Privacy

Privacy for audit requests.

Last updated: May 28, 2026. ContractForge is designed around local-first repository work and email-first intake. The default request path does not ask you to upload source code.

What The Website Collects

This static site is hosted on Cloudflare Pages and uses email links for intake. If you send an email, the message may include your name, company, website, role, repo context, workflow description, expected commands, timing, and contact details. Cloudflare Email Routing, Mailgun, and normal mailbox providers may process message content and metadata as part of delivery, routing, and smoke testing.

What Not To Send

Do not send secrets, credentials, production access, regulated data, private source code, or customer data through the initial website intake. The first email should describe the review pattern, not transmit the repository.

Audit Materials

For a paid audit, repository access, traces, reports, generated files, and communication channels should be agreed in writing before work begins. The default audit path uses a local clone or worktree and does not require source-code upload by default.

Use Of Information

• Respond to audit requests and fit questions.
• Confirm scope, authorization, price, and timing.
• Prepare and deliver the agreed audit artifacts.
• Maintain internal records of actual inquiries, paid approvals, delivery status, and support requests.

Analytics And Forms

The current static site does not include a server-side form or analytics tag. If analytics, a hosted form, a scheduler, or a payment provider is added later, this page should be updated before publication of that change.

Contact

Privacy requests: privacy@contractforge.dev