ForigiForigi

Effective date · May 6, 2026

Privacy Policy

This Privacy Policy describes how Forigi (“Forigi,” “we,” “us”) collects, uses, and shares information when you use the Forigi platform at forigi.com and any of its subdomains (the “Service”).

Who runs Forigi. Forigi is a service provided by Knotbook Software Inc., a Canadian federal corporation registered in Ontario, Canada. References to “Forigi,” “we,” or “us” in this policy mean Knotbook Software Inc. acting as the operator of the Service. You can reach us about anything in this policy at hello@forigi.com.

Who this policy applies to

This policy covers two groups of people:

  • Customer administrators and builders — people who deploy and manage apps on Forigi.
  • App viewers — people who open Forigi-hosted apps using their Microsoft 365 credentials.

It does notgovern data flowing through Microsoft 365 itself. Your SharePoint and OneDrive content, your Entra accounts, and your tenant’s configuration are governed by Microsoft’s terms with your tenant. Forigi reads files using your viewer’s existing Microsoft permissions; it never copies your files into a parallel store.

Information we collect

Account information

When you sign in with your Microsoft 365 account, we receive from Microsoft:

  • Your email address.
  • Your name (display name).
  • Your Microsoft Entra Object ID (a durable identifier for your account).
  • Your tenant’s identifier and display name.
  • A short-lived access token used to read SharePoint/OneDrive files on your behalf. We never read files using a service account — every fetch is scoped to the calling viewer’s existing Microsoft permissions.

We do not receive your password. Microsoft handles authentication.

Usage data

We log:

  • Sign-ins, sign-outs, and authentication failures.
  • App deployments, updates, and deletions.
  • Data source connections and queries.
  • Application database operations (writes always; reads only if your IT administrator has enabled read auditing).
  • Source IP and a truncated User-Agent string for each audit event (your IT admin can disable this in tenant settings).

App data

When you deploy an app, we store:

  • The HTML/CSS/JavaScript bundle you upload.
  • Metadata about the app (name, description, slug, owner).
  • Any data your app writes through the platform’s database SDK.

Data your apps read

We do notstore data fetched from your SharePoint or OneDrive files. Each viewer’s request fetches the file fresh using their own Microsoft permissions; results are processed in memory and returned to the viewer’s browser.

How we use information

  • To operate the Service. Authenticate sign-ins, route data fetches, host apps, enforce permissions.
  • To secure the Service. Detect abuse, investigate incidents, block malicious bundles.
  • To improve the Service. Aggregated, non-identifying analytics about feature usage.

We do not sell personal data. We do not share personal data with advertisers.

Subprocessors

The Service relies on the following third parties to operate. Each acts as a subprocessor of customer data:

SubprocessorUsed forRegion
Microsoft CorporationAuthentication (Entra ID), SharePoint and OneDrive file access via Microsoft GraphYour existing Microsoft 365 tenant
Supabase Inc.Application database, audit log, tenant and user recordsUnited States (US-West region)
Cloudflare Inc.App bundle storage (R2 object storage), edge networkUnited States
Vercel Inc.Application hosting, edge functions, request logsUnited States
Upstash Inc.Rate limiting, encrypted Microsoft token cacheUnited States
Anthropic PBCDatabase schema inference (only when your IT administrator has enabled the LLM-inference toggle in tenant settings)United States
ResendTransactional email to tenant administrators (sign-in welcome, approval notifications, breach notifications)United States
SentryServer-side error monitoring (stack traces, scrubbed of PII before transmission)United States

A signed Data Processing Agreement (DPA) is available on request. Email hello@forigi.com.

AI / LLM disclosure

When your IT administrator has enabled “LLM-backed schema inference” in your tenant settings, Forigi may send your app bundle’s source code (HTML, JavaScript, CSS) to Anthropic’s Claude API to propose database schemas for your app.

We do not send customer data rowsto any AI provider. Ever. Only your bundle’s source code, and only when explicitly enabled in tenant settings.

We do not use customer data to train AI models, and our subprocessors do not either under their commitments to us.

Data retention

  • Audit log. Retained for the period your IT administrator configures. Default: 90 days. After that period, audit entries are hard-deleted by an automated cleanup job.
  • App bundles. Retained for as long as the app exists. When you delete an app, the bundle is removed from object storage immediately.
  • App database rows. Retained for as long as the app exists. Per-row creator information is retained even when individual users leave your tenant, so audit and ownership relationships stay intact.
  • Tenant data overall. Retained until you delete your tenant. After tenant deletion, a 30-day grace window allows export. After that window, all data is hard-deleted.

You can export your tenant’s data at any time via the platform’s export endpoint, or by emailing hello@forigi.com.

Data security

  • In transit: all platform traffic uses TLS 1.2 or higher. Hosted apps are served exclusively over HTTPS.
  • At rest:the application database, audit log, and app bundles are encrypted using each vendor’s at-rest encryption (AES-256 or equivalent).
  • Sensitive columns in your application database (when you flag a column sensitive: true) are additionally encrypted with a per-tenant key the platform manages and never logs.
  • Microsoft delegated reads:every file fetch uses the viewer’s Microsoft token, scoped to that viewer’s existing M365 permissions. The platform never holds a service account capable of reading all your files.

To report a security vulnerability, email hello@forigi.com. We respond within one business day, work with you on a coordinated disclosure timeline, and credit researchers in our changelog if they wish.

Your rights

You can:

  • See what data we have about you. Email hello@forigi.com.
  • Exportyour tenant’s data via the platform’s export endpoint or by emailing us.
  • Correctinaccurate data via the platform’s UI or by contacting us.
  • Deleteyour account by deleting your tenant via the platform’s purge endpoint, or by emailing us.

We do not sell personal data. We do not share personal data with advertisers.

California residents

If you’re a California resident, the California Consumer Privacy Act (CCPA) gives you specific rights, including the right to know, delete, correct, and opt out of certain sharing. To exercise them, email hello@forigi.com. We will respond within 45 days.

We do not sell personal data and we have not done so in the preceding 12 months.

EU/EEA residents

The Service is currently not directed at residents of the European Economic Area, the United Kingdom, or Switzerland. If you reside in one of those regions and use the Service anyway, please contact us at hello@forigi.com so we can address your privacy needs on a case-by-case basis.

Children’s data

The Service is intended for business use by working adults. We do not knowingly collect data from people under 18. If we learn that we have inadvertently collected such data, we will delete it.

Changes to this policy

We may update this policy. The “Effective date” at the top reflects the most recent version. Material changes affecting how we use existing data will be notified to tenant administrators via email at least 30 days before taking effect.

Contact

Questions, requests, or concerns: hello@forigi.com.

See also: Terms of Use · Security