Legal

Privacy Policy

Last updated July 7, 2026

Privacy Policy

This Policy explains what [Forge Entity Name], a [jurisdiction] company collects when you use forge., why, and what control you have over it. No KYC - your wallet is your account. Payout wallets are screened onchain.

1. What we collect

Account data: your wallet address; your email address, only if you sign in with Google or link an email - we never require it. Trading activity: orders, positions, and trades on your forge accounts, needed to run the challenges you paid for. Device & usage data: IP address, browser/device type, and app usage, used for jurisdiction geofencing (see the Terms of Service) and fraud/abuse detection. We do not collect government ID, proof of address, or any other KYC documentation - there is no identity-verification step in forge today.

2. How we use it

To operate your accounts and challenges; to screen payout wallets onchain against sanctions lists and for mixer/exploit exposure before sending a payout; to detect prohibited conduct (cross-account correlation, device/IP fingerprinting, pattern analysis) as described in the Terms of Service; to enforce jurisdiction restrictions; to communicate service-critical notices (e.g. a breach, a payout, a security notice); and to comply with law. We do not use your data to serve third-party advertising.

3. What we share

We share data only with: infrastructure providers that keep the Service running (hosting, database, our authentication provider Privy); the onchain sanctions/exposure screening provider used on payout wallets; and law enforcement or regulators where legally compelled. We do not sell your data, and we do not share your trading activity with third parties for marketing purposes.

4. Cookies & local storage

We use essential cookies/local storage to keep you signed in and to remember interface preferences (e.g. favorited markets, panel layout). We do not use third-party advertising or cross-site tracking cookies.

5. Retention

We keep account and trading-activity data for as long as your account is active and for a reasonable period after (typically up to 7 years) to meet recordkeeping, tax, dispute, and anti-fraud obligations. Deleting your account (see § 6) stops active use of your data but does not immediately erase records we're legally required to retain.

6. Your rights

You can request a copy of the personal data we hold about you, correct inaccurate data, or delete your account and associated data (subject to the retention obligations in § 5) by emailing legal@forgecap.xyz. If you're in the EEA/UK, you have rights under GDPR (access, rectification, erasure, portability, objection); if you're a California resident, you have rights under the CCPA/CPRA. We'll respond to verified requests within the timeframe the applicable law requires.

7. International transfers

Our infrastructure may process data outside your home country. Where required, we rely on appropriate safeguards (such as standard contractual clauses) for cross-border transfers.

8. Children

The Service is not directed at anyone under 18 (see the Terms of Service), and we do not knowingly collect data from anyone under 18.

9. Changes to this Policy

We'll post updates here with a new "Last updated" date and, for material changes, make reasonable efforts to notify active traders in-app.

10. Contact

Privacy questions or requests: legal@forgecap.xyz.