Privacy Policy

What is Runforge?

Runforge is a platform that helps developers deploy and operate AI agents. Agents can connect to third-party services (Gmail, Google Calendar, Google Sheets, Slack, and others) to perform tasks on behalf of users.

What data we collect

Account information

When you create a Runforge account, we collect your email address and name. We use this to authenticate you and communicate about your account.

Third-party service connections

When you connect a third-party service (such as Gmail, Google Calendar, or Google Sheets), we receive OAuth tokens that allow Runforge agents to access your account on that service. We collect:

• OAuth access tokens and refresh tokens — stored encrypted (AES-128-CBC + HMAC-SHA256) and used only to execute agent actions you have authorized.
• Basic profile information from the connected service (such as your email address) to display connection status in the dashboard.

We do not collect or store your passwords for any third-party service.

Agent run data

When an agent runs on your behalf, we collect:

• Run metadata (start time, duration, status, steps executed)
• Action logs (what the agent did, sanitized to remove sensitive content)
• Browser screenshots (if the agent uses browser automation)
• Artifacts produced by the agent

How we use your data

• To operate agents on your behalf. When an agent needs to send an email or read a spreadsheet, we decrypt the relevant OAuth token, make the API call, and immediately discard the decrypted token from memory.
• To show you what your agents are doing. Run timelines, step details, and audit logs help you understand and control agent behavior.
• To provide human-in-the-loop approvals. Before an agent takes a sensitive action (sending an email, posting a message), we show you what it's about to do and wait for your approval.
• To maintain and improve the platform. We use aggregated, non-personal usage data to improve reliability and performance.

How we protect your data

• All OAuth tokens are encrypted at rest using Fernet symmetric encryption with a dedicated vault key, separate from our application encryption key.
• Tokens are decrypted only in memory, only for the duration of an API call, and are immediately discarded after use.
• Tokens are never logged, never included in error messages, never stored in caches, and never sent to agent containers.
• All data in transit is encrypted via TLS.
• Database access is restricted to application services only.

Third-party services

When you connect a third-party service, Runforge accesses only the scopes you explicitly authorize:

We do not sell, share, or transfer your third-party service data to anyone. Data from third-party services is used exclusively to perform the agent actions you configure and authorize.

Your controls

• Disconnect at any time. You can disconnect any third-party service from your Runforge dashboard. This immediately revokes Runforge's access and deletes stored tokens.
• Approve before action. Sensitive actions (sending emails, posting messages, updating records) require your explicit approval before execution.
• View audit trail. Every action an agent takes on your behalf is logged and visible in your dashboard.
• Delete your account. Contact us at privacy@runforge.sh to request full account and data deletion.

Data retention

• Account data is retained while your account is active.
• Run data and audit logs are retained for 90 days after a run completes.
• OAuth tokens are deleted immediately when you disconnect a service.
• When you delete your account, all associated data (including tokens, run data, and audit logs) is permanently deleted within 30 days.

Google API Services User Data Policy

Runforge's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Changes to this policy

We may update this privacy policy from time to time. We will notify you of significant changes via email or a notice on our website.