top of page
Artboard 1@10x 1

Forva AI

17 July 2025

FORVA AI PRIVACY POLICY


1. Introduction


At Forva AI Innovation Limited ("Forva AI," "we," "us," or "our"), we take your privacy seriously. This Privacy Policy explains in detail how we collect, use, share, and protect your personal information when you access or use our platform and related services (collectively, the "Services," as defined in our Terms of Service). By using our Services, you consent to the practices described in this policy.


2. Information We Collect


2.1 Information You Provide to Us

  • Account Information: When you register for an account, we collect your name, email address, and may also collect company name, job title, and contact information.

  • Billing Information: For paid subscriptions, we collect payment details, billing addresses, and transaction history. (Note: This is typically handled by a third-party payment processor, which should be mentioned in Section 5.1).

  • Profile Information: Information you choose to add to your profile, such as profile pictures, biographical information, and preferences.

  • Content and Communications: This includes "Input"(such as documents you upload, text you type, and prompts you provide to our AI tools) you provide when using our Services, as well as feedback you submit and your communications with our support team.


2.2 Information We Collect Automatically

  • Usage Data: Information about how you interact with our Services, including features used, time spent, actions taken, and interaction patterns with our AI tools.

  • Device Information: Device type, operating system, browser type, browser settings, IP address, language settings, and time zone.

  • Log Data: Server logs, error reports, performance data, and crash analytics.

  • Cookies and Similar Technologies: Information collected through cookies, pixels, and similar technologies about your usage patterns and preferences, as further detailed in Section 11.


3. How We Use Your Information


3.1 Service Provision and Improvement

  • Delivering and maintaining our Services.

  • Personalizing your experience based on preferences and usage patterns.

  • Developing new features and enhancing existing functionality (Note: How this relates to AI model training is clarified in Sections 4 and 8).

  • Troubleshooting issues and providing technical support.

  • Analyzing performance metrics to optimize our platform.


3.2 Communications

  • Sending essential service notifications and updates related to your account or changes to our Services or terms.

  • Providing customer support and responding to inquiries. * Sending marketing communications about our products and services (only with your explicit consent, which you can withdraw at any time).

  • Conducting surveys and collecting feedback to improve our Services.


3.3 Security and Legal Compliance

  • Protecting against unauthorized access, potential fraud, and ensuring the security of our Services.

  • Verifying identity and authenticating users.

  • Enforcing our Terms of Service.

  • Complying with applicable legal obligations and responding to lawful legal requests and processes.


4. Our Core Data Commitments


4.1 No Selling of Your Personal Information

We do not sell, rent, or lease your personal information to third parties for their marketing purposes or any other commercial use.


4.2 No Training on Your Input for General-purpose Foundation Models.


Consistent with our Terms of Service, we do not use your "Input" (including your content, documents, prompts, or other data you provide directly to our AI tools) to train or improve our general underlying artificial intelligence models that are used for all our customers.


4.3 Data Security

We implement industry-standard technical, administrative, and physical safeguards designed to protect your information from unauthorized access, theft, and misuse, as detailed further in Section 6.


4.4 Transparency

We are committed to being clear about our data practices. We will notify you of significant changes to this Privacy Policy as outlined in Section 13.


5. Data Sharing and Disclosure


5.1 Service Providers

We may share your personal information with trusted third-party service providers who help us operate our business and deliver the Services. These may include:

  • Cloud hosting providers (for data storage and processing).

  • Payment processors (to securely process your payment information).

  • Data analytics services (to help us understand Service usage).

  • Customer support tools (to manage communications).

  • Email delivery services (for service-related and consented marketing communications).


These providers are contractually obligated to use your information solely for the purpose of providing services to us, to maintain the confidentiality of your information, and to comply with applicable data protection laws.


5.2 Third-Party Integrations

If you choose to connect our Services with third-party applications or services, we may share information necessary for the integration to function properly. The use of your information by these third parties is governed by their respective privacy policies, and we encourage you to review them.


5.3 Legal Requirements

We may disclose your information if required to do so by law or in the good faith belief that such action isnecessary to: (a) comply with a legal obligation or governmental request; (b) protect and defend our rights or property; (c) prevent or investigate possible wrongdoing in connection with the Services; (d) protect the personal safety of users of the Services or the public; or (e) protect against legal liability.This includes enforcing our Terms of Service.


5.4 Business Transfers

In the event of a merger, acquisition, financing, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your personal information may be transferred as part of such a transaction as permitted by law and/or contract.


6. Data Security

We implement comprehensive security measures designed to protect your personal information from unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (e.g., using TLS/SSL) and at rest where appropriate.

  • Regular security assessments and vulnerability testing.

  • Strict access controls and policies limiting employee access to user data on a need-to-know basis.

  • Continuous monitoring of our systems for suspicious activities and potential threats.

  • Regular security awareness training for our team members.

  • Documented incident response plans and procedures.

  • While we take data security very seriously, no system is 100% secure, and we cannot guarantee the absolute security of your information.


7. User Rights

Subject to applicable law (which may include the Personal Data (Privacy) Ordinance in Hong Kong, GDPR for EEA users, and other relevant regulations), you have certain rights regarding your personal information. These may include the right to:


7.1 Access and Portability

Request access to the personal information we hold about you and receive a copy of it, in some cases in a structured, commonly used, and machine-readable format.


7.2 Correction

Request that we correct inaccurate or incomplete personal information we hold about you.


7.3 Deletion

Request deletion of your personal information, subject to certain exceptions (e.g., where we are required by law to retain the data, or for the establishment, exercise, or defense of legal claims).


7.4 Restriction and Objection

Request that we restrict the processing of your personal information in certain circumstances, or object to certain processing activities (such as direct marketing).


7.5 Withdrawal of Consent

Where our processing of your personal information is based on your consent, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.


7.6 Meta Data Deletion

Users can request deletion of their data through Meta's data deletion request process. When a deletion request is received, we will delete all user data including:

- OAuth2 tokens and credentials

- Campaign performance data

- AI-generated insights and recommendations

- Account configuration settings

Deletion requests are processed within 30 days and confirmed via our data deletion confirmation page.


To exercise these rights, please contact us at hello@forva.ai. We will respond to your request within a reasonable timeframe and in accordance with applicable laws. We may need to verify your identity before processing your request.


8. AI-Specific Considerations


8.1 AI Data Processing Our AI features process your "Input" to generate "Generated Content"(as these terms may be further defined in our Terms of Service). This processing occurs to provide the AI functionality you request when using the Services.


8.2 No Training on Your Input for General-purpose Foundation Models. As stated in our Terms of Service and our Data Commitments (Section 4.2), we do not use your "Input" or your specific "Generated Content" to train, fine-tune, or improve our general-purposed foundation models that serve all our customers.


8.3 AI Output Disclaimer Our AI generates content based on complex algorithms and data patterns. While we strive for accuracy and usefulness, as stated in our Terms of Service, we cannot guarantee that AI-Generated Content will always be error-free, complete, or suitable for all your intended purposes. You are responsible for reviewing and validating any AI-Generated Content.


8.4 User Control You generally maintain control over your Input and the Generated Content associated with your account. You can manage and delete your data in accordance with our data retention policies (see Section 10) and your user rights (see Section 7).


9. International Data Transfers

Forva AI is based in the Hong Kong Special Administrative Region. To provide the Services, we may transfer, store, and process your personal information in countries other than your own, which may have different data protection laws. When we transfer your personal information internationally, we will ensure that appropriate safeguards are in place to protect your informationand comply with applicable legal requirements. These safeguards may include:

  • Using Standard Contractual Clauses (SCCs) approved by relevant authorities (such as the European Commission).

  • Relying on adequacy decisions made by relevant authorities, where applicable.

  • Implementing other legally valid transfer mechanisms or derogations.


10. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with our Services. We will also retain and use your information as necessary to comply with our legal obligations, resolve disputes, enforce our agreements (including our Terms of Service), and for legitimate business purposes.


Specific general retention periods may include:

  • Account Information: For the duration your account is active, and for a limited period thereafter (e.g., 90 days after deletion request) to allow for account recovery or to address outstanding issues, unless longer retention is required by law.

  • Payment Information: Transaction data is retained as required by tax and accounting laws (often 7 years or longer).

  • Usage Data: May be retained in an aggregated or anonymized form for analytical purposes for periods such as up to 24 months or longer if anonymized.

  • Your Input and Generated Content: Retained while your account is active, or until you delete it, subject to our backup and archival practices and any overriding legal or contractual obligations.

  • Communications: For the duration necessary to resolve inquiries or address the subject matter of the communication, plus a reasonable period for record-keeping.


11. Cookies and Tracking Technologies


11.1 Types of Cookies We Use

  • Essential Cookies: Strictly necessary for the Services to function (e.g., authentication, security).

  • Functional Cookies: Remember your preferences and settings to enhance your experience (e.g., language preference).

  • Analytics Cookies: Help us understand how users interact with our Services, allowing us to improve performance (e.g., Google Analytics).

  • Marketing Cookies: Used to deliver relevant advertisements or marketing messages (these will only be used with your explicit consent).


11.2 Cookie Management

You can manage your cookie preferences through:

  • Our cookie consent banner or tool (if implemented).

  • Your web browser settings (which allow you to refuse or delete cookies).

  • Device settings for mobile applications (if applicable).

  • Please note that disabling essential cookies may affect the functionality of our Services.


12. Children's Privacy

Our Services are not directed to individuals under the age of 18 (or the relevant age of majority in their jurisdiction if higher). We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected personal information from a child without verifiable parental consent, we will take steps to delete such information promptly. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at hello@forva.ai.


13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service offerings. If we make material changes, we will notify you by:

  • Sending an email notification to the email address associated with your account.

  • Posting a prominent notice on our website or within the Services.

  • Other means appropriate to the significance of the changes. We encourage you to review this Privacy Policy periodically.

The date at the top of this page indicates when this policy was last revised. Your continued use of the Services after any changes or revisions to this Privacy Policy shall indicate your agreement with the terms of such revised Privacy Policy.


14. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: Forva AI Innovation Limited Email: hello@forva.ai


For users in the European Economic Area (EEA) or the UK, you also have the right to lodge a complaint with your local data protection supervisory authority.

bottom of page