.

Because we only use strictly necessary cookies, we do not require cookie consent under GDPR.

11. Automated Decision-Making

Forgeable does not engage in automated decision-making that produces legal effects or similarly significant effects on you without human involvement.

While the Service uses AI to process your prompts and generate outputs, these outputs are tools for your use and do not automatically make decisions about you. Any decisions based on AI outputs remain under your control.

If you have concerns about how automated processing affects you, please contact us at legal@forgeable.ai.

12. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA), particularly when using third-party AI providers based in the United States.

When transferring data outside the EEA, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by the European Commission
  • Other legally recognized transfer mechanisms

Contact us if you would like more information about specific safeguards.

13. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal data from children.

If you believe we have collected data from a child, please contact us immediately at legal@forgeable.ai and we will delete it.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on the Service
  • Updating the "Last updated" date
  • Sending an email notification for significant changes

We encourage you to review this policy periodically.

15. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: legal@forgeable.ai

Data Controller:
Forgeable ApS
Denmark

Forgeable ApS
Denmark

Moltke Benjaminsen ApS, CVR: 45555399
Denmark