Privacy Policy

RepairForge (“RepairForge,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy describes how information is collected, used, stored, disclosed, and otherwise processed when you visit https://www.getrepairforge.com, use our cloud-based repair shop management applications, call our APIs, enable integrations, or otherwise use related services we offer in connection with the platform (collectively, the “Services”).

RepairForge is a cloud-based repair shop management platform. The Services include repair ticket management, point of sale, inventory management, customer management, appointment scheduling, reporting, marketing tools (such as campaigns or templates you configure), and integrations—including Google Calendar, Stripe, Square, QuickBooks Online, and outbound webhooks you configure to notify external systems of events in RepairForge. By accessing or using the Services, you acknowledge that you have read this Privacy Policy.

This Privacy Policy applies to information processed in connection with our Services. It should be read together with our Terms of Service, which govern your use of RepairForge. If you do not agree with this Privacy Policy, you must discontinue use of the Services.

We collect information that you provide directly to us, information generated through your use of the Services, and information we receive from integrations and service providers. The categories below are representative and may evolve as we add features or integrations.

• Account information: name, email address, business or trade name, phone number, job title (where applicable), and similar identifiers used to create and administer your RepairForge account.
• Billing and subscription information: billing contact details, subscription plan and entitlements, invoice history, tax identifiers where required, renewal dates, and payment method metadata. Payment card numbers and CVV data are collected and processed by our payment processors (for example, Stripe) and are not stored by RepairForge in full.
• Customer and repair data: information your organization enters or imports into RepairForge, such as customer profiles, repair tickets, estimates, invoices, notes, communications logs, inventory records, serialized assets, loyalty data, marketing audience or campaign content you create, and attachments you choose to upload.
• Device, browser, IP address, and usage data: IP address, device type, operating system, browser type, general geographic region derived from IP (not precise GPS from RepairForge by default), feature usage, session duration, diagnostic logs, error reports, performance metrics, and aggregated statistics that help us secure, operate, and improve the Services.
• Cookies and similar technologies: identifiers stored on your device as described in Section 11, including those used for session management and authentication.
• Third-party integration and webhook data: when you connect integrations (such as Google Calendar, Stripe, Square, or QuickBooks), we receive tokens, configuration settings, identifiers, and operational payloads necessary to perform the integration on your behalf. When you configure webhooks, we process endpoint URLs, signing or verification metadata you provide, delivery logs, and payload content necessary to deliver events you request.

We do not require you to provide information beyond what is reasonably necessary to operate your account and deliver the Services; however, limiting certain information may prevent specific features from functioning.

When you choose to connect Google Calendar to RepairForge, we use Google’s OAuth 2.0 authorization framework to request permission to access the Google account you designate. The scope of access is limited to what is needed to provide calendar synchronization features you enable.

Depending on your configuration and the features you use, RepairForge may read available calendars associated with your authorized Google account, create calendar events, update events, and delete events in order to keep RepairForge appointments and related scheduling information consistent with your selected calendar. Calendar operations are performed to provide synchronization functionality requested by your organization, not for unrelated data mining.

OAuth access tokens and refresh tokens are stored securely using server-side controls and are used solely to maintain the integration, refresh authorization when permitted by Google, and perform calendar actions you initiate or that are configured as part of automated sync workflows.

RepairForge uses Google user data and calendar content only to provide the synchronization and scheduling functionality requested by your organization through the Services. RepairForge does not use Google user data for advertising. RepairForge does not sell Google user data to third parties.

You may disconnect Google Calendar at any time through RepairForge integration settings. Disconnecting stops future synchronization and removes RepairForge’s ability to access your Google Calendar using the previously issued tokens, subject to reasonable propagation and backup retention described in Section 8.

Stripe and Square may process payments and related transaction data on behalf of your organization when those integrations are enabled. RepairForge supports payment processing through these and other third-party processors. When you enable an integration, transactions are processed by the applicable processor under its own terms and privacy policy. RepairForge receives and stores information necessary to confirm payment status, reconcile transactions with tickets or invoices, support refunds and disputes at a metadata level, and display receipts or payment history within the platform.

RepairForge does not store full payment card numbers, card verification values, or magnetic stripe data. Tokenization, cardholder authentication, and card data handling are performed by Stripe, Square, or your configured processor. We may store processor-generated tokens, payment intent identifiers, transaction IDs, amounts, timestamps, and related business records.

If you use Square Terminal or other hardware workflows supported by RepairForge, operational data required to initiate and monitor those flows may be processed by Square according to Square’s policies. You are responsible for configuring integrations consistent with your compliance obligations.

When you connect QuickBooks Online (or other supported accounting integrations), RepairForge accesses and synchronizes QuickBooks data only at your direction—for example, when you enable sync, map accounts, or trigger a sync action within the product. We may synchronize invoices, customers, line items, tax treatment metadata, payment references, and related financial records that you choose to sync, in order to reduce duplicate data entry and support bookkeeping workflows.

Integration data is transmitted over encrypted connections and processed only to provide the accounting synchronization features you enable. Intuit’s QuickBooks services are governed by Intuit’s terms and privacy statements. You should review those documents to understand how Intuit processes information submitted through QuickBooks.

You remain responsible for the accuracy of synchronized records, chart-of-account mappings, and tax reporting. RepairForge does not provide accounting, tax, or legal advice.

We use the information described in this Privacy Policy for the following purposes, consistent with applicable law and, where required, based on an appropriate legal basis (such as performance of a contract, legitimate interests, or consent):

• Provide and maintain the Services, including repair tickets, inventory, point of sale, scheduling, reporting, marketing features you use, integrations, and webhooks you configure.
• Authenticate users, enforce access controls, maintain audit logs, and associate activity with the correct organization and role.
• Process subscriptions and billing, including invoicing, payment collection, dunning communications, tax documentation where applicable, and plan administration.
• Provide customer support, respond to inquiries, diagnose errors, and operate feedback channels.
• Improve platform functionality, reliability, and user experience, including through aggregated or de-identified analytics where feasible.
• Monitor security, detect and prevent fraud, abuse, or unauthorized access, and respond to security incidents.
• Send important account, billing, security, and product communications; where permitted, send optional product education or marketing messages (from which you may opt out as described in Section 12).
• Comply with legal obligations, respond to lawful requests by public authorities, and enforce our Terms of Service and acceptable use standards.

We do not sell your personal information as that term is commonly understood under U.S. state privacy laws. We do not use Google user data for advertising, and we do not sell Google user data to third parties, as further described in Section 3.

RepairForge does not sell personal information. We disclose information only as described in this Privacy Policy or with your direction (for example, when you configure an integration). We may share information with the following categories of recipients:

• Hosting and infrastructure providers that store or process data on our behalf under contractual confidentiality and security obligations.
• Payment processors (such as Stripe and Square) to complete transactions you authorize.
• Email, SMS, and messaging providers used to deliver transactional notifications, security alerts, and optional marketing communications.
• Analytics and observability providers that help us measure reliability, diagnose errors, and understand aggregate product usage.
• Integration partners (such as Google, Intuit, and payment networks) and webhook or automation endpoints you configure, to the extent necessary to operate connected services or deliver events you request.
• Professional advisors, including attorneys and accountants, where subject to confidentiality duties.
• Law enforcement, regulators, or other parties when we believe disclosure is required by law, legal process, or governmental request, or to protect the rights, property, or safety of RepairForge, our users, or the public.

If RepairForge undergoes a merger, acquisition, financing, reorganization, or sale of assets, information may be transferred as part of that transaction, subject to confidentiality commitments and notice where required by law.

We retain information for as long as your account is active, as needed to provide the Services, and as necessary to comply with legal, tax, and regulatory obligations, resolve disputes, enforce agreements, and maintain appropriate business records.

When you delete content within RepairForge, remove an integration, or close your account, we will delete or de-identify information on a schedule consistent with our technical environment, except where retention is required by law or legitimate business interests (for example, limited backup archives, billing records, or security logs). Retention periods may vary by data category and jurisdiction.

Backup systems may retain residual copies for a limited period before automatic overwrite cycles complete. If you require specific deletion timelines for compliance reasons, contact us using the details in Section 18.

We implement administrative, technical, and organizational measures designed to protect information against unauthorized access, alteration, disclosure, or destruction. Our program includes, where appropriate: encryption of data in transit (and encryption at rest where applicable); hardened hosting infrastructure supplied by reputable cloud providers; role-based access controls and least-privilege engineering practices for our personnel and systems; security monitoring, logging, and alerting; vulnerability management; and employee training.

No method of transmission over the Internet or method of electronic storage is completely secure. While we strive to use commercially reasonable safeguards, we cannot guarantee absolute security. You are responsible for maintaining strong passwords, enabling multi-factor authentication where offered, limiting administrative privileges, and securing devices used to access RepairForge.

If we become aware of a breach affecting your information where notification is required by law, we will provide notice in accordance with applicable requirements.

RepairForge operates primarily from the United States. If you access the Services from outside the United States, you understand that your information may be transferred to, stored in, and processed in the United States and in other countries where we or our subprocessors operate. Those countries may have data protection laws that differ from those in your jurisdiction.

Where required, we implement appropriate safeguards for cross-border transfers, such as standard contractual clauses or other mechanisms recognized under applicable law. You may contact us for additional information about such safeguards to the extent we can disclose them without compromising security.

We use cookies, local storage, pixels, and similar technologies to operate the Services, remember preferences, maintain authenticated sessions, measure performance, and analyze usage patterns.

• Essential cookies: required for core functionality such as authentication, load balancing, security, fraud prevention, and session integrity. These cookies cannot be disabled if you wish to use the Services through a browser.
• Session management cookies and similar storage: help maintain your authenticated session, remember in-session preferences, and route requests securely.
• Analytics cookies: help us understand how visitors and customers interact with marketing pages and the application so we can improve reliability and user experience. Where required by law, we will obtain consent before using non-essential analytics cookies.

You can control cookies through your browser settings. Blocking certain cookies may impact functionality. For marketing communications, see Section 12 regarding opt-out rights.

Depending on your location and applicable law, you may have the right to access, correct, update, or delete certain information; export data in a portable format where technically feasible; restrict or object to certain processing; and withdraw consent where processing is based on consent. You may also opt out of marketing emails by using the unsubscribe link in those messages or by contacting us.

Account administrators can manage much of their organization’s data directly within RepairForge, including user access and certain deletion workflows. For requests that cannot be fulfilled through self-service tools, email support@getrepairforge.com. We may need to verify your identity before processing a request and may decline requests that are manifestly unfounded, excessive, or prohibited by law.

If you are an end customer of a repair shop that uses RepairForge, please contact that shop directly regarding data they control. In many cases, we process such information only as a processor on behalf of our business customer.

If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) may provide you with additional rights regarding personal information. RepairForge does not sell personal information or share personal information for cross-context behavioral advertising as part of its core product offering.

Subject to verification and applicable exceptions, California residents may have the right to know categories and specific pieces of personal information collected; delete personal information; correct inaccurate personal information; limit use of sensitive personal information where applicable; and not receive discriminatory treatment for exercising privacy rights.

To submit a request, contact support@getrepairforge.com. We will verify your request consistent with applicable regulations. You may designate an authorized agent in writing, subject to verification requirements.

If you are located in the European Economic Area, the United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) or equivalent local law may apply to certain processing. Depending on the circumstances, RepairForge may act as a controller for account and platform operations, and as a processor for customer data entered by your organization.

Where GDPR applies, you may have the right to access, rectification, erasure, restriction of processing, data portability, objection to processing based on legitimate interests, and withdrawal of consent where processing is consent-based. You may also lodge a complaint with a supervisory authority in your country of residence.

We process personal information only where we have a lawful basis, such as performance of a contract with you, legitimate interests that are not overridden by your rights, compliance with legal obligations, or consent where required. For enterprise customers, a data processing agreement may govern processor activities; contact us for more information if you require a DPA for your organization.

RepairForge is intended for use by businesses and adult users. The Services are not directed to children under 13 (or the age of digital consent in your jurisdiction), and we do not knowingly collect personal information from children for consumer purposes.

If you believe we have collected information from a child in violation of applicable law, contact support@getrepairforge.com and we will take appropriate steps to investigate and delete such information where required.

The Services may contain links to third-party websites, documentation, or services that are not operated by RepairForge—including sites reached through marketing links, partner pages, or documentation for integrations and webhooks. This Privacy Policy does not apply to third-party services. We encourage you to review the privacy policies of Google, Stripe, Square, Intuit, webhook receivers, and any other integrations or endpoints you enable.

When you direct RepairForge to send data to a third party through an integration, that disclosure is made at your instruction. RepairForge is not responsible for the privacy practices of third parties beyond our obligation to configure integrations securely and in accordance with this Privacy Policy.

RepairForge may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or Service features. When we make material changes, we will post the revised policy on https://www.getrepairforge.com (including this page) and update the “Last Updated” date. Where required by law, we will provide additional notice (such as an email or in-product notification).

Your continued use of the Services after the effective date of an update constitutes your acknowledgment of the revised Privacy Policy, except where your explicit consent is required under applicable law.

If you have questions about this Privacy Policy, wish to exercise privacy rights, or need assistance with integrations or data practices, please contact RepairForge:

• RepairForge
• Email: support@getrepairforge.com
• Website: https://www.getrepairforge.com

For convenience, you may also review our Terms of Service, which describe the contractual terms governing use of RepairForge.