Legal

Privacy Policy

Last updated: February 27, 2026

This Privacy Policy explains what information Forcapedia collects, why we collect it, how we use it, and the choices available to you. This policy applies to our website, application interfaces, and related services.

1. Information We Collect

1.1 Account and identity data

  • Name, email address, and profile image provided by your auth provider
  • Unique account identifiers and authentication metadata
  • Account creation and last sign-in timestamps

1.2 Service usage data

  • Search queries, topic lookups, and follow-up prompts
  • Generated outputs and related article metadata
  • Token usage, plan tier, and period usage counters
  • Operational logs needed for reliability and abuse prevention

1.3 Session and device data

When you sign in, we record session information to help you manage your active devices and detect unauthorized access. This includes:

  • A randomly generated session identifier stored in your browser (localStorage)
  • Your IP address — used solely to derive an approximate city and country for display in Account → Sessions. The raw IP address is not stored in our database and is not displayed to you.
  • Browser name, operating system, and device type (derived from User-Agent)
  • Browser-reported timezone
  • Last active timestamp

You can view and remove individual sessions at any time from Account → Sessions.

1.4 Billing and transaction context

If paid plans are enabled, payment processing is handled by authorized payment providers. We may receive transaction status, invoice references, and plan details, but not full card numbers.

2. How We Use Information

We use personal information to:

  • Authenticate accounts and maintain secure sessions
  • Provide article generation, caching, and follow-up responses
  • Apply plan limits, enforce fair usage, and prevent abuse
  • Troubleshoot service issues and improve performance
  • Respond to support requests and legal obligations
  • Communicate service updates, policy changes, and account notices

3. Legal Bases for Processing

Where required by applicable law, we process data under one or more legal bases:

  • Performance of contract (providing the Service you requested)
  • Legitimate interests (security, fraud prevention, product reliability)
  • Legal compliance (records, regulatory obligations, lawful requests)
  • Consent where specifically requested

4. Data Sharing and Disclosure

We do not sell personal data. We may disclose limited data to:

  • Infrastructure providers (hosting, database, authentication)
  • AI model providers for prompt processing
  • Analytics/monitoring providers for operational diagnostics
  • Professional advisors or authorities when required by law

Shared data is limited to what is necessary for each purpose and is subject to contractual or policy controls.

5. Cookies and Session Technologies

We use essential cookies and session tokens to keep you signed in and secure your account. These are required for core functionality. We do not run third-party ad tracking cookies.

6. Data Retention

We retain account and usage data for as long as needed to provide the Service, enforce policies, resolve disputes, and meet legal obligations.

If your account is deleted, personal account data is removed or anonymized within reasonable operational timelines, except where retention is legally required.

7. Data Security

We use administrative, technical, and organizational safeguards to protect data. However, no method of transmission or storage is completely secure, and absolute security cannot be guaranteed.

8. Your Rights and Choices

Depending on your location, you may have rights to:

  • Access data we hold about you
  • Correct inaccurate or incomplete information
  • Request deletion of your personal data
  • Object to or restrict certain processing
  • Request data portability where applicable
  • Withdraw consent where processing is consent-based

You can manage key account actions from Account settings. For formal privacy requests, contact support.

9. International Data Transfers

Service providers may process data in multiple jurisdictions. Where required, we apply safeguards intended to support lawful cross-border data transfer.

10. Children's Privacy

The Service is not directed to children under 13, and we do not knowingly collect personal data from children under 13. If such data is identified, we will take appropriate deletion steps.

11. Changes to This Policy

We may update this Privacy Policy to reflect operational, legal, or product changes. The updated version is effective when posted unless otherwise stated.

12. Contact for Privacy Matters

For privacy questions, data rights requests, or account data concerns, use the channels listed on our Contact page.