▪ Your data

Privacy policy

ForgeNet collects only what is strictly necessary to operate its services. No reselling, no advertising profiling, no sharing for marketing purposes.

1. Data controller

The data controller is ForgeNet, whose details are listed in the legal notice.

2. Data collected

At account creation

  • First and last name
  • Email
  • Phone (optional)
  • Company (optional)
  • Password (stored hashed and salted, never in clear)

During site usage

  • IP address, user agent, preferred language
  • Pages visited, dates and durations
  • Quote requests (description, budget, timeline)

3. Purposes of processing

  • Provide access to tools and demos.
  • Process quote and contact requests.
  • Secure the site (abuse detection, login logging).
  • Comply with legal and accounting obligations.

4. Legal basis

Processing is based on contract performance (account creation, service provision), consent (voluntary quote requests) and ForgeNet's legitimate interest (security and service continuity).

5. Data recipients

  • Authorized ForgeNet personnel (service administration, support).
  • Cloudflare Inc. (network security, anti-DDoS, as data processor).
  • Our SMTP provider (transactional email delivery).
  • Our hosting partner (European shared infrastructure).

No data is sold or rented to third parties for commercial or advertising purposes.

6. Retention period

  • Account data: as long as the account is active, then 3 years after last login for inactive accounts.
  • Accounting and billing data: 10 years (Moroccan legal obligation).
  • Login logs: 12 months maximum.
  • Cookies: see the cookie policy.

7. Your rights

In accordance with Moroccan law 09-08 and, where applicable, the GDPR, you have the following rights regarding your data:

  • Right of access and copy
  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to portability
  • Right to object to processing
  • Right to withdraw consent at any time

To exercise these rights, write to [email protected]. We respond within 30 days.

8. Complaint

You may lodge a complaint with the CNDP (Commission Nationale de contrôle de la protection des Données à caractère Personnel, Maroc) or, for European residents, with their national data protection authority.

9. Security

All communications are HTTPS-encrypted. Passwords are hashed with bcrypt. Sessions expire automatically after 30 minutes of inactivity and 24 hours maximum. Backups are daily.

Last updated: 06/06/2026