Your data is
yours.
Full stop.
Forge is built on a simple principle: we process your data to give you answers, and we don't hold onto it. No training. No selling. No retention after your session.
Swiss Jurisdiction
FADP compliant Β· ZΓΌrich, Switzerland
Zero data retention
Analysis content not stored after session
Xencore Global GmbH
Registered entity Β· VAT compliant
π
Our core promise
Your prompts, AI responses, and analysis results are used to generate your output and then discarded. We do not train AI models on your data. We do not sell your data. We do not share it with third parties for advertising. The eight AI providers you use receive your prompts under their own privacy policies β we don't intercept or retain those exchanges on our side.
To provide the service, we collect and process the minimum necessary:
- Account information β your email address, display name, and authentication credentials. Used to identify your account and nothing else.
- Usage data β synthesis count, session count, and feature usage. Used to enforce plan limits and generate your performance metrics on the Profile page.
- Payment information β handled entirely by Stripe. We never see or store your card details.
- Prompt Library content β prompts you explicitly choose to save. Stored until you delete them or your account is closed.
What we do not collect: the content of your AI queries, the responses you receive, your Excel or CSV data, your synthesis outputs, or any analysis content. This data passes through the service to produce your results and is not retained on our servers.
When you submit a question or upload a file, here is exactly what happens:
- Your question and any file data structure is sent from your browser to our backend server over an encrypted connection.
- Our backend forwards the request to the AI providers you have selected (Claude, ChatGPT, Gemini, Mistral, DeepSeek, Perplexity, Grok).
- Each provider processes the request under their own privacy policy and returns a response.
- Forge receives the responses, synthesises them if you have requested synthesis, and returns the output to your browser.
- The content of the exchange is not written to persistent storage. Your usage counter is incremented. That is all that is stored from the interaction.
Forge uses eight AI providers simultaneously. Each provider has its own privacy policy governing how they handle the prompts sent to them. We recommend reviewing their policies if you are working with sensitive data:
- Anthropic (Claude) β anthropic.com/privacy
- OpenAI (ChatGPT) β openai.com/privacy
- Google (Gemini) β policies.google.com/privacy
- Mistral AI β mistral.ai/privacy
- DeepSeek β deepseek.com/privacy
- Perplexity AI β perplexity.ai/privacy
- xAI (Grok) β x.ai/privacy
- Meta AI (Llama) β privacycenter.fb.com/policy
For sensitive or regulated data, we recommend reviewing the data residency and retention policies of each provider before using Forge for that analysis.
Under the Swiss Federal Act on Data Protection (FADP) and applicable EU data protection law, you have the right to:
- Access β request a copy of the personal data we hold about you.
- Correction β request correction of inaccurate personal data.
- Deletion β request deletion of your account and all associated personal data. Prompt Library content is deleted immediately. Account and usage data is deleted within 30 days.
- Portability β request an export of your account data in a machine-readable format.
- Objection β object to any processing of your personal data.
To exercise any of these rights, contact us at contact@projectcoachai.com. We will respond within 30 days.
We use a minimal set of cookies necessary to operate the service:
- Authentication session cookie β keeps you signed in. Expires when you sign out or after 30 days of inactivity.
- Stripe cookies β set by Stripe for payment processing. Governed by Stripe's cookie policy.
We do not use advertising cookies, tracking pixels, or third-party analytics services that profile your behaviour. We do not participate in any advertising networks.
All data transmitted between your browser and our servers is encrypted using TLS 1.3. Our backend infrastructure runs on Railway with encrypted storage. Access to production systems is restricted to authorised personnel only.
If you discover a security vulnerability, please report it responsibly to contact@projectcoachai.com. We commit to acknowledging reports within 48 hours and resolving confirmed vulnerabilities within 30 days.
Last updated: April 2026 Β· ProjectCoachAI Β· Forge Edition