Last updated: January 16, 2026
Forestwalk Labs, Inc. ("Forestwalk," "we," "our," or "us") is a British‑Columbia–incorporated company building software that helps teams work faster using AI. This policy explains how we handle information about people ("you") who visit our website or use Forestwalk's SaaS products, such as Cedarloop, and their related apps.
While we've kept this policy readable and are an early-stage startup, we follow the spirit of major privacy laws—including the EU GDPR, California CCPA/CPRA, and Canada PIPEDA. For questions, e‑mail [email protected].
| Category | Examples | Why we need it |
|---|---|---|
| Account info | Name, e‑mail, Google sign‑in identifier | Create and secure your account |
| Usage data | Feature clicks, pages viewed, rough geolocation from IP. When you sign in, we associate usage activity with your account so we can provide better support and improve the product. | Understand product usage, improve UX |
| Content you provide | Meeting transcripts, so we can generate notes | Deliver core functionality |
| Content from third parties | Google Calendar events | Deliver core functionality |
| Logs & diagnostics | Error traces, device/OS version | Fix bugs, keep the service reliable |
| Marketing preferences | Opt‑in status, message open rates | Send product updates and newsletters |
Sensitive data. We don't expect you to submit regulated personal data (health, biometric, bank details). If you choose to do so, ensure you have the right to share it.
Legal bases under GDPR: contract performance, legitimate interests, and consent, as applicable.
The use of raw or derived user data received from the Google Workspace APIs will adhere to the Google User Data Policy, including the Limited Use requirements.
| Purpose | Provider | Location |
|---|---|---|
| Cloud hosting | DigitalOcean | United States |
| Product analytics | PostHog | United States |
| Error monitoring | Sentry | United States |
| Model monitoring | Braintrust | United States |
| AI model APIs | OpenAI, Anthropic | United States |
| Customer support | Intercom | United States |
| Realtime meeting AV | Deepgram, Recall | United States |
| Login and database | Supabase | United States |
| Transactional emails | Resend | United States |
We do not share, transfer, or disclose your information, including data from third parties such as Google Calendar data, except as described in this policy. We do not share analytics data with advertisers or any third party beyond our analytics provider.
We'll update this list here at least 30 days before we add or replace a provider.
Our primary infrastructure is in the United States. If you reside outside the U.S., your data will be transferred there. We rely on the Standard Contractual Clauses or equivalent safeguards offered by our vendors.
We use only essential and analytics cookies – no third party ad tech.
Application logs are kept for 90 days or less. Your in‑product content remains until you delete it, or 30 days after you close your account, whichever comes first – after which it is removed from active backups. Certain legal or security records may be retained as required to comply with law or resolve disputes.
Depending on where you live, you may have the right to:
We aim to respond to all requests within 30 days.
Traffic is encrypted in transit using TLS. We limit internal access to production systems to key personnel. If we detect a data breach that affects your personal data, we'll notify affected users and regulators as required by law.
Forestwalk's products are intended for users 16 years and older. We do not knowingly collect data from children under 16. If you suspect a child has provided personal data, contact us and we will delete it.
We may update this page from time to time. Material changes will be flagged at the top of the page and, where feasible, e‑mailed to account owners. Continued use of Forestwalk's products after a change means you accept the revised policy.
Questions or concerns?
✉️ [email protected]