Most AI agent vendors will quietly fine-tune their model on your customer conversations, route your API calls through their proxy, and treat your data as fuel. Forge does none of that. Here's the full data-handling matrix in plain English — and the contract clauses we'll sign to back it.
For every category of data your build will use, here is who sees it, where it lives, and how long it persists. If a row breaks your policy, tell us at discovery — we'll engineer around it or refuse the engagement.
| Data category | Forge sees it? | Stored where? | Used to train models? | Retention |
|---|---|---|---|---|
| Source code | Yes (read-write to your repo) | Your GitHub | Never | Yours forever |
| API keys / secrets | Scoped credentials in build env only | Your secrets manager (AWS SM / Vault / 1Password) | Never | Rotated post-launch |
| Production customer PII | No — synthetic + masked test data only | Your infra exclusively | Never | N/A — never leaves your stack |
| Discovery transcripts | Yes (recorded screen-share) | Encrypted on Forge laptop, mirrored to your shared drive | Never | Deleted day 90 |
| Test datasets | Yes | Your sandbox env | Never | Yours forever |
| LLM prompts (build phase) | Yes (engineered) | Your repo | No (we use API tier with no-train flags) | Yours forever |
| LLM completions (runtime) | No (ships in your code, not ours) | Your infra | No | Per your retention policy |
| Slack channel content | Yes (private channel) | Your Slack workspace | Never | Per your Slack retention |
| Monitoring logs | During support window only | Your observability stack | Never | Per your log policy |
| Invoices / contracts | Yes | Forge accounting (Stripe + bookkeeping) | Never | 7 years (CRA tax requirement) |
Every Forge Statement of Work includes these five clauses. They're not negotiable in the way that they get watered down — they're negotiable in the way that you can ask us to make them stricter.
Forge will never use your source code, customer data, prompts, completions, or transcripts to train, fine-tune, or evaluate any model — internal or external. LLM API calls during build use the OpenAI/Anthropic enterprise tiers with explicit no-training flags.
We work against API keys with the minimum scope required (read-only where possible, write only on the surface we're shipping to). Credentials live in your secrets manager. We don't copy them to a Forge laptop.
Discovery starts with masked or synthetic data. Real production data only enters the build environment if your security team explicitly approves a path. Most builds never need it.
Discovery recordings, internal Forge notes, and Slack channel exports are purged 90 days after final delivery. Notarised purge log on request.
If Forge becomes aware of any potential exposure of your data — accidental commit of a secret, lost laptop, sub-vendor breach — you're notified within 24 hours with an incident report. No legal-team gymnastics, no 'pending investigation' stalling.
You have the right to audit Forge's handling of your data with 30 days' notice. Most enterprise vendors fight this clause. We don't. Bring your own auditor or use ours; you pay theirs, we pay ours.
Some asks come up often enough that it's simpler to publish the answer here.
“Can you ship the code through a Forge-hosted relay so we don't have to manage credentials?”
No. The relay becomes a single point of failure with your data passing through it. Your credentials, your infrastructure. We'll help you set up the secrets manager if you don't have one.
“We'd like Forge to keep the agent code on your servers and license it back to us.”
No. Code transfers to your GitHub on day 28. The whole point of Forge is that you own the artefact. If you want a hosted SaaS, hire a SaaS vendor instead.
“Can you use ChatGPT (consumer) for prompt iteration?”
No. We use only enterprise/API tiers with no-training flags on every model provider. Consumer ChatGPT data flows are explicitly disallowed in the SOW.
“Can the agent log full customer conversations to a Forge dashboard for monitoring?”
No. Monitoring goes to your observability stack (Datadog / New Relic / OpenTelemetry). Forge sees logs only during the contracted post-launch support window, scoped to debugging — never aggregate customer data.
For your DPIA / GRC team. Updated when the stack changes.
| Vendor | Purpose | Data class | Region |
|---|---|---|---|
| OpenAI (API tier) | LLM inference during build (no-train mode) | Engineered prompts only | US |
| Anthropic (API tier) | LLM inference during build (no-train mode) | Engineered prompts only | US |
| GitHub | Source code hosting (your account) | Source code, your repo | US |
| Linear | Internal task tracking | Engagement metadata, no customer data | US |
| 1Password Business | Forge internal secrets (not yours) | Forge employee creds only | CA |
| Stripe | Invoicing & payment | Billing contact + line items | US |
| Cloudflare | Forge marketing site (this site) | Public marketing only | Global |
Need a signed DPA, NDA, or vendor risk questionnaire completed? Reply to your discovery email — most are turned around in 48 hours.
We default to a 30-minute call with your security or compliance lead during week 1 — to walk through the matrix, sub-processors, and any custom clauses your DPA needs. Free, scheduled with the discovery, lands you a signed SOW that doesn't get blocked at procurement.