Privacy Policy

Last Updated: March 28, 2026

1. Overview

RedeemForge ("we," "us," "our," or "Company") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use the Platform.

2. Information We Collect

A. Information You Provide Directly

  • Account Registration: Email, username, password (hashed), Twitch username
  • Twitch OAuth: Twitch user ID, channel name, follower count
  • Payment Information: Processed by Stripe (we don't store card data)
  • Content: Overlay configurations, redeem names, custom prompts
  • Communications: Support emails, feedback, survey responses

B. Information Collected Automatically

  • Log Data: IP address, browser type, operating system, pages visited
  • Cookies: Session, preference, analytics, and third-party cookies
  • Usage Analytics: Features accessed, overlays created, time spent, error messages
  • Twitch Webhooks: Redemption events (retained 30 days, then deleted)

C. Information from Third Parties

  • Twitch: Public channel info, redemption events
  • Stripe: Payment status and transaction history
  • Analytics: Aggregated usage statistics (Google Analytics)

3. How We Use Your Information

  • Service Delivery: Create and manage your account, authenticate, process payments
  • Twitch Integration: Connect your account, create rewards, receive redemption events
  • Analytics: Understand usage, identify popular features, improve performance
  • Communications: Send transactional emails, service updates, marketing (with consent)
  • Legal Compliance: Comply with laws, enforce ToS, protect against fraud

4. How We Share Your Information

We Do NOT Share With:

  • Advertisers or marketing agencies
  • Data brokers or data aggregators
  • Unaffiliated third parties for their marketing

We DO Share With:

  • Service Providers: Stripe (payments), Supabase (database), Vercel (hosting), Fly.io (backend)
  • Twitch: Account ID and channel information (per Twitch's Privacy Policy)
  • Legal: When required by law or court order
  • Business Transfers: If RedeemForge is acquired or merged

5. Data Security

We implement industry-standard security measures:

  • Encryption in transit (HTTPS/TLS 1.3)
  • Password hashing using bcrypt
  • Row-Level Security (RLS) database policies
  • Limited staff access to user data
  • Regular security audits and vulnerability testing

However, no security system is perfect. You are responsible for keeping your password confidential.

6. Data Retention

Data TypeRetention Period
Account InformationUntil deletion or 2 years after last login
Overlay/Redeem ConfigsUntil you delete them or account is deleted
Payment History7 years (tax compliance)
Twitch Webhook Events30 days
Log Data90 days
Analytics Data12 months

7. Your Rights

California (CCPA/CPRA)

  • Right to Know: Request what personal information we have
  • Right to Delete: Request deletion of your data
  • Right to Opt-Out: Opt-out of data sales (we don't sell data)
  • Right to Non-Discrimination: We won't discriminate if you exercise rights

European (GDPR)

  • Right of Access: Request a copy of your data
  • Right to Rectification: Correct inaccurate information
  • Right to Erasure: Request deletion ("right to be forgotten")
  • Right to Data Portability: Export your data in machine-readable format
  • Right to Object: Object to processing of your data

How to Exercise Your Rights

Email us at privacy@redeemforge.gg with your name, email, and specific request. We will respond within 30 days (45 days for GDPR).

8. Children's Privacy

RedeemForge is not directed at children under 13. We do not knowingly collect data from children under 13. If we become aware of such collection, we will delete the data and terminate the account.

9. Cookies and Tracking

Types of Cookies:

  • Essential: Authentication, CSRF protection, session management
  • Preference: UI customization (dark mode, sidebar state), language
  • Analytics: Google Analytics, error tracking (Bugsnag)

Control Cookies:

  • Browser settings: Disable cookies
  • Google Analytics: Use the Opt-Out Browser Extension
  • Do Not Track: We honor DNT headers when available

10. California-Specific (CCPA/CPRA)

No Sale of Personal Information: RedeemForge does NOT sell personal information or data to third parties for behavioral advertising.

Data Categories Collected: Identifiers, commercial information, internet activity, geolocation, professional/employment info

11. Changes to This Policy

We may update this Privacy Policy at any time. Changes take effect immediately upon posting. For material changes, we will provide 30 days' notice via email.

12. Contact Us

For privacy questions, contact us at:

  • Email: privacy@redeemforge.gg
  • Support: support@redeemforge.gg
  • Website: https://www.redeemforge.gg

By using RedeemForge, you agree to this Privacy Policy in its entirety.