Transparency about what we store, where it lives, how we use it, and how you control it. No surprises. No hidden clauses.
We store only the data you create or provide:
We do not store your location, contacts, photos, browsing history, or full payment card information.
Payment processing is securely handled by third-party payment providers such as Stripe, Apple, or Google Play. Forward Ops does not directly store full payment card information. We maintain your subscription status to manage access to premium features.
Your data is stored securely in the cloud via our backend infrastructure (Lovable Cloud). This allows you to access your records across devices and ensures your data is backed up even if you lose your phone. All data is encrypted in transit (TLS) and at rest.
For performance, some preferences and cached data are stored locally on your device. This includes your current theme setting, last-read timestamps, and temporary session tokens. You can clear this at any time via your device settings.
Only you. We use Row-Level Security (RLS) policies to ensure that no other user — and no unauthorized system — can read your personal records. Our administrators can access aggregated, anonymized analytics only (e.g., total active users), never individual content.
Forward Ops retains user information only for as long as necessary to provide services, maintain account functionality, comply with legal obligations, resolve disputes, enforce agreements, improve platform performance, and maintain platform security. Some anonymized analytics, wellness trends, or transaction records may be retained for legal, tax, fraud prevention, security, or operational purposes.
You own your data. From your Profile, you can request a full export of your records in JSON format. You can also delete your account, which permanently erases all associated data within a reasonable timeframe.
Users may request deletion of their account and associated data at any time by contacting service@forwardops.app. Upon verified request, Forward Ops will delete user data within a reasonable timeframe unless retention is required for legal, tax, security, fraud prevention, or regulatory purposes.
You have the right to: