RetirementForgeSign In

Privacy Policy

Effective April 1, 2026

1. Introduction

RetirementForge ("we," "our," or "us") is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the RetirementForge platform ("Platform"). By using the Platform, you consent to the practices described in this policy.

2. Information We Collect

2.1 Account Information

When you create an account, we collect your name, email address, and role (advisor, client, or organization administrator). For advisors, we may also collect professional licensing information you choose to provide.

2.2 Client Financial Data

Advisors enter client financial information into the Platform, including income, assets, liabilities, retirement goals, and tax profile data. This data is entered by the advisor on behalf of their clients and is used solely for financial planning purposes within the Platform.

2.3 Session Data

We record session activity including scenarios presented, illustrations generated, and documents shared. This data is maintained as an immutable audit trail for compliance purposes.

2.4 Usage Data

We automatically collect information about how you interact with the Platform, including pages visited, features used, session duration, browser type, and device information. We use Google Analytics to help understand usage patterns.

2.5 Communications

We collect information you provide when you contact us for support, submit bug reports, or communicate with us through the Platform.

3. How We Use Your Information

  • Providing and maintaining the Platform
  • Processing account registration and authentication
  • Generating financial illustrations, projections, and planning documents
  • Maintaining compliance audit trails for session activity
  • Sending transactional emails (invitations, Terms of Service updates, account notifications)
  • Improving the Platform through usage analytics
  • Responding to support requests and bug reports
  • Enforcing our Terms of Service

4. Data Storage and Security

All data is stored using Supabase, which provides enterprise-grade PostgreSQL databases with encryption at rest and in transit. We implement Row Level Security (RLS) policies to ensure users can only access data they are authorized to view. Authentication is handled through Supabase Auth with secure session management.

While we implement industry-standard security measures, no method of electronic storage is 100% secure. We cannot guarantee absolute security of your data.

5. Data Sharing and Disclosure

5.1 Advisor-Client Relationship

Client financial data entered by an advisor is accessible to that advisor and to the client through their respective accounts. If the advisor belongs to an organization (IMO), organization administrators may have read-only visibility into session activity and planning data for compliance and oversight purposes.

5.2 Service Providers

We use third-party services to operate the Platform, including Supabase (database and authentication), Vercel (hosting), Resend (email delivery), and Google Analytics (usage analytics). These providers process data on our behalf under their respective privacy policies.

5.3 Legal Requirements

We may disclose your information if required by law, regulation, legal process, or governmental request, or if we believe disclosure is necessary to protect the rights, property, or safety of RetirementForge, our users, or others.

5.4 No Sale of Data

We do not sell, rent, or trade your personal information or financial data to third parties for marketing or any other purpose.

6. Data Retention

We retain your data for as long as your account is active or as needed to provide the Platform. Session event records are maintained indefinitely as part of our compliance audit trail. If you request account deletion, we will remove your personal data, subject to any legal retention requirements. Compliance records may be retained as required by applicable regulations.

7. Your Rights

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and personal data
  • Export your data in a portable format
  • Opt out of non-essential communications

To exercise any of these rights, contact us at privacy@retirementforge.com.

8. Cookies and Tracking

The Platform uses essential cookies for authentication and session management. We use Google Analytics to understand usage patterns, which may set its own cookies. You can manage cookie preferences through your browser settings.

9. Children's Privacy

The Platform is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you through the Platform or via email. Your continued use of the Platform after changes are posted constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

RetirementForge Email: privacy@retirementforge.com