Privacy Policy
ForgeCo.AI LLC — Last Updated: February 27, 2026
This Privacy Policy details the data collection, processing, and protection protocols established by ForgeCo.AI LLC, an Alabama Limited Liability Company (referred to herein as “the Company,” “the Organization,” or “the Enterprise”). This document governs the privacy practices applicable to the AI-powered business automation services, website applications, and related telecommunications platforms provided to commercial clients (referred to herein as “the User,” “the Client,” or “the Business”).
The Organization is committed to maintaining the confidentiality and security of personal and commercial data in strict compliance with applicable state and federal regulations, including the Alabama Data Breach Notification Act and the telecommunications compliance standards established by the Cellular Telecommunications and Internet Association (CTIA).
SMS Program Disclosure
Program Name: ForgeCo.AI Service Communications
ForgeCo.AI delivers automated business communications on behalf of trade service companies, including appointment reminders, missed call notifications, estimate follow-ups, invoice follow-ups, and review requests. Message frequency varies based on your interactions with the business. Message and data rates may apply. Carriers are not liable for any delayed or undelivered messages.
To opt out of messages, reply STOP to any message. For help, reply HELP or contact support@forgeco.ai or call (205) 236-7583.
Consent to receive SMS messages is voluntary and is not a condition of purchasing any goods or services.
Section 1. Categories of Information Collected
To facilitate the delivery of automated appointment reminders, missed call notifications, estimate and invoice follow-ups, and review management workflows, the Company collects specific categories of operational information. This information is collected directly from the User, automatically through authorized system integrations, or via direct interactions with the software platform.
1.1. Client Account Information
Business entity name, contact person names, authorized email addresses, billing addresses, and primary business telephone numbers.
1.2. Customer End-User Data
Consumer phone numbers, consumer names, appointment scheduling details, historical service records, and property service locations provided directly by the User.
1.3. Communication Logs
System timestamps of sent and received messages, cellular network delivery statuses, routing error codes, and the textual content of SMS communications occurring between the User’s business and their end-consumers.
1.4. Financial Information
Commercial transaction records, subscription payment history, and billing details. All complex financial processing is executed securely by third-party payment processors.
1.5. Technical and Usage Data
Internet Protocol (IP) addresses, browser classification types, user interaction metrics, and API access logs generated during the routine utilization of the software.
Section 2. Utilization of Collected Data
The information collected is utilized exclusively for the provision, maintenance, security, and improvement of the B2B SaaS platform. Specifically, data is processed for the following definitive operational purposes:
2.1. Service Delivery
Executing the core functionalities of the platform, including the generation and transmission of automated appointment reminders, missed call notifications, estimate and invoice follow-ups, and review requests to the User’s end-consumers.
2.2. System Orchestration
Triggering digital workflows based on calendar events, database updates, or missed telecommunications.
2.3. Customer Support
Diagnosing technical platform issues, responding to Client inquiries, and providing administrative or technical assistance.
2.4. Billing and Account Management
Processing monthly subscription fees, managing tier upgrades, and preventing fraudulent commercial transactions.
2.5. Compliance and Security
Auditing system access logs to detect, prevent, and mitigate cybersecurity vulnerabilities or unauthorized network activities.
Section 3. Third-Party Service Providers and Subprocessors
The Company engages specialized, enterprise-grade third-party infrastructure providers to deliver the platform services. These subprocessors are bound by stringent data protection agreements and are authorized to process data solely to the extent necessary to perform their designated technical functions.
3.1. Twilio
Utilized as the primary telecommunications gateway provider for the transmission, routing, logging, and delivery of all SMS and voice communications.
3.2. Anthropic AI
Utilized as the artificial intelligence subprocessor for natural language processing and dynamic message generation. The Organization utilizes Anthropic’s Commercial API. Consequently, the data processed through Anthropic is strictly utilized for immediate inference generation and is explicitly contractually excluded from being used to train Anthropic’s foundational AI models.
3.3. Airtable
Utilized as the primary relational database infrastructure for the secure, encrypted storage of appointment details, service histories, and communication logs.
3.4. n8n
Utilized as the secure workflow automation engine to route data packages between the storage database, the AI subprocessor, and the telecommunications provider.
3.5. Stripe & Mercury Bank
Utilized for secure Payment Card Industry (PCI) compliant payment processing, financial transaction routing, and institutional banking. No full credit card numbers or sensitive banking credentials are stored directly on the Company’s primary operational servers.
Section 4. SMS Originator Opt-In Data and Non-Sharing Clause
The Organization strictly adheres to the telecommunications regulations mandated by the CTIA and the mandatory campaign vetting requirements enforced by The Campaign Registry (TCR) for Application-to-Person (A2P) 10DLC messaging operations.
All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.
Furthermore, no mobile information, including consumer phone numbers or SMS consent records, will be sold, traded, rented, or shared with affiliates or unauthorized third parties for promotional or marketing purposes. The sharing of information is permitted strictly to integrated technical subcontractors (e.g., Twilio) solely for the mechanical delivery of the customer service and communication functionalities explicitly requested by the User.
Section 5. Data Retention and Deletion Policies
5.1. Active Accounts
Customer end-user data, historical service records, and communication logs are retained for the duration of the User’s active software subscription to facilitate uninterrupted ongoing service delivery and historical contextual referencing.
5.2. Account Termination
Upon the formal termination or cancellation of a Client account, the Organization initiates a comprehensive data deprecation protocol. Routine operational data is securely deleted, purged, or irreversibly anonymized within ninety (90) days of final account closure.
5.3. Opt-Out Records
Records of end-consumer telecommunications opt-outs (e.g., STOP network requests) are retained indefinitely on mechanical suppression lists to ensure absolute, ongoing compliance with the Telephone Consumer Protection Act (TCPA) and to prevent unauthorized future automated communications.
5.4. Deletion Requests
Users may request the manual deletion of specific end-consumer data sets at any time by submitting a formal request to the designated support team, subject to technical feasibility and superseding legal retention obligations.
Section 6. CCPA and State Privacy Rights
Although the Organization operates primarily as a B2B service provider headquartered within the State of Alabama, it extends comprehensive data privacy rights in alignment with the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), and equivalent modern state privacy legislative frameworks to ensure a standardized national protection posture.
6.1. The Right to Know
The right to request formal disclosure of the specific pieces and broad categories of personal information collected, the sources of that information, and the commercial business purpose for collecting it.
6.2. The Right to Delete
The right to request the permanent deletion of personal information collected and maintained by the Organization, subject to certain legal, security, and operational exceptions.
6.3. The Right to Correct
The right to request the immediate correction of inaccurate personal information maintained within the platform’s systems.
6.4. The Right to Opt-Out
The right to formally opt-out of the sale or sharing of personal information. As explicitly stated in Section 4 of this document, the Organization does not sell personal information or share SMS opt-in data for marketing purposes under any circumstances.
6.5. The Right to Non-Discrimination
The right to not receive discriminatory treatment, altered pricing, or degraded service quality for the lawful exercise of these privacy rights.
To exercise any of these statutory rights, formal inquiries must be directed to the contact information provided in Section 7. The Organization is legally required to verify the identity of the requester prior to processing the execution of the request.
Section 7. Contact Information
For administrative questions, compliance concerns, or formal requests regarding this Privacy Policy, data processing practices, or state and federal regulatory compliance, please contact the Organization at:
ForgeCo.AI LLC
Birmingham, Alabama 35242
Email: support@forgeco.ai
Phone: (205) 236-7583