Legal

Privacy Policy

How we collect, use, and protect your information.

Last Updated: March 23, 2026

Forge Flow Labs LLC

Website: forgeflowlabs.com

Last Updated: March 23, 2026

1. Introduction

Forge Flow Labs LLC ("ForgeFlow," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website at forgeflowlabs.com (the "Website") or engage our web design and AI automation services.

By using the Website or providing your personal information to us, you consent to the practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Website or provide us with your personal information.

2. Information We Collect

2.1 Information You Provide Directly

We collect personal information that you voluntarily provide to us, including:

  • Contact Information: Name, email address, phone number, business name, and mailing address
  • Business Information: Business type, industry, website URL, and project details submitted through contact forms, questionnaires, or onboarding documents
  • Account Information: Login credentials for the client portal (if applicable)
  • Payment Information: Billing address and payment method details (processed securely through Stripe; we do not store full credit card numbers on our servers)
  • Communications: Information provided in emails, phone calls, chat messages, and other communications with us

2.2 Information Collected Automatically

When you visit the Website, we may automatically collect certain information, including:

  • Device Information: Browser type, operating system, device type, and screen resolution
  • Usage Information: Pages visited, time spent on pages, links clicked, and referring URL
  • Log Data: IP address, access times, and date/time stamps
  • Cookies and Similar Technologies: See Section 5 for details

2.3 Information from Third Parties

We may receive information about you from third parties, including:

  • Payment Processor (Stripe): Transaction confirmations and billing status
  • Analytics Providers (Google Analytics): Aggregated website usage data
  • Referral Partners: Name and contact information if you were referred to us
  • Public Sources: Publicly available business information when researching prospects or verifying existing clients

3. How We Use Your Information

We use the personal information we collect for the following purposes:

  • Service Delivery: To design, build, host, and maintain the websites and automations you engage us to deliver
  • Communication: To respond to inquiries, send onboarding materials, deliver project updates, and provide customer support
  • Billing & Payments: To process subscriptions, send invoices, and collect outstanding balances
  • Account Management: To create and manage your client portal account and authenticate access
  • Marketing (opt-in): To send newsletters, product updates, and promotional offers when you have consented to receive them
  • Improvement: To analyze how visitors use the Website so we can improve user experience, performance, and content
  • Security: To detect, prevent, and respond to fraud, abuse, security incidents, and unauthorized access
  • Legal Compliance: To comply with applicable laws, court orders, and lawful requests from public authorities

4. How We Share Your Information

We do not sell your personal information. We share information only in the following circumstances:

  • Service Providers: With trusted third parties that perform services on our behalf, such as Stripe (payments), Supabase (data hosting), Cloudflare (hosting/CDN), Google Workspace (email and analytics), Retell AI (voice agents, when contracted), and similar processors. These providers are contractually required to safeguard your information.
  • Legal Requirements: When we believe in good faith that disclosure is required by law, regulation, legal process, or governmental request
  • Business Transfers: In connection with a merger, acquisition, financing, reorganization, or sale of all or a portion of our assets, with notice to affected users
  • With Your Consent: Any other purpose disclosed to you at the time we collect the information, or with your subsequent consent
  • Aggregated & De-identified Data: We may share aggregated or de-identified information that cannot reasonably be used to identify you

5. Cookies and Tracking Technologies

We use cookies and similar technologies to operate the Website, remember your preferences, and analyze traffic. The categories of cookies we use include:

  • Essential cookies: Required for the Website to function (session, security, load balancing)
  • Analytics cookies: Help us understand how visitors interact with the Website (Google Analytics, Cloudflare Analytics)
  • Preference cookies: Remember choices you make to improve your experience

You can control cookies through your browser settings. Disabling cookies may affect certain Website features.

6. Data Security

We implement reasonable administrative, technical, and physical safeguards to protect your personal information, including:

  • Encryption in transit (TLS) for all Website traffic and API calls
  • Encryption at rest for sensitive data stored in our databases
  • Role-based access controls limiting employee access to need-to-know basis
  • Regular security reviews of our infrastructure and third-party processors
  • Payment information handled exclusively by PCI-DSS compliant processors

No method of transmission or storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

7. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, including legal, accounting, or reporting requirements. Typical retention periods:

  • Active client data: Retained for the duration of the engagement plus seven (7) years for tax and accounting purposes
  • Prospect inquiries: Retained for up to twenty-four (24) months after last contact, then deleted or anonymized
  • Marketing email lists: Retained until you unsubscribe or request deletion
  • Website analytics: Aggregated; raw logs purged within 26 months

8. Your Rights and Choices

Regardless of where you reside, you may exercise the following rights with respect to your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information, subject to legal retention requirements
  • Opt-out of marketing: Unsubscribe from marketing emails at any time using the link in each message
  • Withdraw consent: Withdraw any consent you previously provided

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

9. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

  • The right to know what personal information we collect, use, disclose, and sell
  • The right to request deletion of your personal information
  • The right to opt out of the sale of personal information (we do not sell personal information)
  • The right to non-discrimination for exercising your CCPA rights

To exercise your California rights, email [email protected] with the subject line "California Privacy Request."

10. GDPR (EU/UK) Rights

If you are located in the European Economic Area or the United Kingdom, you have the following rights under the General Data Protection Regulation:

  • Right of access, rectification, erasure, and restriction of processing
  • Right to data portability
  • Right to object to processing
  • Right to lodge a complaint with a supervisory authority

Our legal bases for processing personal information are: (a) performance of a contract, (b) compliance with legal obligations, (c) our legitimate interests, and (d) your consent where required.

11. Children's Privacy

Our Website and services are not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact us and we will delete it promptly.

The Website may contain links to third-party websites, plug-ins, or applications. We are not responsible for the privacy practices of those third parties. We encourage you to review the privacy policy of every website you visit.

13. International Data Transfers

We are based in the United States. If you access the Website or provide information to us from outside the United States, your information may be transferred to, stored in, and processed in the United States. By using the Website you consent to this transfer.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The "Last Updated" date at the top of this page reflects the most recent revision. Material changes will be communicated by posting the updated Privacy Policy on this page and, where appropriate, by email.

15. Contact Us

If you have questions about this Privacy Policy or our privacy practices, contact us at:

Forge Flow Labs LLC
Dallas, TX
Email: [email protected]
Website: forgeflowlabs.com