01.What we collect
We collect only what we need to run ClipForge and improve it. Here's the full list, broken down by source.
Information you give us directly
- Your name and email address (used to create your account and send transactional email)
- Your password (stored as a one-way bcrypt hash — we never see the plaintext)
- Content you upload or paste into ClipForge: podcast files, video URLs, transcripts, blog posts, brand voice samples. This is your raw input to the AI.
- Optional brand voice training samples (stored as your personal voice profile)
Information collected automatically
- Usage analytics: pages viewed, buttons clicked, features used, session timing — collected via PostHog with your IP truncated for privacy
- Device and browser info: type, OS, browser version (helps us debug and prioritize platform support)
- Referrer URL and UTM parameters (helps us understand where users come from)
- Cookies needed to keep you logged in (an httpOnly session cookie) — see Cookies section below
Information from third parties
- Payment data from Stripe (we never see your card number — Stripe handles all PCI-sensitive data)
- Customer subscription state from Stripe webhooks (active, canceled, etc.)
If you forget your password and request a reset, we generate a single-use token. We do not store, log, or share your reset URL anywhere outside the email we send you.
02.How we use it
Every piece of data we collect serves one of these purposes. We do not sell your data. We do not share it with advertisers.
- Running the product: signing you in, generating clips, billing you accurately, sending password resets
- Improving the product: aggregated analytics to understand which features matter, which prompts produce poor output, where users get stuck
- Communicating with you: account confirmation, password resets, payment receipts, product update emails (you can opt out anytime)
- Protecting the service: rate limiting, abuse detection, fraud prevention
03.Third-party processors
ClipForge sends specific data to specific vendors for specific reasons. Here is the complete list — no hidden processors.
- Anthropic (Claude Sonnet 4.5): Your source text and brand voice samples are sent to Anthropic to generate clips. Anthropic does not train models on API inputs. Read their policy at anthropic.com/privacy
- OpenAI (Whisper): Uploaded audio is sent to OpenAI for transcription only. OpenAI does not retain or train on API audio.
- Stripe: Payment information including name, email, billing address, and card data goes directly to Stripe (we never receive card numbers).
- Resend: Your email address is shared with Resend so we can send transactional email (verification, password reset, receipts).
- PostHog (US-hosted): Usage events, pages visited, and CTA clicks are sent to PostHog. IP addresses are truncated.
- Emergent (hosting + Object Storage): Our application and database run on Emergent's infrastructure.
- YouTube (Google): When you paste a YouTube URL, we fetch the publicly-available transcript via Google's API.
We will tell you in this document (and announce it in our changelog) if we add a new processor. We will never quietly route your data to a new vendor.
04.Cookies and tracking
ClipForge uses a small number of cookies — all necessary for the product to work or for understanding aggregate usage.
- cf_session — httpOnly, secure, SameSite=Lax. Keeps you logged in. Expires when your session ends.
- ph_… (PostHog) — anonymous analytics. Truncated IP. Used for aggregated, not individual, behavior.
- We do NOT use advertising cookies, third-party tracking pixels, or cross-site trackers.
You can disable PostHog analytics by enabling 'Do Not Track' in your browser — our code respects that signal.
05.How long we keep your data
- Account info: until you delete your account
- Forge projects + generated clips: until you delete them or your account
- Brand voice samples: until you delete them or your account
- Email logs: 30 days, then deleted
- Analytics events: 365 days, then aggregated and individual records purged
- Payment records: 7 years (legally required for tax reporting)
06.Your rights
Whatever country you're in, you have these rights with ClipForge.
- Access — request a copy of your data by emailing hello@useclipforge.com (we reply within 30 days)
- Delete — delete your account from the dashboard at any time, and all your data is permanently removed within 30 days (excluding the payment records we are legally required to retain)
- Correct — fix any inaccurate information by editing your profile
- Object — opt out of product update emails (we will still send transactional emails like password resets)
- Port — request your data in a machine-readable JSON export
- Withdraw consent — disable analytics, delete your account, anytime
If you are in the EU, UK, or California, you have additional statutory rights under GDPR, UK GDPR, and CCPA — all of which we honor by default.
07.Security
- Passwords hashed with bcrypt (cost factor 12)
- Sessions stored in httpOnly cookies (JavaScript cannot read them)
- All traffic encrypted with TLS 1.3
- Database hosted in a private VPC, no public network access
- Rate limiting on auth and content endpoints to prevent brute force and abuse
- Secret keys rotated quarterly
If you believe you have found a security vulnerability, please email security@useclipforge.com. We do not yet have a paid bug bounty program but we do credit reporters publicly.
08.Children's privacy
ClipForge is not intended for users under 16. We do not knowingly collect personal information from children. If we learn we have collected data from a minor, we will delete it.
09.Changes to this policy
When we materially change this policy, we will email registered users and post the change in our changelog at least 7 days before the change takes effect. The 'last updated' date at the top of this page always reflects the most recent change.