LEGAL · PRIVACY POLICY

Privacy Policy

Effective: May 25, 2026 · Last updated: May 25, 2026 · Version 1.0

⚠ Plain-English standard policy — not individualized legal advice. Microforge is operated from Brazil by an independent developer. Payments are processed by Paddle.com as Merchant of Record — we never receive or store your card data. A Portuguese version exists for our BR product.

This policy explains what data Microforge collects across microforge.app and its products, why, and your choices. Written in plain language — we collect as little as possible.

1. Who we are

Microforge is an independent microSaaS operation run by Roberto Oliveira (Brazil), the party responsible for your data. Contact: roberto@microforge.app.

2. Data we collect

We collect only what's needed to run the services. This list is exhaustive — if it's not here, we don't collect it. The free calculators work with no account and no personal data.

Category Data When
Identification Email address (and an optional display name) When you create an account for paid features
Authentication A unique user ID and password hash, managed by AWS Cognito — we never see your plaintext password Sign-up / sign-in
Usage Calculations and setups you save; preferences; last-access timestamps While using a signed-in feature
Technical IP address and browser user-agent, in server logs Each request
Payment Order metadata from Paddle (plan, amount, date). Card details are handled entirely by Paddle — never by us When you purchase
Analytics Anonymous usage events. Google Analytics 4 (IP anonymized) and Microsoft Clarity (sensitive fields auto-masked). Both honor Do-Not-Track Each visit
Sensitive data: we do not collect any (no race, health, biometrics, precise geolocation, etc.). We do not knowingly collect data from anyone under 18.

3. How we use it

To run and authenticate your account, deliver paid features, send transactional email (receipts, account notices), provide support, prevent fraud and abuse, and meet legal/tax obligations. We do not use your data for third-party advertising or profiling.

4. We do not sell your data

Microforge does not sell or "share" your personal information (as those terms are used under the CCPA/CPRA), and never has. There is no opt-out to perform because there is no sale.

5. Sub-processors

Providers that process data on our behalf. Full, named list:

Amazon Web Services (AWS)

Hosting, database, storage, and authentication (Amazon Cognito).

Paddle.com

Merchant of Record: payment processing, tax, and receipts. Paddle is the card-data controller (PCI-DSS); we have no access to card data.

Amazon SES

Transactional email (account & receipt notifications).

Google Analytics 4

Aggregate, anonymized usage metrics. IP anonymized; no personal identifiers shared.

Microsoft Clarity

Heatmaps + session replay with sensitive fields auto-masked. Honors Do-Not-Track.

We never sell, rent, or share personal data with third parties for their own marketing.

6. Your rights

Wherever you are — and including the rights granted to California residents under the CCPA/CPRA — you may request:

  • Know / access — what we hold about you.
  • Delete — your personal data (legal/tax records excepted).
  • Correct — inaccurate data.
  • Portability — export your saved data.
  • Opt out of “sale/share” — not applicable: we do not sell or share your data.
  • Non-discrimination — exercising a right never degrades your service.
How: email roberto@microforge.app. We respond within 30 days and may verify your identity first. You won't be discriminated against for exercising a right.

7. Retention, security & cookies

  • Retention: while your account is active; personal data removed within ~30 days of deletion (minimal billing records kept as legally required).
  • Security: TLS in transit, encryption at rest, password hashing via Cognito, optional MFA, least-privilege admin access.
  • Cookies: strictly-necessary (auth/session) and anonymized analytics only. No third-party advertising cookies. Do-Not-Track is honored.
  • International: data is hosted on AWS and processed by the sub-processors above; payments are processed by Paddle.

8. Changes & contact

We may update this policy; material changes get reasonable notice. Questions or requests:

Data contact

Roberto Oliveira — Microforge

roberto@microforge.app