Privacy Policy

Last updated: February 2026

DashForge is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information in compliance with the UK General Data Protection Regulation (GDPR) and applicable data protection laws.

1. Information We Collect

1.1 Application Data

When you apply for a DashForge email account, we collect:

  • Full name and contact information
  • Organization or company details (if applicable)
  • Country/region of operation
  • Requested email address preferences
  • Intended use case and requirements

1.2 Account and Usage Data

Once your account is active, we collect:

  • Email account credentials and authentication data
  • Email content, attachments, and metadata
  • Usage statistics (login times, access patterns)
  • Technical information (IP addresses, device types, email clients)

1.3 Billing Information

For payment processing:

  • Payment card details (processed by secure third-party providers)
  • Billing address and invoice information
  • Transaction history and payment records

2. How We Use Your Information

We use your personal data for the following purposes:

  • Service Provision: To create, manage, and maintain your email account(s)
  • Communication: To send service updates, security alerts, and administrative messages
  • Security: To protect against fraud, abuse, and unauthorized access
  • Billing: To process payments and manage subscriptions
  • Support: To respond to inquiries and provide technical assistance
  • Compliance: To meet legal obligations and regulatory requirements
  • Improvement: To analyze usage patterns and improve our services

3. Legal Basis for Processing

Under GDPR, we process your personal data based on:

  • Contract Performance: Processing necessary to provide email services you've requested
  • Legitimate Interests: Improving services, security, and fraud prevention
  • Legal Obligation: Compliance with legal and regulatory requirements
  • Consent: Where you've provided explicit consent for specific processing activities

4. Data Storage and Security

4.1 Data Location

All data is stored on secure servers located in the United Kingdom and/or European Union. We do not transfer personal data outside the UK/EU except where necessary for service delivery and with appropriate safeguards in place.

4.2 Security Measures

We implement industry-standard security measures including:

  • TLS/SSL encryption for data in transit
  • AES-256 encryption for data at rest
  • Multi-factor authentication options
  • Regular security audits and vulnerability assessments
  • Access controls and staff training
  • Automated backup and disaster recovery procedures

4.3 Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. After account closure, data is retained for a limited period as required by law, typically:

  • Account data: 30 days after closure
  • Financial records: 7 years (UK legal requirement)
  • Security logs: 12 months

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal data. We may share data only in the following circumstances:

  • Service Providers: Trusted third parties who assist in operations (hosting, payment processing) under strict confidentiality agreements
  • Legal Requirements: When required by law, court order, or government request
  • Business Transfers: In the event of a merger, acquisition, or sale (with notice to affected users)
  • Protection: To protect rights, property, or safety of DashForge, users, or the public

6. Your Rights

Under GDPR, you have the following rights:

  • Right to Access: Request copies of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restriction: Request limitation of processing in certain circumstances
  • Right to Data Portability: Request transfer of your data in machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent where processing is based on consent

To exercise these rights, contact us at privacy@dashforge.net. We will respond within 30 days.

7. Cookies and Tracking

Our website uses essential cookies for functionality. We do not use third-party tracking or advertising cookies. You can control cookie preferences through your browser settings.

8. Email Content and Privacy

DashForge respects the privacy of your email communications:

  • We do not read, scan, or analyze your email content for advertising purposes
  • Automated scanning occurs only for security (spam, malware, viruses)
  • Email content may be accessed by authorized staff only for technical support when you request assistance
  • We comply with lawful access requests from authorities with appropriate legal process

9. International Users

While DashForge is UK-operated, we serve users worldwide. If you access our services from outside the UK/EU, please note that your data will be transferred to and processed in the UK under GDPR-compliant practices.

10. Children's Privacy

DashForge services are intended for professional use by individuals aged 18 and over. We do not knowingly collect personal data from children under 18.

11. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. Significant changes will be communicated via email. Continued use of services after changes constitutes acceptance of the updated policy.

12. Contact and Complaints

For privacy-related questions or concerns:

If you believe we have not adequately addressed your concerns, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO): ico.org.uk

Data Controller: DashForge

Jurisdiction: United Kingdom

Effective Date: February 2026