IndieSaaS Forge

Privacy

Your privacy matters to us.

Privacy Policy

Introduction and Scope

IndieSaaS Forge operates the services offered on indiesaasforge.com and related platforms (the Services). This Privacy Policy describes how we collect, use, disclose, and protect personal data in connection with the Hacking and Micro-SaaS products and services we provide to a global audience. It applies to customers, developers, partners, and visitors who interact with our Services or access indiesaasforge.com. By using the Services or providing personal data, you acknowledge and agree to the practices described in this Policy.

Information We Collect

Information you provide

  • Account registration and profile data such as name, email address, organization, and contact information
  • Payment, billing, and subscription details required to provide the Services
  • Communications with us, including support inquiries, feedback, and requests
  • Content you upload or generate within the Services, including project configurations, integrations, and code snippets

Information we collect automatically

  • Device information, IP address, browser type, language settings, and other technical identifiers
  • Usage data such as pages visited, features used, timestamps, error logs, and performance metrics
  • Telemetry data to monitor service health, security, and reliability

Information from third parties and integrations

  • Data from partners, payment processors, and integrated tools with your consent or as permitted by your configurations
  • Data about your devices or accounts when you authorize third-party integrations

Children’s privacy

  • We do not knowingly collect personal data from children under the age of 16 without verifiable parental consent. If you believe a child has provided data to us, contact us for assistance.

How We Use Your Information

  • To provide, operate, and maintain the Services on indiesaasforge.com
  • To process payments, manage accounts, and communicate about updates or issues
  • To personalize, customize, and improve the Services based on usage and preferences
  • To ensure security, protect against fraud, and enforce our terms and policies
  • To analyze, monitor, and improve product performance and user experience
  • To comply with legal obligations and respond to lawful requests
  • To share aggregated or de-identified information for research and product development where permitted by law

Legal Bases for Processing (where required)

  • We rely on performance of a contract, legitimate interests in providing and improving the Services, consent where required, and compliance with legal obligations.

Data Sharing and Third-Party Services

  • We engage service providers to support delivery of the Services, including cloud hosting, payment processing, analytics, security, and customer support. These processors may access or process personal data only as necessary to perform their functions and in accordance with our instructions.
  • We may share information with our business partners for joint product development, marketing activities, or legal compliance, subject to contractual protections.
  • We may disclose personal data to comply with law, protect our rights, enforce agreements, or respond to legitimate requests.
  • We do not sell personal data. If any data selling or data-sharing practices change, we will provide notice and opt-out mechanisms as required by law.

Cookies and Tracking Technologies

  • We and our service providers use cookies and similar technologies to operate the Services, remember preferences, analyze usage, and tailor content. You can manage cookies via your browser settings or through opt-out mechanisms in our cookie banner where available.
  • We may use analytical tools to understand how the Services are used and to improve features relevant to the Hacking and Micro-SaaS context. You may be able to opt out of certain analytics in your settings.

Data Security

  • We implement a layered security program designed to protect personal data from unauthorized access, disclosure, alteration, or destruction. Measures include:
    • Encryption in transit (TLS) for data transmitted between you and our services
    • Encryption at rest for stored data where feasible
    • Access controls, authentication, and role-based permissions
    • Regular vulnerability management, patching, and secure software development practices
    • Network segmentation, monitoring, and anomaly detection
    • Incident response planning and regular security testing, including periodic penetration testing and a vulnerability disclosure program
  • Data retention policies describe how long we keep personal data and the criteria used to determine retention periods. We store information only as long as necessary to fulfill the purposes described in this Policy, or as required by law.

Data Integrity and Retention

  • We take reasonable steps to ensure personal data is accurate, complete, and up-to-date for the purposes for which it is used.
  • Data is retained for as long as is necessary to provide the Services and fulfill the purposes described in this Policy, or as required by applicable law. When no longer needed, data is securely deleted or anonymized.

Your Privacy Rights and Choices

  • Access and portability: You may request a copy of your personal data in our custody or control and obtain it in a structured, commonly used, and machine-readable format where applicable.
  • Correction: You may request correction of inaccurate or incomplete data.
  • Deletion: You may request deletion of personal data, subject to applicable law and our legal obligations.
  • Restriction of processing: You may request restriction of certain processing activities while we resolve a concern.
  • Objection and automated decision-making: You may object to processing or request human review of certain automated decisions where applicable.
  • Data portability: You may request that we provide your data in a portable format where technically feasible.
  • Right to opt out of data sales and to limit sharing for cross-context behavioral advertising under CPRA (where applicable): To exercise CPRA rights, contact privacy@indiesaasforge.com. To exercise CPRA rights, contact privacy@indiesaasforge.com.
  • California residents CPRA rights: To exercise CPRA rights, contact privacy@indiesaasforge.com.
  • How to exercise rights: See the How to Contact Us for Privacy Inquiries section below for the official channels and required information.

International Data Transfers

  • Personal data may be transferred to and processed in jurisdictions outside your country of residence, including the United States, where data protection laws may differ. We implement appropriate safeguards, such as contractual clauses and security measures, to protect your data in cross-border transfers.

Third-Party Services and Cookies Details

  • Service providers: We rely on subprocessors to deliver and support the Services. These providers may process personal data on our behalf under strict contractual obligations.
  • Integrations: When you enable third-party integrations, you authorize data to be shared with those third parties according to their policies.
  • Cookies: We use cookies and similar technologies to operate the Services, analyze usage, and tailor experiences. You can control cookies via your browser or our consent management tool.
  • Your controls: You may review and adjust privacy settings within your account, unsubscribe from marketing communications, and manage cookie preferences where applicable.

How to Contact Us for Privacy Inquiries

If you have questions about this Privacy Policy or wish to exercise your privacy rights, you may contact us at:

  • Privacy email: privacy@indiesaasforge.com
  • Phone: +1 (415) 672-8123
  • Mailing address: 815 Market Street, Suite 210, San Francisco, CA 94103, United States

CPRA Rights (California residents)

To exercise CPRA rights, contact privacy@indiesaasforge.com.

How We Protect Your Data and Your Rights

  • We maintain a documented privacy program with governance, audits, and ongoing training to protect personal data.
  • We implement security reviews of our practices, policies, and technologies to address emerging threats and regulatory changes.
  • We encourage responsible disclosure of security vulnerabilities and operate a vulnerability disclosure program to engage the security community in strengthening the Services.

Changes to This Privacy Policy

  • We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. When we update the Policy, we will revise the "Last Updated" date and, in some cases, provide additional notice.

How to Contact Us for Privacy Inquiries – Summary

  • Privacy email: privacy@indiesaasforge.com
  • Phone: +1 (415) 672-8123
  • Mailing address: 815 Market Street, Suite 210, San Francisco, CA 94103, United States

Last Updated

Last Updated: 2026-02-28