Skip to content
Forge

Privacy policy

This page covers Forge the desktop app. The Ranga website (ranga.ai) and account portal have their own policy at ranga.ai/privacy and that policy governs anything you do on the web side.

The short version: Forge is a local-first desktop app. Your project files, chats, generated assets, and skills live on your machine. The only data that leaves is what you send to OpenAI when you talk to the agent, and license validation pings to Ranga’s servers.

What stays local

Section titled “What stays local”

Everything in your project’s .forge/ directory.

  • Memory files (BRIEF.md, DECISIONS.md, etc).
  • Generated assets in .forge/generated/.
  • The memory search index in .forge/.index/memory.db.
  • Chat sessions and message history (%APPDATA%\Forge\forge.db).
  • Skills (~/.forge/skills/).
  • Scratchpad memory in open mode (~/.forge/scratchpad/).
  • API keys and OAuth tokens (Windows Credential Manager).

Forge never uploads any of this. There is no telemetry of file paths, project names, or chat content.

What gets sent to OpenAI

Section titled “What gets sent to OpenAI”

When you send a message in chat, the agent runs against your ChatGPT plan via OAuth. The Codex sidecar packages your prompt, the injected memory and skills, and any active-file context, and forwards them to OpenAI. OpenAI’s terms of service and privacy policy govern that traffic.

You can see exactly what’s being sent on each turn by expanding the Continuity panel above the prompt input. It lists every context item Forge added.

What gets sent to Ranga’s servers

Section titled “What gets sent to Ranga’s servers”

Two things, both narrow:

  • License validation at startup pings api.ranga.ai/license/validate with your license key, a device fingerprint, and the product slug. The response is a signed JWT entitlement valid for several days, cached locally so we’re not pinging on every launch.
  • Auto-update manifest checks every four hours pull the version manifest from api.ranga.ai/releases/stable/.... The request includes your platform, architecture, and current version. The response is the manifest for whatever’s newer, or a 204 if you’re up to date.

That’s it. No analytics, no chat content, no project info.

What gets sent to vendor APIs (Asset studio)

Section titled “What gets sent to vendor APIs (Asset studio)”

When you use the Asset studio with a vendor (ElevenLabs, Meshy, Scenario, DeepMotion), your prompt and any uploaded media go directly to that vendor’s API using your own API key. Forge doesn’t proxy or log the requests.

Each vendor has its own policy:

Deleting your data

Section titled “Deleting your data”

Forge doesn’t have a server-side account that holds your data. To delete everything:

  1. Uninstall Forge through Windows Add or Remove Programs.
  2. Delete %APPDATA%\Forge\ (sessions database and logs).
  3. Delete %USERPROFILE%\.forge\ (skills, scratchpad memory, generated assets cache).
  4. Delete the .forge/ folder inside any project you opened with Forge.

Your Ranga account (and any license records associated with it) are governed by the ranga.ai privacy policy, which has its own deletion process.

Data we collect through telemetry

Section titled “Data we collect through telemetry”

If, and only if, you opt in to telemetry in Settings → Advanced → Telemetry, Forge sends:

  • Anonymous install ID.
  • App version.
  • OS version.
  • Error stack traces.

It never sends chat messages, file contents, project paths, API keys, or any other identifying information.

Telemetry is off by default. You can toggle it on or off at any time. See Telemetry policy for details.

Contact

Section titled “Contact”

For privacy questions, reach us at privacy@ranga.ai.