Privacy Policy

This Privacy Policy describes how PE Leskiv Yustyna Romanivna, operating under the brand EvolForge ("EvolForge", "we", "us", "our"), collects, uses, stores, shares, and deletes information related to the use of the EvolForge website, web application, integrations, automation features, and related services.

Last updated: March 15, 2026

Purpose of this document

Effective Date: November 28, 2025

This Policy also explains how we process data obtained through integrations with Meta platforms, including Facebook and Instagram, if a user connects such integrations or interacts with related functionality.

By using the EvolForge website, web application, or any services, you acknowledge that you have read and understood this Privacy Policy.

If you have any questions about this Privacy Policy or the processing of your data, please contact us using the details provided below.

1. Who we are

Information about the service operator and contact details.

Operator / Data ControllerPE Leskiv Yustyna Romanivna
Brand / Commercial NameEvolForge
Country of Registration / OperationUkraine
Legal / Correspondence AddressUkraine, 79005, Lviv region, Lviv city, Kopernyka M. st., building 41
Email for general inquiriestech.evolforge@gmail.com
Email for privacy and data deletion inquiriestech.evolforge@gmail.com

2. Scope of this Policy

This Policy does not apply to third-party services, websites, or platforms that have their own privacy policies, even if they integrate with EvolForge. This Policy applies to:

WebsiteThe EvolForge website at evolforge.com
Web ApplicationThe EvolForge web application
Account ManagementRegistration forms, authorization, and account management pages
IntegrationsIntegrations with third-party services, including Meta / Facebook / Instagram, if available in the product
SupportCommunications with customer support
Other ServicesOther pages, services, and features where we link to this Policy

3. What data we may collect

We may collect information directly from you, automatically when you use the service, and from third-party platforms and providers if you use the respective integrations.

3.1. Data you provide directly to us

We may collect information you voluntarily provide when creating an account, logging in, configuring your workspace, sending messages, contacting support, or using features that involve inputting content.

Personal InformationFirst and last name, email address, phone number (if provided).
Company and Account DataCompany, brand or organization name, account details, subscription, billing or payment information.
Content and SettingsContent you create or upload, data contained in your settings, automation flows, integrations, workflows, templates, or configurations.

3.2. Data collected automatically

When you visit the website or use the web application, we may automatically collect technical information.

Technical DataIP address, browser type and version, device type, operating system, time zone, interface language.
Usage DataSession identifiers, technical event logs, pages you view, date and time of access, referrer / source of transition.
Security and TrackingCookies and similar technologies, security signals, and anti-fraud events.

3.3. Data obtained through Meta, Facebook, Instagram or other integrations

If you use EvolForge features related to integrations, we may receive information necessary for their connection and operation. If a permission like public_profile is used, we use such data strictly within the permitted purpose.

IdentifiersUser or account ID on the respective platform, IDs of pages, business accounts, and connected assets.
Profile DataPublic profile data (within granted permissions), name or profile title.
Integration Technical DataTechnical connection data, access tokens, refresh tokens, integration metadata, and other data required for its operation.

3.4. Data from third-party service providers

We may also receive data from our infrastructure providers, analytics services, security services, support services, payment processors, authorization systems, or other technical partners to the extent necessary to provide the service.

4. How we use data

We use the collected data only to the extent necessary for the lawful provision, support, protection, and development of EvolForge. We do not use data obtained through Meta, Facebook, or Instagram platforms for purposes that do not correspond to the service functionality, user permissions, or the requirements of the respective platform.

Service ProvisionCreating and maintaining your account, providing access to the web application, authenticating users, and ensuring a personalized experience.
FunctionalityConnecting, supporting, and managing integrations, running automations, workflows, scenarios, and other configured features.
Support and SecurityProcessing support requests, detecting technical errors, failures, unauthorized access, abuse, or fraud.
Development and AuditImproving product stability and quality, maintaining internal records, technical audits, and event logging.
Legal ObligationsComplying with legal requirements, requests from competent authorities, protecting legitimate interests, and enforcing terms of use.

5. Automated Decision-Making and Profiling

In accordance with the GDPR (Article 22), we inform you that EvolForge does not use your personal data for automated decision-making or profiling that produces legal or other significant effects concerning you.

6. Legal bases for processing

Where required by applicable law, we process personal data on one or more of the following grounds:

ContractTo perform a contract or provide the service at your request.
Legitimate InterestOur legitimate interest in operating, protecting, developing, and improving EvolForge.
ConsentYour consent, if the processing is based specifically on consent.
Legal ObligationsCompliance with legal obligations.
Protection of RightsProtecting our rights, property, service security, users, or third parties.

8. Our Processors and Technical Providers

When providing the service, we may use third-party providers who process data on our behalf or provide us with technical infrastructure. We require such providers to process data within our instructions, properly protect information, and not use it for purposes incompatible with providing the service.

Amazon Web ServicesFor hosting, servers, network, data storage, backups, databases, and other infrastructure.
BrevoFor sending email communications.
Microsoft ClarityFor technical analytics and service stability assessment.
PaddleFor payment processing, if applicable.

9. How we process Meta / Facebook / Instagram data

If a user connects Meta, Facebook, Instagram, or other compatible integrations, we process the related data only to the extent necessary for connection, support, and feature operation. We do not sell Meta platform data and do not use it in a manner inconsistent with permitted use, platform policies, service functionality, or user requests.

Purposes of processingConnecting the integration, verifying authorization, maintaining a stable connection, displaying integration status, operating configured features, troubleshooting technical errors, logging security events, and complying with platform requirements.
Cessation of useIf a specific permission, token, integration, or specific data is no longer needed to provide functionality, we take reasonable steps to delete, deactivate, disconnect, or cease using it.

10. Cookies and similar technologies

We may use cookies, local storage, session storage, and other similar technologies to ensure the operation of the service and improve the user experience. You can manage cookies through your browser settings. However, disabling certain cookies may affect the operation of the site or specific features of the service.

Purposes of useMaintaining system login, storing technical user settings, ensuring the operation of the website and web application, improving security, analyzing technical performance and service stability.
Types of CookiesWe use «Essential» cookies, without which the service cannot function, and «Analytics» cookies (e.g., Microsoft Clarity) to understand how users interact with the service.

11. How long we retain data

We retain data only as long as reasonably necessary to provide the service, support your account, ensure security, comply with legal requirements, and resolve disputes. Once data is no longer needed, we delete, anonymize, or isolate it unless otherwise required by law.

Account DataRetained while the account is active and for 30 days after its deactivation.
Integration TokensRetained while the integration is active. After disconnection, tokens are deleted within 24 hours.
Logs and Event RecordsTechnical records and event logs are retained for 3 months.
BackupsData backups are retained for 3 months in accordance with security policies.

12. Data Security

We implement reasonable technical, organizational, and administrative security measures to protect data from unauthorized access, loss, destruction, alteration, disclosure, or misuse. However, no method of transmission or storage over the internet is completely secure, so we cannot guarantee absolute protection in every situation.

Encryption and TransmissionUse of HTTPS / TLS protocols for secure data transmission.
Access ControlStrict access control, segregation of privileges, and restricted access to infrastructure.
Infrastructure ProtectionSecure storage of credentials and secrets, regular updates of systems and components.
Monitoring and RecoveryLogging, monitoring, backups, and technical incident detection procedures.
Data Breach NotificationIn the event of a data breach that poses a high risk to the rights and freedoms of users, EvolForge commits to notifying users and relevant regulatory authorities within the timeframes established by law (typically 72 hours under GDPR).

13. International Data Transfers

Since we may use global cloud infrastructure or third-party providers, your data may be processed or stored outside your country of residence. In the event of such a transfer, we take reasonable measures to ensure an adequate level of data protection in accordance with applicable law, contractual obligations, and technical security standards.

Data Processing RegionsThe primary countries or regions for data processing and storage are: Ukraine, Germany.
Transfer MechanismsFor EU users: data transfers outside the European Economic Area (EEA) to countries without an «adequacy decision» are conducted on the basis of Standard Contractual Clauses (SCCs) or other mechanisms recognized by the GDPR.

14. Your Rights

Depending on your jurisdiction and applicable law, you may have a number of rights regarding your personal data. To exercise your rights, please contact us at: tech.evolforge@gmail.com

Access and InformationObtain information about the processing of your data and request access to it.
Correction and DeletionRequest the correction of inaccurate or outdated data, and request the deletion of your data.
Restriction and ObjectionRestrict certain types of processing or object to specific types of processing.
Consent and Integrations ManagementWithdraw consent (if processing is based on it) and disconnect integrations with third-party platforms.
Data PortabilityObtain your data in a structured, commonly used, and machine-readable format (e.g., JSON or CSV) to transmit it to another service.

15. California Residents Addendum (CCPA / CPRA)

If you are a California resident, additional privacy rights apply to you.

Sale and Sharing of DataWe do not sell your personal data. We also do not share your data for cross-context behavioral advertising purposes.
Non-DiscriminationYou have the right not to receive discriminatory treatment for the exercise of your privacy rights.

16. How to request data deletion

You can submit a request to delete your data or account at any time. To do so, please send a request to: tech.evolforge@gmail.com

What to include in the requestYour account email, workspace name, description of data to be deleted. If the request relates to Meta / Facebook / Instagram — data to identify the connected account.
Identity VerificationFor security reasons, we may ask you to verify your identity before fulfilling a deletion request.
Processing terms and conditionsStandard deletion request processing time: 2 days. The timeframe may depend on technical complexity, backups, security requirements, and legal obligations.

17. Deletion of data related to Meta / Facebook / Instagram

If you have connected Meta / Facebook / Instagram integrations to EvolForge, you have several ways to manage your data and revoke access. We process such requests in accordance with our internal data deletion procedure, subject to technical and legal limitations.

Via Platform SettingsRevoke access or remove the connection through the settings of the respective platform (Meta, Facebook, Instagram), if available.
Via EvolForge AccountDisconnect the integration directly in your EvolForge account.
Direct RequestContact us directly at tech.evolforge@gmail.com with a deletion request.
Deletion InstructionsUse the dedicated page with data deletion instructions: evolforge.com/en/data-deletion

18. Children's Data

EvolForge is not intended for use by children unless expressly stated otherwise. We do not knowingly collect personal data from children in violation of applicable law.

Age RestrictionsThe minimum user age to use the service is 18 years old.
Inquiries regarding children's dataIf you believe that a child has provided us with their data without proper authorization, please contact us at tech.evolforge@gmail.com, and we will investigate the matter and take necessary action.

19. Third-Party Links

The EvolForge website or web application may contain links to third-party sites, services, or integrations. We do not control the privacy policies of such resources and are not responsible for their content, practices, or actions. Before using third-party resources, we recommend reviewing their own privacy policies and terms of use.

20. Changes to this Policy

We may periodically update this Privacy Policy to reflect changes in service functionality, integrations, legal requirements, security practices, or business processes.

Notification of ChangesIn the event of an update, we will change the "Last updated" date at the top of the page. If the changes are material, we may additionally notify users via the website, web application, email, or other appropriate means.
Acceptance of UpdatesContinued use of the service after the updated version takes effect constitutes your acceptance of the updated Policy to the extent permitted by law.

21. Contacts

If you have any questions regarding this Privacy Policy, personal data processing, data deletion, or the use of integrations, please contact us:

PE Leskiv Yustyna Romanivna (EvolForge)Address: Ukraine, 79005, Lviv region, Lviv city, Kopernyka M. st., building 41
EmailGeneral inquiries and data deletion: tech.evolforge@gmail.com
Websiteevolforge.com

22. Additional Links

For the convenience of our users, we also recommend reviewing other important documents:

Terms and Conditionsevolforge.com/en/terms-and-conditions
Data Deletion Instructionsevolforge.com/en/data-deletion

Contact the data team

Reach out with questions about this policy, data protection or security practices.

Email the privacy team Back to home Message us on Telegram

tech.evolforge@gmail.com•We aim to respond within two business days.