Version 1.4

This privacy policy outlines and details our processing of User data arising from use of our Apps and Services.

1. Responsible authority

Responsible entity for data processing: Forge and Form GmbH, Ebersstraße 32, 10827 Berlin, Germany.

Further contact details: www.forgeandform.co/impressum

2. Scope of data processing

Personal User data that is gathered while using our apps and services is processed in a limited manner and in accordance with the applicable legal regulations.

The processing takes place for the purpose of fulfilling the usage contract pursuant to Art. 6 (1) lit. b) GDPR.

Data is generally retained for up to 90 days. Longer retention may apply where necessary to provide core functionality (e.g. user-saved templates) or where required by underlying service providers (e.g. analytics or diagnostic tools). In such cases, data is retained only as long as necessary for the respective purpose or until deletion by the user, where applicable.

Some of the third-party software solutions we use allow the collection and recording of data that could, under certain circumstances, provide information about the identity of the user. We do not make use of these functions and do not evaluate data in this way.

Technical Information

We gather data to give us insight into bugs, malfunctions and any unintended side-effects when using the app. This may include the operating system’s version, system language, crash logs and error messages. The data is used to ensure a stable, fault-free user experience.

User Insight & Content

We gather data about the User’s behavior when interacting with the App. This includes, among other things, time spent on certain screens, tapping of screen elements, a textual description of the video project and interacting with certain features. The User may also upload content via the App which might contain personal data. The data is used to better understand how the User interacts with the app, to let the User use the App and get the best experience, to better organize and manage the content presented on the App, and to better position ourselves to improve our offerings in accordance with User expectations.

Functionality

For some functionality such as effects, commands processing or the provision of content we rely on third parties. If a third party is involved the functionality is either marked "powered by" or similar, or the User is asked for explicit consent prior to any transfer of data.

Additional data

Additional data is gathered only if the User sends it to us directly via e-mail or the contact form within the App.

3. Analysis, Data Processing and Third Party Functionality

For data processing, analysis and additional content or functionality we rely on the parties listed here.

An appropriate level of data protection is assured by the use of standard contract clauses of the EU Commission as defined in Art. 46 (2) lit. c) GDPR.

Processing is carried out either for the performance of the contract pursuant to Art. 6 (1) lit. b) GDPR or based on our legitimate interests pursuant to Art. 6 (1) lit. f) GDPR, in particular for improving the App, ensuring stability, and providing additional functionality.

Where providers are located outside the European Economic Area, data transfers are carried out subject to appropriate safeguards, including standard contractual clauses pursuant to Art. 46 GDPR.

3.1 Analytics and Data Processing

The User can opt out of Analytics inside the App. When opting out, all analysis data relating to the App will be deleted from the User’s device.

Firebase SDKs and Google Analytics for Firebase
Firebase and Google Analytics for Firebase are provided by Google LLC., 1600 Amphitheatre Pkwy, Mountain View, CA 94043, United States. The data is collected together with an Install ID, which can group the collected information together to a user, but does not allow any conclusion about the identity of the user.
More information about how Firebase and Google Analytics for Firebase handle data can be found here:
https://firebase.google.com/support/privacy

Google Cloud (Hosting, Storage and Logging)
We use services provided by Google LLC., 1600 Amphitheatre Pkwy, Mountain View, CA 94043, United States for hosting, storage (including user-generated content such as templates), and logging. Personal data may be processed within this infrastructure solely for the purpose of providing and operating the App.
More information:
https://cloud.google.com/privacy

3.2 Functionality

Some functionality relies on additional processing by third parties. When using these features, user-generated content (such as images, videos, audio, text inputs, prompts) and associated technical metadata may be transmitted to the respective provider for processing.

Open AI API
Additional functionality and data processing is provided by OpenAI, L.L.C., San Francisco, Pioneer Building, 3180 18th St, San Francisco, USA. More information on how they handle User data can be found here:
https://openai.com/policies/privacy-policy

Stability AI Dreamstudio API
Additional functionality and data processing is provided by Stability AI Ltd., 88, Notting Hill Gate, London, W11 4HP, UK. For more information please review their privacy policy:
https://stability.ai/privacy-policy

Replicate API
Additional functionality and data processing is provided by Replicate Inc., 2261 Market Street #4056. San Francisco CA 94114, USA. More information can be found here:
https://replicate.com/privacy

ElevenLabs API
Additional functionality and data processing is provided by ElevenLabs Inc., 228 Park Ave S, PMB 74378, New York, NY 10003, USA. More information can be found here:
https://elevenlabs.io/privacy-policy

Luma AI API
Additional functionality and data processing is provided by Luma AI, Inc., 80 Hamilton Ave, P.O. Box 102, Palo Alto, CA, 94301, USA. More information can be found here:
https://lumalabs.ai/legal/privacy

MiniMax API
Additional functionality and data processing is provided by MiniMax Group Inc, No. 65 Guiqing Road, 11th Floor, Building B, Xinyan Building Xuhui District, Shanghai, China. More information can be found here:
https://platform.minimax.io/protocol/privacy-policy

AssemblyAI

Additional functionality and data processing is provided by AssemblyAI, 169 Madison Ave STE 38365, New York, NY 10016, USA. More information can be found here:

https://www.assemblyai.com/legal/privacy-policy

Resemble AI API

Additional functionality and data processing is provided by Resemble AI, 812 W Dana St, Mountain View, CA 94041, USA. More information can be found here:

https://www.resemble.ai/privacy-policy

3.3 Content

Additional content and functionality is provided by Tenor (Google LLC)., Pexels GmbH, TikTok Technology Limited and GIPHY Inc.. We make use of some of their SDKs and/ or their APIs which may collect additional information about the User such as search terms etc.. Third Party content providers are marked by "powered by" or similar.

Tenor (Google)
Additional content and functionality is provided by Google LLC., 1600 Amphitheatre Pkwy, Mountain View, CA 94043, United States. For detailed information about how they handle User data please review their privacy policy:

https://policies.google.com/privacy?hl=en/

Pexels API
Additional content and functionality is provided by Pexels GmbH, Rheinsberger Str. 76/77, 10115 Berlin. For detailed information about how they handle User data please review their privacy policy:

https://www.pexels.com/privacy-policy/

GIPHY API
Additional content and functionality is provided by GIPHY, Inc., 416 W 13th St, New York, NY 10014, USA. We make use of their APIs which may collect additional information about the User such as search terms and technical data (e.g. IP address or device information). For detailed information about how they handle User data please review their privacy policy:

https://giphy.com/privacy

TikTok SDK (Content Sharing)

The App may allow Users to share content via TikTok using the TikTok SDK (TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland).

This functionality is only activated upon explicit user action. When used, data such as the selected content and associated technical information may be transmitted to TikTok.

For more information, please refer to:

https://www.tiktok.com/legal/privacy-policy

3.4 Payments and Subscriptions

Payments and subscriptions may be processed via platform providers such as Apple App Store (Apple Inc., One Apple Park Way, Cupertino, CA 95014, USA) and Setapp (25 Serifou, Allure Center 11, Office No. 11-12, 2nd Floor, 3046 Zakaki, Limassol, Cyprus).

In this context, information such as subscription status, transaction details, and user identifiers may be processed in order to provide access to paid features. Payment details (e.g. credit card information) are processed directly by the respective platform provider and are not accessible to us.

For more information, please refer to the respective privacy policies:

https://www.apple.com/legal/privacy/

https://setapp.com/privacy

3.5 Authentication

Authentication may be performed using third-party providers such as Google Sign-In (Google LLC., 1600 Amphitheatre Pkwy, Mountain View, CA 94043, United States) and Sign in with Apple (Apple Inc., One Apple Park Way, Cupertino, CA 95014, USA).

In this case, information such as the User’s email address, user ID, and authentication tokens may be processed in order to authenticate the User and provide access to the App. Depending on the provider, the email address may be provided in anonymized form (e.g. Apple private relay).

For more information, please refer to:

https://policies.google.com/privacy

https://www.apple.com/legal/privacy/

4. Transfer of Data

We treat personal data as confidential. Data is shared with third parties only where necessary to provide the App’s functionality, to fulfill contractual obligations, or based on legitimate interests, as described in this privacy policy.

5. Changes to our Privacy Policy

We reserve the right to adjust the privacy policy with effect for the future in order to ensure a truthful representation of our efforts to assure the User’s privacy and of our handling of the User’s data.

6. User Rights

Users have the right to

to request information about any personal data processed by us pursuant to Art. 15 GDPR;
in accordance with Art. 16 GDPR, to immediately demand the correction of incorrect or incomplete personal data stored with us;
to demand the removal of personal data stored by us pursuant to Art. 17 GDPR;
to demand the restriction of the processing of your personal data in accordance with Art. 18 GDPR;
to receive, in accordance with Art. 20 GDPR, the personal data provided to us in a structured, standard and machine-readable format or to request transmission to another person responsible;
according to Art. 7 para. 3 GDPR, to revoke once given consent to us at any time. As a result, we are no longer allowed to continue the data processing based on this consent for the future, and
to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. As a rule, the User can contact the supervisory authority of the User’s place of residence or workplace, or at the registered office of our company.

If the User’s personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) sent. 1, lit. f) GDPR, the User has the right to object to the processing of her or his personal data according to Art. 21 GDPR, provided that there are reasons resulting from the User’s personal situation or insofar as the objection is aimed against direct marketing. In case of the latter, the User has a general right to object, which we will adhere to without specification of a particular situation.