ForkD← Back to home
Informational only — not legal advice. This document is provided for transparency about how ForkD operates. It has not been reviewed by your attorney and does not create an attorney-client relationship. If you need legal advice, please consult a qualified attorney in your jurisdiction.

Privacy Policy

Effective May 14, 2026

Who we are

ForkD LLC ("ForkD," "we," "us") operates the ForkD AI app builder, marketplace, and Guardian on-chain licensing service at forkdme.com and builder.forkdme.com. This Policy explains what personal data we collect, how we use it, and the third parties we share it with.

Data we collect

  • Account information — name, email, password hash, optional profile data.
  • Date of birth — collected once at sign-up to confirm you meet the 18+ minimum and never displayed publicly.
  • Phone number — collected only if you opt into Guardian phone verification (basic → verified tier).
  • Push subscription tokens — created when you enable browser/PWA push notifications.
  • Uploaded media — screenshots and other images you upload for marketplace listings.
  • Generated prompts and code — the prompts you submit to the planner and the code we generate for you, stored against your account so you can return to projects.
  • Payment metadata — billing-related fields stored by Stripe (we do not store full card numbers).
  • Guardian on-chain license data — your derived license key and the public Solana devnet address (PDA) of your license record.
  • Usage and device data — IP, user agent, sidebar state cookie, and basic event analytics needed to run the Service securely.

How we use it

  • Provide and operate the Service (generating apps, building, previewing, hosting the marketplace).
  • Verify your age and phone number for Guardian tiering.
  • Process subscription payments and prevent fraud.
  • Detect and respond to risk signals via the Guardian webhook pipeline.
  • Send transactional notifications you've opted into (push, email).
  • Communicate with you about your account or material changes to the Service.

Third-party processors

We share the minimum data needed with the following processors:

  • MongoDB Atlas — primary application database.
  • OpenRouter (Claude) — sends your prompts to the AI planner / code generator.
  • Expo / EAS — cloud builds (iOS + Android) and App Store / Play Store submission.
  • Expo Snack — embedded live preview of generated apps.
  • Cloudinary — image upload, storage, and delivery for screenshots and listing media.
  • Stripe — subscription billing and payment processing.
  • Twilio — SMS delivery for Guardian phone verification codes.
  • Privy — server-wallet signing for Guardian on-chain transactions.
  • Resend — transactional email delivery (Guardian alerts).
  • Solana devnet & the Guardian Anchor program — public-ledger licensing data (license PDA, fee splits).
  • Web Push providers (Apple/Google/Mozilla) — deliver push notifications to your device when enabled.
  • The ForkD marketplace backend at forkdme.com — central account, listings, escrow, and analytics service.

Security

Data in transit is encrypted with TLS. Database access is restricted by network and credential controls. Verification codes are stored only as salted SHA-256 hashes. No system is perfectly secure; you use the Service at your own risk.

Your rights

You have the right to access, correct, export, or delete your personal data. You can exercise these rights directly and instantly from your account:

  • Export my data — download a JSON bundle of your profile, Guardian record, and push subscriptions. Available in Account & Data settings (the user pill in the top-right corner of the builder).
  • Delete my account — permanently removes your profile, scrubs personal information from our records, and revokes push subscriptions. Also available in Account & Data settings. Both actions require password re-entry.

For requests we cannot fulfil self-serve (e.g. correction of specific fields, questions about third-party processors), email support@forkdme.com. We will respond within a reasonable timeframe and as required by applicable law.

Note: on-chain Guardian license PDAs and signed transactions are public and immutable on the Solana ledger and cannot be removed regardless of account deletion.

Cookies

See our Cookie Notice. In brief: a sidebar-state cookie, JWT in sessionStorage/localStorage, push subscription identifiers, and minimal first-party analytics.

Minors

The Service is not directed to anyone under 18. We do not knowingly collect data from users under 18. If we learn an account belongs to someone under 18, we will delete the account and associated personal data.

Retention

We retain account data for as long as your account is active and for a reasonable period afterward to satisfy legal, accounting, and dispute-resolution needs. On-chain license records persist on the Solana ledger and are outside our control.

International transfers

We and our processors operate primarily from the United States. By using the Service you consent to the transfer and processing of your data in the U.S. and any other jurisdictions where our processors operate.

Changes

We may update this Policy from time to time. Material changes will be announced at least thirty (30) days before they take effect.

Governing law & contact

This Policy is governed by the laws of the State of Mississippi, USA. Questions: support@forkdme.com.