Effective: March 19, 2026 | Last updated: March 19, 2026 Applies to: getgeoforge.com and all GEOforge products
GEOforge is an AI-powered Generative Engine Optimization (GEO) platform operated by Hop AI. We help businesses measure, build, and grow their brand's presence in AI-generated responses across platforms including ChatGPT, Perplexity, Gemini, Claude, Microsoft Copilot, and Google AI Overviews.
Our products include BaseForge, SignalForge, ContentForge, and CiteForge, accessible via the web platform at getgeoforge.com.
GEOforge / Hop AI acts as the Data Controller for personal data collected through our website and platform. For data processed on behalf of our clients (such as brand knowledge bases and content), clients act as Data Controllers and GEOforge acts as a Data Processor.
We collect different types of information depending on how you interact with GEOforge.
Account & Identity Data Full name and email address (provided when invited to the platform); role and permission level within your organisation's account; encrypted passwords (bcrypt hashed — we never store plain-text passwords); session tokens and authentication credentials.
Brand & Business Data Brand name, website URL, description, and strategic goals; competitor names and domains you configure for monitoring; knowledge base documents, files, and content you upload; content topics, drafts, and published articles generated within the platform; CMS integration credentials (e.g., WordPress application passwords, Webflow API tokens).
Usage & Technical Data Log data including IP address, browser type, operating system, pages visited, and time spent; API request logs, error reports, and performance metrics; LLM usage logs including token counts, model used, and cost data (no prompt content stored long-term); AI crawler event data tracking how bots index your published content; Share of Voice (SoV) measurement data from LLM query results.
Communications Data Messages you send to our support team via email; demo request and enquiry form submissions; billing and invoicing correspondence.
We do not collect payment card details directly — all payments are processed by our third-party payment provider. We do not sell your data or use it for advertising targeting.
We use your data for the following purposes:
If you are located in the European Economic Area (EEA) or the United Kingdom, our processing of your personal data is based on the following legal grounds:
We do not sell, rent, or trade your personal data. We share data with third parties only in the following limited circumstances.
Service Providers (Processors) We use vetted third-party service providers who process data on our behalf under strict contractual obligations, including: cloud hosting providers for platform infrastructure and secure data storage; AI/LLM providers to power content generation and analysis features (e.g., Anthropic, OpenAI, Google) — only the minimum necessary data is sent, and we use de-branded queries where possible; payment processors to handle subscription billing; analytics tools for platform performance monitoring (anonymised or aggregated where possible); and email delivery services for transactional and support communications.
CMS Integrations When you connect GEOforge to your WordPress site or Webflow collection, content and credentials you configure are shared with those platforms as directed by you, and are governed by those platforms' own privacy policies. Google Drive is different: access is inbound and read-only — GEOforge imports files from a folder you choose and never writes to or modifies your Drive. See “Google Drive Data” below for full details.
Legal Requirements We may disclose your data to law enforcement, regulators, or courts when required by law, or when necessary to protect the rights, property, or safety of GEOforge, our clients, or others.
Business Transfers In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity. We will notify you before such a transfer occurs.
GEOforge's core functionality relies on Large Language Models (LLMs). Here's how we handle data in the context of AI processing:
Note: AI-generated content may not always be accurate. You are responsible for reviewing, editing, and approving all AI-generated content before it is published.
Google Drive Data. When you connect Google Drive, GEOforge requests read-only access (the drive.readonly scope) to import documents from folders you select. We use this access solely to read and sync those files into your brand knowledge base, where they are processed (chunked and embedded) to generate brand-accurate content. Google Drive files are stored in encrypted, access-controlled storage and retained in line with Section 8 below. We do not use Google Drive data to train generalized AI or machine-learning models, do not sell it, and do not allow humans to read it except (a) with your consent, (b) for security or to comply with the law, or (c) where the data has been aggregated or anonymized. Any content sent to LLM providers is limited to what is necessary to deliver the features you request, under agreements that prohibit training on your data. You can disconnect Google Drive at any time in Settings → Integrations, which revokes GEOforge's access.
Compliance with the Google API Services User Data Policy. GEOforge's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
We use cookies and similar tracking technologies on getgeoforge.com and within the GEOforge platform.
You can manage cookie preferences through our cookie consent banner or your browser settings. Disabling non-essential cookies will not affect your core use of the GEOforge platform.
We retain your personal data only for as long as necessary to fulfil the purposes described in this policy, or as required by law:
When a subscription ends, we will delete or anonymise your data within 30 days unless you request earlier deletion or we are legally required to retain it longer.
Depending on your location, you may have the following rights:
To exercise any of these rights, email us at [email protected] with your name, account email, and the right you wish to exercise. We will respond within 30 days.
We implement industry-standard security measures to protect your data, including: TLS 1.2+ encryption for all data in transit; bcrypt password hashing; JWT-based authentication with appropriate expiry policies; role-based access controls scoped to individual brand accounts; rate limiting on sensitive API endpoints; regular security reviews and access audits; and secure, access-controlled cloud storage for all uploaded files and knowledge base content.
No method of internet transmission or electronic storage is 100% secure. In the event of a data breach affecting your rights, we will notify you as required by applicable law.
GEOforge is operated by Hop AI, based in the European Union. Our infrastructure may involve service providers in various countries including the United States. When we transfer personal data outside the EEA or UK, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission and Enterprise Data Processing Agreements with all major LLM and cloud providers.
GEOforge is a professional B2B platform intended solely for use by businesses and individuals aged 18 and over. We do not knowingly collect personal data from children under the age of 18. If you believe a minor has provided us with personal data, please contact us at [email protected] and we will promptly delete that information.
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date, notify platform users via email or in-app notification at least 14 days before the changes take effect, and where required by law, request your renewed consent.
GEOforge / Hop AI [email protected] getgeoforge.com
We aim to respond to all privacy-related enquiries within 30 days.
If you are not satisfied with our response, you have the right to lodge a complaint with your relevant supervisory authority. For UK users, this is the Information Commissioner's Office (ICO) at ico.org.uk.