Privacy Policy

Personal Information

• Full name, date of birth, and contact information
• Social Security Number (for VA claims processing)
• Military service records and discharge documentation
• VA file number and claims history

Medical Information

• Medical records and diagnoses
• Treatment history and provider information
• Disability ratings and service-connected conditions

Payment Information

• Credit card or payment method details (processed and stored securely by Stripe; Forged VA Council does not store full card numbers)
• Billing address and transaction history

Usage Data

• Device information and browser type
• IP address and approximate location
• Platform interaction data and feature usage
• Session duration and page views

We use your information for the following purposes:

• Benefits Analysis: AI-powered review of your service records and medical documentation to identify unclaimed or under-rated benefits
• Claims Processing: Assisting with the preparation and filing of VA benefits claims and appeals
• Communication: Sending you updates about your claims status, platform features, and account activity
• Platform Improvement: Analyzing aggregated, de-identified usage data to improve our AI models and user experience

We implement industry-leading security measures to protect your data:

• Encryption at Rest: All stored data is encrypted using AES-256 encryption
• Encryption in Transit: All data transmissions use TLS 1.3 encryption
• Infrastructure: Hosted on Supabase with SOC 2 Type II compliant infrastructure
• Access Controls: Role-based access controls with multi-factor authentication for all system administrators
• Regular Audits: Quarterly security assessments and penetration testing

Forged VA Council is committed to full compliance with the Health Insurance Portability and Accountability Act (HIPAA) for all medical records and health-related information:

• All medical data is classified as Protected Health Information (PHI) and handled accordingly
• Strict access controls limit PHI access to authorized personnel and systems only
• Comprehensive audit logging tracks all access to medical records
• Business Associate Agreements (BAAs) are in place with all third-party service providers that handle PHI
• Regular HIPAA compliance training for all team members with data access

Forged VA Council complies with all applicable federal regulations regarding VA data sharing and handling:

• VA data is accessed only with your explicit authorization
• Data sharing with the VA follows established protocols and authorization requirements
• Your VA records are never shared with unauthorized third parties
• All VA data handling complies with 38 U.S.C. and applicable VA directives

Forged VA Council uses the following third-party services:

• Stripe: Payment processing. Stripe's privacy policy governs their handling of your payment information.
• Supabase: Database infrastructure and authentication services.

Forged VA Council does not sell, rent, or trade your personal information to any third party under any circumstances.

• Active Accounts: Your data is retained for the duration of your active account and is available to you at any time.
• After Account Closure: Data is retained for 7 years following account closure for legal compliance, audit requirements, and to support any outstanding claims or disputes.
• Post-Retention: After the 7-year retention period, all personal data is securely deleted or permanently de-identified.

You have the following rights regarding your personal data:

• Access: Request a copy of all personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your data, subject to legal retention requirements
• Data Portability: Request your data in a machine-readable format for transfer to another service
• Opt-Out of Marketing: Unsubscribe from marketing communications at any time while continuing to receive essential account and claims notifications

To exercise any of these rights, contact us at privacy@forgedcouncil.com.

• Forged VA Council uses essential cookies only to maintain your session and ensure platform functionality.
• We do not use third-party tracking cookies or advertising pixels.
• Any non-essential cookies or analytics tracking will only be enabled with your explicit consent.

Forged VA Council is not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected data from a minor, we will take immediate steps to delete that information.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes:

• We will notify you via email and/or platform notification
• The updated policy will be posted with a new "Last Updated" date
• Continued use of the Platform after changes constitutes acceptance of the updated policy

For questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us: