Privacy Policy

Last updated: February 23, 2026

This Privacy Policy explains how Reforge Software ("Reforge," "we," "our," or "us") collects, uses, stores, and shares information when you use our website, purchase or use our software, request support, submit an inquiry, or otherwise interact with our services.

This policy is intended to provide a simple global baseline for customers in multiple countries. Local laws may give you additional rights, and nothing in this policy limits rights that cannot be limited under applicable law.

1. Who We Are

Brand name: Reforge Software

Legal entity: Reforge Software

Privacy contact: support@reforgesoftware.com

2. Information We Collect

We collect information directly from you, automatically from your use of our website/services, and from service providers that help us process payments and operate the service.

• Purchase and account data: name, email address, company name, phone number (if provided), billing plan/edition, and related transaction records.
• Payment data: payments are processed by Stripe. We do not store full card numbers on our servers, but we may store payment-related metadata such as Stripe customer, subscription, invoice, and price identifiers.
• License and activation data: license key, machine/hardware identifier, activation timestamps, validation timestamps, and (where provided by the client/app) computer name and user name.
• Network and security logs: IP address, user agent, request logs, audit logs, anti-abuse/security verification results, and related diagnostics.
• Website usage telemetry: first-party telemetry such as page views, event names, timestamps, page URL, referrer URL, anonymous/session identifiers, UI version, and interaction metadata. We use this to monitor and improve product and website performance.
• Inquiries and support data: messages you send us, enterprise inquiry details (such as company, contact info, job title, seat estimates, and requirements), and support correspondence.
• Feedback submissions: feedback form data (name, email, subject, description, optional license key, app/OS version, CGM profile) and optional image attachments you upload.
• Preferences and local settings: cookie consent preferences, form draft data, and other browser storage values used for site functionality.

3. What We Do Not Collect by Default

We do not collect or upload the contents of your CGM or SVG files as part of normal license activation or validation. If you voluntarily send files or screenshots to support or submit attachments in feedback forms, we will process those materials to provide support or review your feedback.

4. How We Use Information

• Provide, activate, validate, secure, and support the software and related services
• Process purchases, subscriptions, renewals, refunds, invoices, and payment disputes
• Send transactional emails (license keys, receipts, support responses, service notices)
• Respond to inquiries, feedback, and support requests
• Prevent fraud, abuse, unauthorized use, and security incidents
• Operate and improve the website, checkout experience, documentation, and product UX
• Maintain internal records, auditing, troubleshooting, and compliance
• Send product updates or marketing messages where permitted by law and subject to your preferences

5. Legal Bases (Where Applicable)

Where laws such as the UK GDPR or EU GDPR apply, we process personal data on one or more of the following bases: performance of a contract (for purchases, licensing, and support), legitimate interests (security, fraud prevention, service improvement), legal obligations, and consent (for example, where required for certain cookies or communications).

6. Cookies and Similar Technologies

We use cookies and similar technologies, including localStorage and sessionStorage, for site operation and user experience. Examples include:

• Essential site functionality and security
• Feature rollout/experience consistency cookies
• Cookie consent preferences
• Theme preference and UI settings
• Form draft persistence
• First-party telemetry identifiers and session identifiers

We do not use third-party advertising trackers for cross-site behavioral advertising. We may use first-party telemetry to understand how the site and product are used and to improve reliability and UX.

7. How We Share Information

We do not sell your personal information. We may share information with:

• Payment processors: Stripe, to process payments, subscriptions, invoices, and billing management.
• Service providers: hosting, email delivery, infrastructure, logging/monitoring, and other vendors that help us operate the service.
• Security and anti-bot providers: for example, Cloudflare Turnstile (if enabled) to reduce abuse and automated submissions.
• Professional advisers: legal, accounting, insurance, and compliance advisers, where needed.
• Authorities or other parties when required by law: including to comply with legal process or protect rights, safety, and security.
• Business transfers: in connection with a merger, acquisition, financing, or sale of assets, subject to applicable law.

8. International Transfers

We may process or store information in countries other than your own, including through service providers. Where required by law, we use appropriate safeguards for cross-border transfers.

9. Data Retention

We retain information only for as long as reasonably necessary for the purposes described above, including to provide the service, maintain records, resolve disputes, enforce agreements, and comply with legal obligations. Retention periods may vary by data type.

• Licensing, billing, and transaction records: retained for accounting, tax, fraud prevention, and support purposes.
• Activation, validation, and audit logs: retained for license enforcement, security, and troubleshooting.
• Inquiry/feedback submissions and attachments: retained while active or useful for support/product review, then deleted or anonymized when no longer needed.
• Browser-side preferences and form drafts: retained in your browser until they expire or you clear them.

10. Security

We use reasonable technical and organizational measures designed to protect information, including HTTPS for data in transit and access controls for administrative systems. No system is completely secure, and we cannot guarantee absolute security.

11. Your Rights and Choices

Depending on where you live, you may have rights to access, correct, delete, or restrict certain personal information, or to object to certain processing, receive a copy of your data, or withdraw consent where processing is based on consent. You may also opt out of marketing emails by using the unsubscribe link or contacting us.

To make a privacy request, contact privacy@reforgesoftware.com. We may need to verify your identity before completing a request.

12. Children's Privacy

Our software and services are intended for professional and business use and are not directed to children. We do not knowingly collect personal information from children.

13. Third-Party Links and Services

Our website and services may link to or integrate with third-party services (such as Stripe). Their privacy practices are governed by their own policies. We encourage you to review those policies before providing information to them.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the "Last updated" date. If changes are material, we may provide additional notice where appropriate.

15. Contact Us

If you have questions about this Privacy Policy or our privacy practices, contact us at privacy@reforgesoftware.com.