Privacy Policy

1. Introduction

This Privacy Policy explains how OMIED LLC d/b/a ForceX.com ("ForceX," "we," "us," or "our") collects, uses, discloses, and protects personal information when you access or use the ForceX websites, applications, APIs, analytics, explorer surfaces, account services, and related offerings (collectively, the "Services").

2. Company Information

• Legal name: OMIED LLC d/b/a ForceX.com
• Formation: Texas, United States
• Contact email: contact@forcex.com

3. Scope

This Privacy Policy applies to personal information we collect through:

• ForceX websites and web applications;
• ForceX account and authentication services;
• APIs and developer services;
• beta, invite-only, or pre-release access programs;
• customer support and business communications; and
• related operational and security processes.

4. Information We Collect

A. Information you provide directly

We may collect:

• email address;
• display name or profile name;
• authentication credentials and account registration information;
• invitation or waitlist-related information;
• account preferences and support communications;
• subscription or enterprise onboarding information; and
• feedback, requests, and other communications you send to us.

B. Authentication and security information

We may collect and process:

• password hashes;
• linked identity-provider information from supported OAuth providers;
• multi-factor authentication setup data;
• recovery-code hashes;
• account status and access tier information;
• session identifiers and refresh-token hashes; and
• security and fraud-prevention records.

C. Technical, device, and usage information

We may collect:

• IP addresses;
• user-agent strings;
• device and browser information;
• timestamps of account and session activity;
• login attempts and session history;
• API key metadata and API usage records;
• feature access records;
• rate-limit and anti-abuse telemetry; and
• operational, diagnostic, and product-usage logs.

D. Subscription and commercial information

Where applicable, we may collect:

• plan, subscription, or entitlement information;
• billing contact data;
• payment-related records from payment processors; and
• enterprise account and contract administration data.

E. Information from third parties

We may receive information from:

• identity providers such as Google and X/Twitter;
• email service providers such as Resend;
• hosting and infrastructure providers such as Amazon Web Services;
• future payment processors; and
• other service providers, business partners, or lawful sources.

F. Cookies and similar technologies

We may use cookies, local storage, session storage, and similar technologies for:

• authentication and session continuity;
• security and fraud prevention;
• product functionality;
• preference storage; and
• analytics and service operations.

We do not currently intend to use cross-site behavioral advertising or retargeting technologies. If that changes, we will update this Privacy Policy and any required notices.

5. How We Use Personal Information

We may use personal information to:

• create, authenticate, maintain, and secure accounts;
• verify email ownership and manage invitation or beta-access workflows;
• provide explorer, analytics, API, subscription, and account functionality;
• manage sessions, API keys, and access rights;
• prevent fraud, abuse, unauthorized access, and other harmful activity;
• investigate incidents, enforce our terms, and maintain audit trails;
• provide customer support and respond to inquiries;
• send transactional and service-related communications;
• improve, debug, monitor, and operate the Services;
• measure product usage and performance;
• comply with legal obligations; and
• establish, exercise, or defend legal claims.

6. Legal Bases for Processing (EEA/UK)

If you are in the EEA or UK, our legal bases may include:

• performance of a contract or steps taken at your request before entering into a contract;
• our legitimate interests, such as securing and improving the Services, preventing abuse, and operating our business;
• compliance with legal obligations; and
• consent, where required.

7. How We Share Information

We may share personal information with:

• cloud hosting and infrastructure providers, including Amazon Web Services;
• authentication, email, analytics, logging, monitoring, and security vendors;
• payment processors when paid services are enabled;
• professional advisers, auditors, insurers, or legal counsel;
• law enforcement, regulators, courts, or government authorities where required or appropriate;
• a buyer, investor, or successor entity in a merger, acquisition, financing, restructuring, or sale of assets; and
• other parties with your direction or consent.

We do not currently sell personal information. We also do not currently share personal information for cross-context behavioral advertising.

8. International Transfers

ForceX operates from the United States and may process or store personal information in the United States or other jurisdictions where our providers operate.

If you access the Services from outside the United States, you understand that your information may be transferred to, stored in, and processed in jurisdictions that may not provide the same level of data protection as your home jurisdiction.

Where required, we will rely on appropriate safeguards for cross-border transfers.

9. Data Retention

ForceX retains personal information for as long as reasonably necessary for the purposes described in this Privacy Policy. Our current operational retention targets are:

• Active account records: while the account remains active
• Deleted account remnants: generally 30 to 90 days
• Session metadata: generally up to 90 days after expiration
• Login-attempt and security telemetry: generally 90 days
• Audit and security records: generally up to 24 months
• Invitation redemption records: generally up to 24 months
• API usage logs: raw logs generally 6 to 12 months
• Backup copies: until overwritten in the normal backup lifecycle

Actual retention may vary where reasonably necessary for legitimate business, legal, security, or compliance reasons.

10. Security

ForceX uses administrative, technical, and organizational measures intended to help protect personal information. These measures may include access controls, credential protections, encryption or hashing where appropriate, audit logging, rate limiting, and security monitoring.

However, no system can be guaranteed to be perfectly secure, and we cannot guarantee absolute security.

11. Your Choices and Rights

Depending on your jurisdiction, you may have rights to:

• access personal information;
• correct inaccurate personal information;
• request deletion;
• object to or restrict certain processing;
• withdraw consent where processing is based on consent;
• request portability of certain data; and
• lodge a complaint with a supervisory authority or regulator.

To exercise rights or submit privacy requests, contact contact@forcex.com.

12. California Privacy Disclosures

If you are a California resident, you may have rights under California law, including rights to know, access, delete, correct, and limit certain uses of personal information, subject to exceptions.

ForceX does not currently sell personal information or share personal information for cross-context behavioral advertising.

California residents may submit requests to contact@forcex.com.

13. EEA/UK Rights

If you are in the EEA or UK, you may have the right to: access, rectify, erase, restrict processing, object to processing, data portability, and lodge a complaint with your local supervisory authority.

You may also contact us at contact@forcex.com regarding these rights.

14. Children

The Services are not directed to children and are not intended for users under 18. If we learn that we have collected personal information from a child contrary to applicable law, we will take reasonable steps to delete it.

15. Beta and Invite-Only Access

ForceX may operate invite-only, waitlist, tester, beta, or limited-access programs. In connection with those programs, ForceX may process information such as invitation code redemption data, account role or access-tier status, verification and activation records, and related security and audit telemetry.

16. Third-Party Links and Services

The Services may contain links to third-party services or rely on third-party authentication or infrastructure. This Privacy Policy does not govern third-party services, and you should review the privacy practices of those providers directly.

17. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we may provide additional notice where reasonably appropriate. The "Last updated" date reflects the latest revision.

18. Contact

OMIED LLC d/b/a ForceX.com
Email: contact@forcex.com