Privacy Policy

Last Updated: January 29, 2026

Introduction

Welcome to Forge Lab Brain ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website forgelab.one and use our AI development platform.

By accessing or using our Service, you signify that you have read, understood, and agree to our collection, storage, use, and disclosure of your personal information as described in this Privacy Policy.

Information We Collect

2.1 Personal Information

We collect personal information that you voluntarily provide to us when you register on the Service:

  • Email address (for authentication via Supabase)
  • Username or Display Name
  • Billing Information (processed securely via Stripe)

2.2 Usage Data

We automatically collect certain information when you visit, use, or navigate the Service:

  • Log Data (IP address, browser type, operating system)
  • Interaction Data (chat frequency, token usage, model selection)
  • Terminal Output Logs (retained temporarily for session continuity)

2.3 User Content

This includes the code you write, the prompts you send to the AI, and the files you upload. You retain full ownership of your User Content.

AI & Third-Party Processors

Important: We do NOT use your private code or data to train our own AI models.

To provide our AI orchestration services, we must transmit your prompts and relevant context to third-party Large Language Model (LLM) providers. We currently utilize:

  • OpenRouter: An API aggregator for various models (Anthropic, Meta, etc.).
  • Google: For Gemini model inference.

When you use "Brain Mode" or "Chat", your input is processed by these providers solely for the purpose of generating a response. We recommend reviewing the privacy policies of OpenRouter and Google.

BYOK (Bring Your Own Key) & Security

If you choose the "Bring Your Own Key" (BYOK) subscription model, you will provide your own API keys (e.g., OpenRouter API Key).

How we protect your keys:

  • Encryption: Keys are encrypted using AES-256 before being stored in our database.
  • No Frontend Access: Decryption happens only on our secure backend server during a request. Your raw key is never sent back to the browser.
  • Isolation: Keys are strictly scoped to your user ID.

Payment Processing

We use Stripe for payment processing. We do not store or collect your payment card details. That information is provided directly to Stripe, whose use of your personal information is governed by their Privacy Policy.

Stripe may collect personal data such as your IP address and transaction details to prevent fraud and process payments securely (PCI-DSS compliant).

Data Retention

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy policy.

  • Account Data: Retained until you delete your account.
  • Chat History: Stored to provide conversation context. You can delete specific conversations at any time.
  • Temporary Files: WebContainer file systems are ephemeral and exist only within your browser session.

Contact Us

If you have questions or comments about this policy, or wish to exercise your data rights (access, deletion), please contact us at:

Email: info@forgelab.one