APIForge← Back
Legal · Privacy

Privacy Policy

Last updated: January 2026 · BrainFog LLP

We built APIForge to make developers' lives better — not to harvest their data. This policy explains exactly what we collect, why, and how you can control it.

01

What We Collect

When you connect your GitHub account, we receive your GitHub username, email address, and a list of repositories you explicitly grant access to. We never read repositories you haven't authorised.

We collect usage data — which features you use, how often, and basic performance metrics — to improve the product. This data is aggregated and never sold.

We store the API documentation we generate on your behalf, associated with your account, so you can access it at any time.

02

What We Never Do

We never sell your data to third parties. Ever. Full stop.

We never read your source code beyond what is necessary to generate documentation for the routes you've asked us to analyse.

We never store your GitHub OAuth token beyond the active session. Tokens are used in-memory and discarded.

03

How We Use Your Data

Your email is used to send you account notifications (approvals, revocations) and, if you opt in, product updates. You can unsubscribe at any time.

Repository data is used solely to generate and serve your API documentation. It is not used for training AI models.

Usage analytics help us understand which features matter most so we can build a better product for you.

04

Data Retention

Your account data is retained for as long as your account is active. If you delete your account, all associated data — including generated documentation — is permanently deleted within 30 days.

You can request an export of all your data at any time by contacting us at privacy@apiforge.dev.

05

Third-Party Services

We use Groq to power AI analysis. Route data sent to Groq is subject to their privacy policy. We send only the minimum necessary code context — never full repository contents.

We use standard cloud infrastructure (database, hosting) with encryption at rest and in transit.

06

Your Rights

You have the right to access, correct, export, or delete your personal data at any time. Contact us at privacy@apiforge.dev and we'll respond within 48 hours.

If you're in the EU or UK, you have additional rights under GDPR/UK GDPR including the right to object to processing and the right to lodge a complaint with your supervisory authority.

07

Contact

Questions about this policy? Email privacy@apiforge.dev. We're humans, not a legal department — we'll give you a straight answer.

© 2026 APIForge — BrainFog LLP