Forge — Privacy Policy

Effective date: July 3, 2026  ·  App: Forge: Proof Habits  ·  Developer: Kulpat Sangthong

Overview

Forge is a habit-tracking app that requires a photo as proof of completing a habit, verified by AI. This policy explains what data Forge collects, why, how it's handled, and the choices you have. It applies to the Forge iOS app and its backend services.

Data We Collect

Everything below is linked to your account unless noted otherwise.

Data TypeWhat It IncludesWhy We Collect It
Email addressThe email you sign up with, or the private relay address provided by Sign in with AppleTo create and authenticate your account
Account identifierA unique user ID issued when you sign upTo associate your habits, photos, and progress with your account
Proof photosPhotos you take with the in-app camera to verify a habitAnalyzed by an AI vision model to confirm the habit was actually done, and shown back to you as your visual history
Habit definitions & settingsHabit names, categories, schedules and weekdays, deadlines, completion windows, reminder times, and a free-text personal "why" note you can write for each habitTo build and run your habit stack
Daily progressPer-habit completion status and dates, points, streaks, tiers, badges, and XPTo track completion and lifetime progress
Reflections & journal entriesAn optional daily mood, a 1–5 star rating, a free-text note, and six free-text prompts (gratitude, highlight, win, intention, learning, challenge) — you can write anything you choose in these fieldsTo let you journal alongside your habits
Habit removal reasonsThe reason you select or type when you delete a habit, and the habit's nameTo understand why habits are dropped and improve the app
AI verification feedbackThe thumbs-up / thumbs-down you can give on a verification resultTo improve verification accuracy
Onboarding responsesYour answers to the setup questions (goals, past experience, motivation) and your "how did you hear about us" selectionSetup answers stay on your device; the "how did you hear" answer is sent anonymously to analytics (see below)
Subscription & trial statusWhether you're on a trial or subscribed, and when your trial startedTo manage access to Pro features. Billing itself is handled by Apple — see Third-Party Services
Usage & analytics dataAnonymous product-usage events plus coarse device, OS, and region information (see Analytics)To understand how the app is used and improve it — not linked to your identity

We do not collect: your legal name, precise or coarse location, contacts, health/fitness data via HealthKit, advertising identifiers (IDFA), browsing/search history, or any payment card details (those are handled entirely by Apple).

How Your Photos Are Used

Every habit-verification photo you take is:

Forge cannot read or browse your photo library — verification photos can only be taken with the in-app camera. Separately, if you explicitly choose to export a habit photo, Forge can save (add) that photo to your camera roll; it still cannot read or access any other photos on your device.

Reflections and Free-Text Content

Habit "why" notes and daily reflections (mood, rating, note, and the six prompts) are free-text fields you control. Because you can type anything into them, please avoid entering sensitive personal information you would not want stored. This content is stored on Forge's backend, linked to your account, is visible only to you, and is never shared with other users, sold, or used for advertising. It is deleted when you delete the corresponding habit, use Clear All Data, or delete your account (see Data Retention & Deletion).

Account & Authentication

You can sign in with email or Sign in with Apple. Passwords are handled and hashed by our authentication provider (Supabase) — Forge never sees or stores your raw password. Your email address is used only to manage your account and is never sold or shared with advertisers.

Analytics

Forge uses TelemetryDeck, a privacy-first analytics provider, to understand product usage in the aggregate. TelemetryDeck does not receive your email, account ID, habit content, photos, or reflections. It derives its own anonymous, non-reversible device signal and, by default, collects coarse metadata such as device model, OS version, and broad region.

The specific events Forge sends are:

None of these events include information that identifies you personally.

Third-Party Services

ServicePurposeData Shared
SupabaseBackend host — authentication, database, and photo storageYour account, habit, entry, reflection, verification, habit-removal, and profile data, plus your proof photos. Supabase hosts this data on Amazon Web Services (AWS) infrastructure in Sydney, Australia (region ap-southeast-2). If you use Forge from outside Australia, your data is transferred to and stored there.
OpenAIAI photo verification (GPT-4o Vision)Only the proof photo being verified and the habit's verification prompt. No email, account ID, or name is sent. See retention details below.
Apple (StoreKit)Subscription billingHandled entirely by Apple — Forge receives only your subscription status, never your payment details
Apple (Sign in with Apple)Optional authenticationAn identity token / private relay email, passed to Supabase to create your session
TelemetryDeckAnonymous usage analyticsAnonymous events plus coarse device/OS/region metadata only — no account identifiers

OpenAI retention: Photos sent to OpenAI are processed to return a pass/fail result. Under OpenAI's current API policy, API inputs may be retained for a limited period (up to 30 days) for abuse and misuse monitoring and then deleted, unless a zero-retention agreement is in place. Forge does not have a zero-retention agreement with OpenAI, and OpenAI states it does not use data submitted through its API to train its models. Forge does not control OpenAI's retention timeline, and deleting your Forge account does not retroactively remove photos already processed by OpenAI.

Data Stored on Your Device

To work quickly and offline, Forge keeps some data on your device: a cache of your habits and entry history, cached copies of recently viewed photos, your app preferences and setup answers, and your login session (stored securely in the iOS Keychain). Photos captured while offline are queued locally and uploaded when you reconnect. This on-device data is removed when you sign out or delete the app.

Data Retention & Deletion

Your data is retained as long as your account is active. Forge gives you two in-app controls:

You can also request deletion by contacting gaosangthong+forgesupport@gmail.com.

Export: From inside the app you can export a text summary of your stats, share recap images, and save individual habit photos to your camera roll. If you would like a copy of your data in another form, contact us at the email above.

Your Privacy Rights

Depending on where you live (for example, under the EU/UK GDPR or the California CCPA/CPRA), you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. Forge does not sell your personal data. You can exercise the core of these rights directly through the in-app Delete Account and Clear All Data controls, or by contacting us at gaosangthong+forgesupport@gmail.com. We will respond within the timeframe required by applicable law.

Children's Privacy

Forge is not directed at children and does not knowingly collect data from children under 13. Where local law sets a higher age of digital consent (for example, 13–16 in parts of the EU/UK), you must meet that age to use Forge. If we learn that we have collected data from a child below the applicable age, we will delete it.

Changes to This Policy

If this policy changes, the updated version will be posted at this same URL with a new effective date.

Contact

Questions about this policy or your data: gaosangthong+forgesupport@gmail.com