Trade business owners and operators trust RollForge with proprietary financials, operational data, and benchmarking data that don't leave their business. We take that seriously. This policy explains exactly what we do with your data — and what we will not do with it.
We collect the minimum data necessary to provide the Platform. This includes:
Account data: Name, email address, organization name, and password (stored as a salted hash — plaintext passwords are not stored). Role assignments within your organization.
Customer Data: Portfolio company data, financial data, operational metrics, vendor spend data, KPI goals, and any other content you upload or enter into the Platform. You control this data entirely.
Usage data: Log data, feature usage patterns, IP addresses, and browser/device information — used to operate, maintain, and improve the Platform.
Communications: Email address and any content you send to us via support or inquiry forms.
Access logs: To support security and compliance, RollForge maintains access logs that capture user ID, action type, resource accessed, IP address, and timestamp for all financial data access events. Logs are retained for 90 days unless a longer retention period is required for a specific legal or contractual obligation. Access logs are not sold or shared with third parties.
Notification preferences: When you configure AI insight delivery or other notification preferences, we store your selected email address, timezone, and preferred delivery time. This information is used solely to deliver AI-generated insights and scheduled briefing summaries — it is not used for any other purpose and is not shared with third parties.
We do not collect payment card data directly. Payments are processed by Stripe, our payment processor. See our Subprocessors section for details.
Geographic availability. RollForge is designed for and made available only to users in the United States. We do not accept users from the European Union, United Kingdom, or other jurisdictions subject to the EU General Data Protection Regulation (GDPR). Any EU or UK resident who accesses this site receives a 403 error and is not permitted to create an account.
All Customer Data you upload to RollForge remains your property. We do not claim any ownership over your business financial data, operational data, or any other content you provide.
You retain full intellectual property rights in your Customer Data at all times. RollForge holds only a limited operational license to store and process that data for the purpose of providing the Platform to you — and for no other purpose.
You can export your data at any time from your account. On account termination, you retain the right to export all Customer Data before deletion. See Data Retention & Deletion for timelines.
RollForge enforces strict logical data isolation between customer accounts:
Database-level isolation: Each customer's data is isolated at the database layer using row-level security (RLS), enforced on all company, transaction, and financial data queries.
RollForge does not sell, rent, license, or otherwise monetize your Customer Data with any third party.
We do not share your Customer Data with third parties except in the following limited circumstances:
In all cases, we contractually require our subprocessors to maintain confidentiality and data protection standards at least as protective as those described in this Policy.
We use the data we collect for the following purposes:
RollForge enforces role-based access control (RBAC) within each organization:
Audit logging. RollForge logs data access and modification events at the application level. Access logs are retained for compliance and security incident investigation purposes. We are committed to expanding audit log coverage and making audit trails available to customers as part of our security roadmap.
RollForge staff access. Access to production customer data by RollForge personnel is restricted to a minimal set of individuals and is limited to what is necessary for support and operations. We do not routinely access your Customer Data.
During your subscription: We retain Customer Data for as long as your account is active. You can delete individual records, data sources, or reports at any time from within the Platform.
On account termination:
Data deletion requests. You may request deletion of specific Customer Data at any time by contacting us at info@rollforgeops.ai. We will process deletion requests within 30 days.
Legal holds. In limited cases, we may be required to retain certain data longer to comply with applicable legal obligations.
We use the following key subprocessors to operate the Platform. All subprocessors are contractually bound to maintain data confidentiality and security standards consistent with this Policy.
| Subprocessor | Purpose | Data Shared |
|---|---|---|
| Anthropic / Claude (via Polsia AI proxy) | AI-powered features: insight generation, financial analysis, daily briefings. Data submitted is not retained by Anthropic for model training or used to improve their models. | Customer Data submitted for AI analysis |
| OpenAI / ChatGPT (via Polsia AI proxy) | AI-powered features: report generation, budget planning, data analysis, chat. Data submitted is not retained by OpenAI for model training or used to improve their models. | Customer Data submitted for AI analysis |
| Intuit Inc. (QuickBooks) | Accounting data integration via OAuth 2.0. Only accessed when a customer explicitly connects their QuickBooks account. Credentials stored encrypted (AES-256-GCM) and not written to application logs. | Accounting data, invoices, P&L, balance sheet, chart of accounts — for connected accounts only. Accessed only when the customer enables the integration. |
| Meta Platforms, Inc. (Facebook) | Advertising and conversion tracking. Event data and hashed email is shared with Meta via the Conversions API when you grant marketing consent. Meta is listed here as a “shared with” recipient under the California Consumer Privacy Act — it is not a traditional subprocessor. | Event data (PageView, Purchase, Lead, trial_started), hashed email for audience matching, IP address, user agent. Activated only after you explicitly opt in to marketing tracking. |
| Neon | PostgreSQL database hosting. SOC 2 Type II certified. AES-256 encryption at rest. | All Customer Data stored at rest |
| Plaid, Inc. | Financial data aggregation via Plaid Link. Only accessed when a customer explicitly connects a bank account. Plaid is a licensed data aggregator that maintains its own SOC 2 Type II certification. Bank credentials and access tokens are stored encrypted (AES-256-GCM) and not written to application logs. | Bank account credentials (via Plaid Link flow), access tokens, transaction data, account balances — for connected accounts only. |
| PostHog (US Cloud) | Product analytics — page visits and feature usage. Runs by default (opt-out model). Global Privacy Control (Sec-GPC: 1) automatically suppresses PostHog. You can opt out at any time at /privacy/preferences or via the Manage Cookie Preferences button below. RollForge does not share PII with PostHog beyond anonymized distinct IDs. | Anonymized page-visit and feature-usage events. Suppressed by GPC or explicit opt-out. |
| Postmark | Transactional email delivery (invites, notifications, reports). | Email address, email content |
| Render | Application hosting and infrastructure. SOC 2 Type II certified. | All application data processed in transit |
| ServiceTitan | Field service management integration. Only accessed when a customer explicitly connects their ServiceTitan account. Read-only access — RollForge does not write data to ServiceTitan. Credentials stored encrypted (AES-256-GCM) and not written to application logs. | ServiceTitan jobs, revenue, and technician data for connected accounts only. Accessed only when the customer enables the integration. |
| Stripe | Payment processing. PCI DSS Level 1 certified. Card data is not stored by RollForge. | Billing email, subscription status |
| Twilio Inc. | SMS delivery and phone number verification. https://www.twilio.com/en-us/legal/privacy | Mobile phone number, SMS message content — for opted-in users only |
| Xero Ltd. | Accounting data integration via OAuth PKCE. Only accessed when a customer explicitly connects their Xero account. Credentials stored encrypted (AES-256-GCM) and not written to application logs. | Accounting data, invoices, P&L, bank transactions — for connected accounts only. Accessed only when the customer enables the integration. |
We will update this list when we add or change subprocessors. Material changes will be communicated via email with 30 days' advance notice.
We use a minimal set of cookies. The table below categorizes every cookie or script currently active on this site.
Analytics (default-on for US visitors): Anonymous visitor tracking (PostHog and the Polsia analytics beacon) is enabled by default for visitors accessing RollForge from US IP addresses. This is a standard implied-consent model consistent with US privacy law requirements. Users may opt out at any time via the Manage Cookie Preferences button below, or by enabling Global Privacy Control (GPC) in their browser, which automatically suppresses all analytics tracking. For non-US visitors, analytics are off by default.
Marketing (opt-in): Our Meta Pixel (Facebook conversion tracking) is only activated after you explicitly grant marketing consent — it is not loaded by default. GPC or the CCPA opt-out button below also suppresses the Meta Pixel. The Meta Pixel is listed in the Subprocessors section as a "shared with" recipient under CCPA, not as a subprocessor.
| Name / Script | Category | Purpose |
|---|---|---|
| session_token | Essential | HttpOnly, secure. Identifies your authenticated session. Required for login to work. |
| rf_consent | Essential | Stores your cookie consent choice. Required to honor your preferences. |
| rf_anon_id | Analytics | Anonymous visitor ID for page-view tracking on rollforgeops.ai. Not linked to personal data. |
| Polsia analytics beacon | Analytics | Page-visit tracking via Polsia's internal analytics (polsia.com/api/beacon). Only fires with analytics consent (default: off). Data stays on Polsia infrastructure — not shared with third parties. You can opt in or out at any time at /privacy/preferences. |
| PostHog (us.i.posthog.com) | Analytics | Product analytics — page visits and feature usage. Enabled by default for US visitors (implied consent); non-US visitors are off by default. Global Privacy Control (GPC, Sec-GPC: 1) automatically suppresses it. PostHog is listed in the Subprocessors section as a service we share anonymized event data with. You can opt out at any time via the Manage Cookie Preferences button below or at /privacy/preferences. |
| Meta Pixel (Facebook / fbevents.js) | Marketing / Advertising | Facebook/Meta conversion tracking pixel. Loads only after you explicitly grant marketing consent. Fires PageView and custom conversion events when active. Meta Pixel is listed in the Subprocessors section as a "shared with" recipient under CCPA. Suppressed by the CCPA opt-out button below or by enabling GPC. |
| Chart.js (jsdelivr CDN) | Functional | Charting library loaded from cdn.jsdelivr.net. Used on dashboard pages for data visualization. |
| Self-hosted Fonts | Functional | Typography fonts (Inter, JetBrains Mono) are self-hosted on rollforgeops.ai. No third-party font CDN requests are made. |
| Plaid Link SDK | Functional | Loaded only on bank-linking pages when a user actively initiates a Plaid connection. Not present on public pages. |
You can manage your preferences at any time:
If you are a California resident, the California Consumer Privacy Act (CCPA) gives you specific rights over your personal information. This section describes those rights and how to exercise them.
Your rights under CCPA:
RollForge operates two tracking buckets: (1) Analytics — anonymous page-visit and feature-usage tracking, which runs automatically and collects no personally identifying information; your anonymous data is only associated with your account after you explicitly accept our analytics consent via the consent banner or below. This bucket can be suppressed via the button below or by enabling Global Privacy Control (GPC) in your browser; and (2) Marketing — Meta Pixel and Facebook conversion tracking, which is only activated after you explicitly opt in. Clicking "Opt Out" below suppresses both buckets. It disables the Polsia analytics beacon, suppresses PostHog, and prevents the Meta Pixel from loading.
How to exercise other rights: Email info@rollforgeops.ai with the subject "CCPA Request" and describe your request. We will respond within 45 days. We may need to verify your identity before processing the request.
Global Privacy Control (GPC): If your browser sends the Sec-GPC: 1 signal, RollForge treats this as an automatic opt-out from analytics and marketing tracking. No action required on your part.
Authorized agents: You may designate an authorized agent to make requests on your behalf. The agent must provide proof of authorization and we may require you to verify your identity directly.
RollForge is committed to achieving and maintaining enterprise-grade security standards. Our current compliance posture and roadmap:
For accounts with specific compliance requirements (GDPR data processing agreements, custom security reviews, vendor questionnaires), contact us at info@rollforgeops.ai.
In the event of a confirmed security breach affecting your Customer Data, RollForge commits to:
We maintain incident response procedures and will provide ongoing updates as the situation develops following any confirmed incident.
Questions about this Policy, data deletion requests, or security concerns — contact us at info@rollforgeops.ai. We respond to all data-related inquiries within 2 business days.
Changes to this Policy. We may update this Policy from time to time. When we make material changes, we will notify you by email at least 14 days before the changes take effect. The "Last updated" date at the top reflects the most recent revision.
Also see our Terms of Service for the full contractual framework governing your use of RollForge.
RollForge is designed for and made available only to users in the United States. We do not accept users from the European Union, United Kingdom, or other jurisdictions subject to the EU General Data Protection Regulation (GDPR).
Any user who attempts to access RollForge from an EU or UK IP address will receive a 403 error and will not be permitted to create an account. If you believe you have received this message in error, contact info@rollforgeops.ai.
This restriction applies to all RollForge services, including our website, dashboard, AI chat, and all API endpoints. GDPR compliance obligations require us to decline EU/UK registrations entirely — there is no opt-in mechanism or separate processing arrangement for EU users.
RollForge may send SMS text messages to users who have opted in. SMS communications are governed by this section in addition to the rest of this Policy.
Opt-in method. SMS opt-in occurs via a web form at rollforgeops.ai/signup. You provide your mobile phone number and check a consent checkbox. Pre-checked consent boxes are not used — consent must be affirmative and voluntary.
Opt-out. You may unsubscribe at any time by replying STOP to any SMS message. Upon receiving your STOP request, we will unsubscribe you within 24 hours and send a final confirmation message.
Message frequency. Message frequency varies depending on your account status. During a free trial, you may receive up to 4 messages per month. After conversion to a paid subscription, the frequency is typically lower. Messages may include account notifications, billing alerts, trial reminders, and support communications.
Carrier data rates. Message and data rates may apply depending on your mobile phone service plan. RollForge is not responsible for charges imposed by your carrier.
Non-sharing of mobile numbers. We do not share your mobile phone number with third parties for marketing purposes. Your number is used solely to deliver RollForge communications as described in this section.
Help. For assistance with SMS communications, reply HELP to any message, or contact us at info@rollforgeops.ai.