FORGR

Legal

Privacy Policy

This policy explains how Forgr (“we”, “us”) collects, uses and protects personal data when you use the Forgr iOS application (the “App”) and this website, forgr.app (the “Site”). We process personal data in accordance with the EU General Data Protection Regulation (“GDPR”).

1. Data controller

The data controller is Forgr. For any privacy matter, contact privacy@forgr.app.

2. Data we collect

Through the App, if you become a member:

  • Identity and profile data: name, email address, date of birth, location, education, skills, photos and avatar, and your answers to profile prompts.
  • Communications: messages you send and receive in the App, including voice notes and attachments.
  • Activity data: event registrations and your interactions needed to operate the service (for example sparks and matches).
  • Application contents: what you submit when applying for membership.

Through this Site: only what you type into our application forms (membership and Circle applications) — name, email and the answers you choose to give. The Site sets no cookies and runs no analytics or tracking of any kind. This is why you see no cookie banner: there is nothing to consent to.

3. Purposes and legal bases

  • Reviewing applications and operating membership — performance of a contract, or steps taken at your request prior to entering one (Art. 6(1)(b) GDPR).
  • Providing the App: profiles, matching, messaging, events — performance of a contract (Art. 6(1)(b)).
  • Safety and moderation: reviewing reports, enforcing community standards — legitimate interest in keeping the community safe (Art. 6(1)(f)).
  • Transactional email (application updates, account notices) — performance of a contract and legitimate interest (Art. 6(1)(b) and (f)).
  • Legal compliance — legal obligation (Art. 6(1)(c)).

4. Processors and sub-processors

We share data only with the service providers required to run Forgr:

  • Supabase — hosting and database, located in the EU (eu-west-1 region).
  • RevenueCat — subscription management.
  • Apple — payment processing for subscriptions.
  • Expo — push notification delivery.
  • Resend — transactional email.
  • Google Places — location autocomplete when you set your city.

We never sell personal data, and we do not share it with advertisers.

5. International transfers

Your data is primarily stored in the European Union (Supabase, eu-west-1). Some providers listed above operate from or route data through the United States. Where data leaves the EEA, transfers rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses or an adequacy decision (including the EU–US Data Privacy Framework where the provider is certified).

6. Retention

We keep personal data only as long as needed for the purposes above: account data for the life of your membership; messages until you or your counterpart delete them or the account is deleted; application data for a reasonable review period after a decision; and records we must keep to satisfy legal obligations, for the legally required time. When you delete your account, your profile and content are removed.

7. Your rights

  • Access — ask what data we hold about you.
  • Rectification — correct inaccurate data (most profile data can be edited directly in the App).
  • Erasure — delete your account and data at any time, in-app via Settings → Delete account.
  • Portability — receive your data in a portable format, in-app via Settings → Export my data.
  • Objection and restriction — object to or restrict processing based on legitimate interest.
  • Complaint — lodge a complaint with your local supervisory authority.

To exercise any right not available in-app, write to privacy@forgr.app. We respond within one month.

8. Minimum age

Forgr is for people aged 16 and over. We do not knowingly process the data of anyone younger. If you believe a minor under 16 has provided us data, contact us and we will delete it.

9. Security

Data is encrypted in transit, access is restricted by row-level security and need-to-know administrative controls, and we review our practices regularly. No system is perfectly secure; if a breach affects you, we will notify you and the supervisory authority as the GDPR requires.

10. Changes

If we change this policy materially, we will notify members in the App or by email before the change takes effect.

Last updated: June 11, 2026