Privacy Policy
Last updated: June 24, 2025
1. Who we are
Forestwalk Labs, Inc. (“Forestwalk,” “we,” “our,” or “us”) is a British‑Columbia–incorporated company building software that helps teams work faster using AI. This policy explains how we handle information about people (“you”) who visit our website or use Forestwalk’s SaaS products and their related apps.
While we’ve kept this policy readable and are an early-stage startup, we follow the spirit of major privacy laws—including the EU GDPR, California CCPA/CPRA, and Canada PIPEDA. For questions, e‑mail founders@forestwalk.ai.
2. The short version
- We collect only what we need to run and improve Forestwalk’s products.
- We never sell personal data.
- We rely on a handful of reputable infrastructure and analytics providers (listed below).
- You can download or delete your data at any time.
- Our services are for users 16 years and older.
3. Information we collect
| Category | Examples | Why we need it |
|---|---|---|
| Account info | Name, e‑mail, Google sign‑in identifier | Create and secure your account |
| Usage data | Feature clicks, pages viewed, rough geolocation from IP | Understand product usage, improve UX |
| Content you provide | Text and context you provide so we can generate responses and suggestions | Deliver core functionality |
| Content from third parties | Google Calendar events, web search results | Deliver core functionality |
| Logs & diagnostics | Crash dumps, error traces, device/OS version | Fix bugs, keep the service reliable |
| Marketing preferences | Opt‑in status, message open rates | Send product updates and newsletters |
Sensitive data. We don’t expect you to submit regulated personal data (health, biometric, bank details). If you choose to do so, ensure you have the right to share it.
4. How we use your information
- Provide the service – authenticate you, process requests, show results.
- Improve & debug – analyse telemetry and error reports.
- Model quality & safety – we may assess inputs and AI responses to evaluate and debug Forestwalk’s products. We do not train models on user content, unless it is provided explicitly to us as feedback.
- Communicate – send transactional messages and, if you opt in, marketing updates.
- Safety & compliance – prevent abuse, enforce terms, satisfy legal requests.
Legal bases under GDPR: contract performance, legitimate interests, and consent, as applicable.
The use of raw or derived user data received from the Google Workspace APIs will adhere to the Google User Data Policy, including the Limited Use requirements.
5. Infrastructure & third‑party processors
| Purpose | Provider | Location |
|---|---|---|
| Cloud hosting | Render | United States |
| Product analytics | PostHog | United States |
| Error monitoring | Sentry | United States |
| Model monitoring | Helicone | United States |
| AI model APIs | OpenAI, Anthropic | United States |
We do not share, transfer, or disclose your information, including data from third parties such as Google Calendar data, except as described in this policy.
We’ll update this list here at least 30 days before we add or replace a provider.
6. International data transfers
Our primary infrastructure is in the United States. If you reside outside the U.S., your data will be transferred there. We rely on the Standard Contractual Clauses or equivalent safeguards offered by our vendors.
7. Cookies
We use only essential and analytics cookies – no third party ad tech.
8. Data retention
Application logs are kept for 90 days or less. Your in‑product content remains until you delete it, or 30 days after you close your account, whichever comes first – after which it is removed from active backups. Certain legal or security records may be retained as required to comply with law or resolve disputes.
9. Your rights
Depending on where you live, you may have the right to:
- Download – e‑mail us to get an export of your data.
- Erase – request deletion; we will remove data within 30 days.
- Correct – edit inaccurate info.
- Opt out – unsubscribe from marketing emails.
We aim to respond to all requests within 30 days.
10. Security
Traffic is encrypted in transit using TLS. We limit internal access to production systems to key personnel. If we detect a data breach that affects your personal data, we’ll notify affected users and regulators as required by law.
11. Age limit
Forestwalk’s products are intended for users 16 years and older. We do not knowingly collect data from children under 16. If you suspect a child has provided personal data, contact us and we will delete it.
12. Changes to this policy
We may update this page from time to time. Material changes will be flagged at the top of the page and, where feasible, e‑mailed to account owners. Continued use of Forestwalk’s products after a change means you accept the revised policy.
13. Contact
Questions or concerns?
✉️ founders@forestwalk.ai