Privacy Policy — SpecForge

1. Information We Collect

SpecForge collects information you provide directly, including your name, email address, company name, and any regulatory documents you upload to the platform. We also collect usage data such as features accessed, spec generations performed, and integration configurations.

2. How We Use Your Information

We use your information to provide and improve the SpecForge service, process your compliance specifications, communicate updates about the service, and ensure the security and performance of our platform.

3. Data Storage and Security

Your data is stored on AWS infrastructure with encryption at rest (AES-256) and in transit (TLS 1.3). Regulatory documents and generated specifications are stored within your AWS account. We follow AWS security best practices and implement appropriate access controls.

4. Data Sharing

We do not sell your data. We share information only with service providers necessary to operate the platform (AWS, email delivery) and when required by law. All sub-processors are bound by data processing agreements.

5. Data Retention

We retain your account data for as long as your account is active. Upon account deletion, personal data is removed within 30 days. Generated compliance specifications may be retained in your AWS account per your own data retention policies.

6. Your Rights

You have the right to access, correct, or delete your personal data. You may also request data portability or object to processing. To exercise these rights, contact us at privacy@specforge.io.

7. Contact

For privacy-related inquiries, contact us at privacy@specforge.io.