Legal
Privacy Policy
How we collect, use, and protect personal data when you use PsyForge as a respondent or as a tenant administrator.
Last updated:
What we collect
Account data (email, password hash, role), API usage events, assessment responses keyed to a session id, and platform logs (IP, user-agent, request id). We do NOT collect raw demographic data unless an admin opts in via the assessment-batch flow.
How we use it
To run the platform: authenticate you, score sessions, deliver reports, bill correctly, and detect abuse. We use aggregate, de-identified usage data to improve the product. We do not sell personal data, full stop.
Who we share it with
Sub-processors only — Stripe for billing, S3 / MinIO for object storage, our AI providers (Anthropic / OpenAI / DeepSeek / Qwen) for narrative generation when an admin opts in. We sign DPAs with each. A list will be published before launch.
Your rights
You can export your data via /v1/account/export, delete your account via /v1/account/delete, and revoke any API key from the dashboard. EU / UK / California rights (access, rectification, erasure, portability) apply; we honor verified requests within 30 days.
Retention
Active accounts retain data for the lifetime of the account. Soft-deleted accounts are purged 30 days after deletion. Audit logs are kept 12 months. We will document tenant-configurable retention windows in the final policy.
Questions or concerns? Email us at legal@psyforge.dev