Privacy Policy

Last updated: January 1, 2025

Ballot Forge ("we", "us", or "our") is committed to protecting your privacy. This policy explains what information we collect, how we use it, and your rights.

Information We Collect

We collect the following categories of information:

• Account information: Email address, name, and profile photo (if signing in with Google).
• Organization data: Organization name, branding assets, and member information you provide.
• Election data: Elections, questions, options, and voter lists you create.
• Votes: Votes are stored anonymously. We cannot link a specific vote to a specific voter once a ballot is submitted.
• Usage data: Standard server logs including IP addresses and request metadata.

How We Use Your Information

• To provide and operate the Ballot Forge service.
• To send authentication emails (OTP codes and magic links).
• To send voter invitation and notification emails on behalf of election administrators.
• To improve and debug our service.
• To communicate about your account or service updates.

Vote Anonymity

Ballot Forge is designed so that individual votes cannot be traced back to specific voters after submission. Ballot contents are stored without any voter identifier. Voter session tokens are deleted upon vote submission. Receipt IDs are randomly generated and do not contain vote content.

Data Sharing

We do not sell your personal information. We share data only with:

• Cloudflare: Our infrastructure provider (Workers, D1, R2, KV). Subject to Cloudflare's privacy policy.
• OneSignal: Used to deliver authentication and notification emails. Subject to OneSignal's privacy policy.
• Google: If you sign in with Google OAuth. Subject to Google's privacy policy.

Data Retention

We retain your account and organization data for as long as your account is active. You may delete your organization and all associated data at any time from Settings → Danger Zone. Authentication tokens expire within 15 minutes (OTP) or 7 days (sessions).

Cookies

We use a single HTTP-only session cookie (vk_session) to authenticate your admin sessions. We do not use third-party tracking or advertising cookies.

Your Rights

Depending on your location, you may have rights to access, correct, delete, or export your personal data. To exercise these rights, contact us at privacy@ballotforge.com.

Children

Ballot Forge is not directed to children under 13. We do not knowingly collect personal information from children.

Changes

We may update this policy from time to time. Material changes will be communicated via email to account holders.

Contact

Questions about this policy? Email us at privacy@ballotforge.com.