Privacy

Privacy Policy

Effective · Aligned with the Australian Privacy Principles under the Privacy Act 1988 (Cth)

This is the privacy policy for Aoraforge (the trading name; the operating entity is a sole trader registered in NSW, Australia). It tells you what personal information we collect, why we collect it, what we do with it, and how to access or delete it. If you have any question, email hello@aoraforge.com.

What we collect

When you use an Aoraforge form or fulfillment flow, such as the Free Diagnostic, a sample-unlock email gate, the homepage case-study request, or the Pro Audit intake when paid checkout is available, we collect:

  • Your email address
  • Your business name, website URL, contact name, or sector when the form asks for those fields
  • The queries you ask us to poll or review
  • The competitor names and competitor website URLs you submit for a Pro Audit intake
  • The sample or request type you choose, plus any optional comments or notes you share

Our Worker and Cloudflare edge services also process limited request metadata used for form handling, abuse prevention, security, and troubleshooting, such as IP address, Cloudflare-provided country code, browser user agent, referring page, and technical success/failure events.

For paid checkout, Stripe handles card details directly. Aoraforge never sees your card number, CVV, or full bank details. The live Pro Audit Stripe activation remains a final launch-window step; once that checkout is open, Stripe sends the session and purchase details we need to verify payment, pre-fill intake where applicable, and fulfill the order.

Why we collect it, and what we do with it

We use the information you provide to unlock requested samples, respond to case-study requests, and deliver the launch services you request. The Free Diagnostic sends the query strings you provide to Brave Search for Claude-related retrieval polling, prepares a citation-visibility report, and emails the result. Paid Pro Audit order handling uses the applicable paid intake and fulfillment path once the live Stripe checkout is opened.

The Roadmap and Citation Pack remain coming-soon previews at launch, not live paid processors or fulfillment paths described as already operating here.

We do not sell, rent, or share your data with marketing or advertising partners. We do not use your data to train machine-learning models. We do not enrol you in unrelated mailing lists.

Who we share it with (third-party processors)

To run the launch site and the currently active fulfillment paths, we send minimum-necessary data to a small number of processors:

  • Cloudflare (US/global) — site hosting, edge security, Worker form handling, queues, KV-backed report delivery, and operational telemetry such as hosted-site analytics/insights and technical request events.
  • Stripe (US/Australia) — paid checkout, payment verification, and checkout-session/webhook handling once the live paid route is opened. Stripe privacy policy.
  • Resend (US) — transactional email delivery for customer reports and operator fulfillment messages.
  • Telegram (global) — operator notifications for submissions, delivery recovery, and fulfillment alerts; those alerts may include the minimum submission details needed to act on the alert.
  • Brave Search — automated Free Diagnostic polling. We send the submitted query strings, not your email address, to Brave Search for this launch diagnostic path.

Some of these are based outside Australia, so your information may be processed overseas. By using Aoraforge you consent to this cross-border disclosure (APP 8.2).

How long we keep it

Hosted Free Diagnostic reports and tokenized hosted report links are configured to expire after 30 days. Short-lived anti-abuse counters use shorter operational expiries. Intake submissions, fulfillment records, payment-verification records for any completed paid checkout, and operator correspondence are kept only as long as reasonably needed for delivery, support, abuse prevention, dispute handling, launch operations, or legal/accounting obligations. You can ask us to delete personal information sooner where those obligations do not require retention.

Security

Launch web and Worker traffic is sent over TLS. Hosted intake and report data used by these flows is stored through Cloudflare Worker/KV services, and Stripe holds card data rather than Aoraforge. We limit processor access to the data needed for the purpose described above.

Your rights — access, correct, delete

Under the Australian Privacy Principles you have the right to:

  • Access — see what personal information we hold about you (APP 12)
  • Correct — ask us to correct any information that is inaccurate (APP 13)
  • Delete — request deletion of your data (subject to legal retention obligations like tax records)
  • Complain — to Aoraforge first (hello@aoraforge.com); if unresolved, to the Office of the Australian Information Commissioner

To exercise any of these rights, email hello@aoraforge.com. We will respond within 30 days as required by the Privacy Act.

Cookies and tracking

We do not use advertising cookies or cross-site advertising tracking. Cloudflare may load analytics or insights resources and process operational page/request telemetry for hosting, security, and launch monitoring. Sample report pages use a first-party sessionStorage entry in your browser to remember that you unlocked that sample; it stays on your device.

Changes to this policy

If we materially change what data we collect or how we use it, we will update this page and post a note in the blog. Continued use of Aoraforge after a change means you accept the updated policy.

Contact

Questions, requests, or complaints: hello@aoraforge.com.