Privacy Policy

• Account: Your email address and (optionally) a display name. Passwords are handled and hashed by our authentication provider — we never see or store your plaintext password.
• Learning data: Course progress (which chapters you complete), lab topologies you choose to save, and ARIA usage counts used to enforce daily limits.
• ARIA conversations: When you use the cloud ARIA tutor, your messages are sent to our AI provider to generate a reply and a rolling history is stored so you can resume a conversation. If you instead choose the in-browser (WebLLM) or local (Ollama) provider in ARIA settings, those messages never leave your device.
• Billing: If you subscribe to Pro, payments are processed by Stripe. We store a Stripe customer reference and your subscription status — we do not store your card number; Stripe handles card data directly.

• Operate the lab, course, and ARIA tutor, and save your progress.
• Enforce Free vs Pro entitlements and daily ARIA limits.
• Process subscription payments and prevent abuse.
• Diagnose errors and keep the service reliable and secure.

We use only essential cookies to keep you signed in (your authentication session). We do not use advertising or cross-site tracking cookies.

We share data only with the processors required to run NetForge-AI:

• Supabase: Authentication, database, and hosting of your account data.
• Stripe: Subscription billing and payment processing for Pro.
• AI providers: Cloud ARIA messages are processed by our LLM providers (e.g. Groq, and Google's Gemini as a fallback) solely to generate replies.

Each processor handles your data under its own terms and security controls. We do not sell your personal data to anyone.

We keep your data while your account is active. You can delete your account at any time from Account → Danger zone; this removes your profile, progress, lab saves, and ARIA history. Billing records may be retained by Stripe as required for legal and accounting obligations.

Every account's data is isolated at the database level with row-level security, so one user can never read or modify another's data. Traffic is encrypted in transit, and sensitive keys are kept server-side only.

You can view and update your profile, see your stored progress and saves, and delete your account and its data — all from your account page. Depending on where you live, you may have additional rights to access, correct, or port your data; contact us to exercise them.

We'll update this page when our practices change and revise the date above. Questions about privacy? Email support@netforge-ai.com. See also our Terms of Service.