OpsForge
FeaturesHow it WorksBlogFree ToolsPricing
Sign inGet Started
FeaturesHow it WorksBlogFree ToolsPricingSign inGet Started
Legal

Privacy Policy

Last updated: 29 April 2026

OpsForge("we", "our", "us") respects your privacy. This policy explains what we collect, how we use it, and the choices you have. It applies to the OpsForge web application and the services you use to connect and manage your clients.

What we collect

  • Account information. Email, name, and profile image you provide at sign-up (or that your Google account provides on OAuth sign-in).
  • Authentication token. After you sign in, we issue a short-lived session token so you stay signed in across sessions without logging in twice. The token is sent to our API only to authenticate your requests.
  • Client connections and access tokens. When you invite a client and they grant access, we store the read-level OAuth tokens needed to connect their marketing platforms (Google Analytics 4, Search Console, Google Tag Manager, and Google Ads, with more on the way), along with the connection metadata you and your client provide. These tokens are used only to maintain the connections you set up.
  • Usage metadata. Per-account client connection counts (used to enforce plan limits), timestamps, the platforms connected, and your plan tier.
  • Billing. Handled by Stripe on our web app. We do not see or store your card details.
  • Login activity. When you sign in or sign out, we record the timestamp, IP address, browser user-agent, and approximate country. This helps you detect unauthorised access to your account and lets us understand product engagement in aggregate. We do not sell or share this data.

How we use it

We use the access your clients grant to connect their marketing platforms to your OpsForgeworkspace, keep those connections live, and show you the status of each one. We use aggregate usage numbers (clients connected, platforms linked) to improve the product.

We do not sell, rent, or share your data with third parties for advertising or profiling.

Client access and OAuth tokens

OpsForge is an access collector for agencies. When you send a client a branded connection link and they approve it, the client authorises read-level access to the platforms they choose. Here is exactly how we handle that access.

  • Read-level by design. We request the minimum scopes needed to read the assets you connect (for example, GA4 properties, Search Console sites, Google Tag Manager containers, and Google Ads accounts). We do not request write or delete access.
  • Encrypted token storage. OAuth access and refresh tokens are stored encrypted and used only to maintain the connections you and your client set up. They are never exposed in API responses and never used for any other account.
  • Revocable at any time. You can disconnect a client from your workspace, and a client can revoke access from their own platform settings. Revoking access deletes the stored tokens for that connection.
  • No content selling or profiling. We do not use connected data for advertising, profiling, creditworthiness scoring, or any purpose unrelated to running the connections you create.

We do not sell or transfer user data to third parties outside of approved use cases (Stripe for payments, Google APIs for the connections themselves, a managed PostgreSQL database for data storage, and Resend for transactional email).

Your data, your control

  • You can disconnect any client or platform from your workspace at any time.
  • You can export your account data from Settings.
  • You can delete your account from Settings. This removes all stored client connections, access tokens, and account data.

Security

Data is stored in a managed PostgreSQL database with row-level security so only you can read your own records. Traffic is encrypted with TLS. Authentication uses short-lived session tokens.

AI provider API keys

If you add your own AI provider API key (Anthropic, OpenAI, Google, or xAI) via Settings › AI Providers, here is exactly how we handle it:

  • Encrypted at rest. Your API key is encrypted with AES-256 before being written to our database. The plaintext key is never stored. We hold only the encrypted ciphertext plus the last four characters of the key so you can identify which key you saved.
  • Used only for your requests. The key is decrypted in memory only at the moment your AI request is processed, and only to call the AI provider on your behalf. It is never logged, never exposed in API responses, and never used for any other account.
  • Never shared or sold.Your key is not shared with third parties beyond the provider it belongs to (e.g. your Anthropic key is sent only to Anthropic's API endpoint during your AI request).
  • You control deletion.You can remove your API key at any time from Settings › AI Providers. Deletion permanently removes the encrypted ciphertext from our database.

Cookies

We use essential cookies for authentication and your preferences (such as theme). Optional analytics and marketing cookies are only set after you accept them in our cookie banner, and no non-essential cookie loads before you consent. You can change or withdraw your choice at any time from our Cookie Policy page, and we honour the Global Privacy Control (GPC) browser signal. That page also lists every cookie, its purpose, and its duration.

Sub-processors

We share data with a small set of vetted sub-processors that help us run the service (hosting, database, payments, transactional email, error monitoring, and AI processing). The current list, including each vendor's purpose and data location, is published on our Security page. We do not sell your personal information.

Data Processing Agreement

Business customers can request a GDPR Art. 28 Data Processing Agreement. See how to request a DPA.

Your California privacy rights (CCPA / CPRA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act, as amended by the CPRA.

Categories of personal information we collect. Identifiers (name, email, account ID); commercial information (subscription plan and billing handled by Stripe); internet and network activity (login activity: timestamp, IP address, user-agent, approximate country; usage metadata); and the content you submit for processing. We collect these to provide and secure the service, as described above. We do not collect sensitive personal information for the purpose of inferring characteristics, and we do not knowingly collect data from children.

We do not sell your personal information,and we do not "share" it for cross-context behavioural advertising. Analytics and marketing cookies run only with your consent. You can opt out at any time using the Do Not Sell or Share My Personal Information control on our Cookie Policy page, and we treat a Global Privacy Control signal as a valid opt-out.

Your rights. You have the right to know what personal information we hold and how we use it, the right to delete it, the right to correct it, and the right to opt out of any sale or sharing. You can exercise the rights to know and delete directly: download a copy of your data or permanently delete your account from Settings. You may also email us (see Contact below) and we will respond within the timeframes the law requires.

Non-discrimination. We will never deny you service, charge a different price, or provide a different quality of service because you exercised any of these privacy rights.

Changes to this policy

If we make material changes, we will update the date above and, for signed-in users, show a notice on your next visit.

Contact

Questions? Email hello@opsforge.agency or see our Terms of Service.

OpsForge

The operations platform for digital marketing and advertising agencies.

Product
FeaturesHow it WorksFree ToolsPricing
Resources
BlogRoadmapHelp
Company
SecuritySupportPrivacyCookie PolicyTerms
© 2026 OpsForge. All rights reserved.
run your agency, not the chaos.
Built by Apptimistic