Privacy Policy
At Forked, we take your code and data privacy seriously. This policy outlines exactly what we collect, how we use it, and the stringent measures we take to protect your intellectual property.
1. Introduction, Scope, and Applicability of Policy
This comprehensive Privacy Policy ("Policy") serves as a legally binding document governing the collection, processing, storage, transmission, and utilization of data by Forked, a platform operated and managed by Ark Platforms ("Company", "We", "Us", "Our"). By accessing, browsing, registering for, downloading, or otherwise using the Forked platform, its associated mobile applications (iOS and Android), its application programming interfaces (APIs), its software development kits (SDKs), or any other services provided by Ark Platforms (collectively, the "Services"), you ("User", "Developer", "Client") explicitly verify that you have read, understood, and agreed to be bound by the terms and conditions set forth in this Policy. This Policy has been meticulously drafted to ensure full compliance with global data protection regulations, including but not limited to the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679), the California Consumer Privacy Act (CCPA) (Cal. Civ. Code § 1798.100 et seq.), the California Privacy Rights Act (CPRA), the UK Data Protection Act 2018, the Brazilian General Data Protection Law (LGPD), and the strictly enforced privacy guidelines of the Apple App Store Review Guidelines and the Google Play Developer Policy. The scope of this Policy extends to all information collected through our Services, whether provided directly by you, collected automatically via technical means, or obtained from third-party sources. It applies to all users irrespective of their geographical location, citizenship, or residency, although specific rights and provisions may apply depending on your local jurisdiction. We are committed to the principles of lawfulness, fairness, and transparency. As such, every data processing activity described herein is grounded in a specific legal basis, whether that be your explicit consent, the performance of a contract, compliance with a legal obligation, or our legitimate business interests. You are hereby advised that this Policy applies solely to information processed by Ark Platforms. It does not extend to the practices of third-party companies, individuals, or entities that we do not own, control, or employ. While our Services may contain links to external websites, plugins, or tools, we expressly disclaim liability for the privacy practices of such third parties. We strongly encourage you to review the privacy policies of any third-party services you verify to access. Furthermore, this Policy is a living document. As our technology evolves, as legal requirements shift, and as we introduce new features to the Forked platform, this Policy will contain necessary updates. Your continued use of the Services following the posting of any changes to this Policy constitutes your acceptance of those changes. If you do not agree with any part of this Policy, you must immediately discontinue use of the Services and, if applicable, request the deletion of your account and data.
2. Data Controller Identity and Contact Information
For the purposes of the General Data Protection Regulation (GDPR) and other relevant data protection laws, the Data Controller responsible for the processing of your personal data is Ark Platforms. We are a registered entity operating under the laws of the European Union, with our principal place of business established to ensure strict adherence to EU privacy standards. We understand that navigating data privacy can be complex. Therefore, we have appointed a dedicated Data Protection Officer (DPO) and established a specialized Privacy Team to oversee our data protection strategy and ensure ongoing compliance. This team serves as your primary point of contact for all privacy-related inquiries, concerns, complaints, or requests to exercise your data rights. If you have any questions regarding this Policy, if you wish to exercise your rights to access, rectify, or erase your data, or if you have specific concerns about the security of your information, you are strongly encouraged to contact us immediately. All official correspondence regarding privacy matters must be directed to our designated email address: app@arkplatforms.eu. When contacting us, please provide sufficient detail to allow us to identify your account and understand the nature of your request. We are committed to acknowledging and responding to all legitimate requests within the statutory timeframes mandated by applicable law (typically 30 days under GDPR). In addition to email, we maintain physical records of data processing activities as required by Article 30 of the GDPR, ensuring full accountability and auditability of our internal data practices.
3. Comprehensive Collection of Personal Identity Information (PII)
We collect Personal Identity Information (PII) as a fundamental requirement for establishing and maintaining a secure, verifiable, and trustworthy environment for all users on the Forked platform. The collection of PII is necessary for the performance of the contract between you and Ark Platforms, as it allows us to create your unique user profile, manage your account credentials, and prevent unauthorized access. The specific types of PII we collect may vary depending on your level of interaction with the Services but generally include, without limitation: - Full Legal Name: We require your real name to establish your identity, facilitate professional networking, and ensure legal accountability for checking code and content shared on the platform. - Date of Birth: We collect your date of birth to verify your age, ensuring strict compliance with the Children's Online Privacy Protection Act (COPPA) and GDPR age of consent requirements, preventing minors from accessing age-restricted services. - Nationality and Residency: We may collect information regarding your country of residence and citizenship to ensure compliance with export control laws, tax regulations (VAT/GST determination), and regional content restrictions. - Government-Issued Identification: In specific high-security scenarios, such as verifying a "Pro" developer account, processing high-value payouts, or resolving account recovery disputes, we may request a copy of a valid government-issued identification document (e.g., passport, national ID card, driver's license). This document is strictly used for identity verification purposes and is processed with the highest level of encryption. secure deletion policies apply immediately after verification is complete. - Profile Photographs: You may choose to upload a profile picture. While optional, this helps in building trust within the community. We process this image to display it across your profile, posts, and comments.
4. Comprehensive Collection and Verification of Contact Information
To ensure reliable communication, account security, and the delivery of critical service notifications, we collect and rigorously verify your contact information. This data is vital for "Two-Factor Authentication" (2FA) systems, password recovery flows, and the suppression of spambots. The contact information we collect includes: - Primary Email Address: This is your primary identifier on the platform. We use it to send account activation links, login notifications, security alerts, and legal notices. We verify ownership of this email address via a confirmation link. - Secondary/Recovery Email Address: We may ask for an optional secondary email to assist in account recovery if you lose access to your primary account. - Mobile Telephone Number: We collect your mobile phone number for the purpose of SMS-based Multi-Factor Authentication (MFA). This allows us to send one-time codes (OTP) to verify your identity during login attempts from new devices. This number helps us prevent duplicate account creation and abuse. - Physical Billing Address: If you engage in paid transactions (e.g., subscribing to Forked Pro), we are required to collect your billing address to calculate applicable sales tax/VAT and to prevent credit card fraud via Address Verification Service (AVS) checks.
5. Granular Collection and Processing of Financial Data
As a platform that enables developer monetization, sponsorships, and marketplace transactions, the processing of financial data is a critical component of our Service. We handle this data with extreme care, adhering to the Payment Card Industry Data Security Standard (PCI-DSS) Level 1 compliance requirements. Payment Methods: When you make a purchase, subscribe to a service, or sponsor another developer, we collect specific payment information. This typically includes your credit card number, expiration date, CVV securities code, and the name on the card. Crucially, Ark Platforms does NOT store your full credit card number. Instead, this information is securely transmitted directly to our payment processor, Stripe, via strict API calls. Stripe returns a secure "token" to us, which we store to facilitate future transactions without ever effectively touching your sensitive card data. Payout Information: If you are a developer receiving funds from the platform (e.g., via sponsorships or template sales), we must collect banking information to facilitate payouts. This includes your Bank Account Number (IBAN), Bank Identifier Code (SWIFT/BIC), and Account Holder Name. Depending on your jurisdiction (e.g., US users), we may also be legally required to collect tax identification numbers (SSN/EIN) and file IRS Form 1099-K. This financial data is encrypted at rest and is accessible only to authorized financial personnel for the sole purpose of executing payouts and tax compliance.
6. Collection of Biometric Data for Identity Verification
In an era of sophisticated digital fraud, traditional passwords are sometimes insufficient. Therefore, in specific, limited, and high-risk scenarios, we may request the collection of biometric data to provide irrefutable proof of identity. This processing is conducted based on your explicit consent and is used strictly for security purposes. Scenarios for Collection: We may request a "video selfie" or a live photo check during the Account Recovery process if you have lost all other access methods, or during the verification process for high-profile verified accounts to prevent impersonation. Liveness Detection: We use technology to analyze facial geometry and detect "liveness" to ensure the user is physically present and not using a static photo or deepfake mask. Storage and Retention: Biometric templates differ from standard photos. We do not store the raw biometric map of your face. Instead, the data is processed instantly to generate a verification score. Once the verification decision is made (approved/rejected), the biometric data is permanently and securely deleted from our servers. We never sell, share, or use biometric data for marketing or training public AI models.
7. Automated Collection of Technical Device and Usage Data
To ensure the stability, security, and optimization of the Forked platform across a multitude of devices and network conditions, we automatically collect detailed technical telemetry whenever you interact with our Services. This "passive" collection is essential for debugging crashes, improving application performance, and preventing account sharing abuse. Device Specifications: We collect data identifying your hardware model (e.g., iPhone 15 Pro, Samsung Galaxy S24), operating system version (e.g., iOS 18.2, Android 15), screen resolution, processor architecture (ARM/x86), and total available memory. This helps us serve the correct application build for your device. Unique Device Identifiers: We assign and track unique identifiers such as the Universally Unique Identifier (UUID), Android ID, or Identifier for Vendors (IDFV). These identifiers allow us to persist your session securely, manage push notification tokens, and enforce device bans in cases of severe Terms of Service violations. Battery and Network Status: We may collect data regarding your battery level and network connection type (WiFi/4G/5G) to optimize data usage—for example, by pausing heavy video downloads when you are on a metered connection or low battery.
8. Collection and Logging of IP Addresses and Network Data
Every request made to our servers is accompanied by your Internet Protocol (IP) address. We log and process this data for multiple critical functions involving security, compliance, and user experience. Geo-localization: We use your IP address to derive your approximate geographical location (City/Country level). This allows us to set your default language, currency, and time zone automatically, and to serve content from the nearest Content Delivery Network (CDN) edge node for faster loading speeds. Security Auditing: Access logs containing IP addresses are retained for security auditing. They allow us to detect brute-force login attacks, identify botnets, and trace the source of malicious API requests. Rate Limiting: To prevent Denial of Service (DoS) attacks and ensure fair usage of our API resources, we use IP addresses to track request volumes and enforce temporary blocks on abusive sources.
9. Collection, Processing, and Ownership of Source Code
Forked is, at its core, a platform for creating, sharing, and executing code. As such, the collection and processing of source code text, file structures, and repository metadata is central to our service usage. User Ownership: We explicitly state that you strictly retain full ownership and intellectual property rights for all code, scripts, and software you author and upload to the platform. We claim no copyright or patent rights over your User Generated Content (UGC). Public Repositories: When you post a "Public" snippet or repository, you grant Ark Platforms a non-exclusive, worldwide, royalty-free license to host, display, reproduce, and distribute that code on the platform, allowing other users to view, fork, and learn from your work, consistent with open-source principles. Private Repositories: Code uploaded to "Private" repositories is treated with the highest confidentiality. It is encrypted at rest and logically isolated. We do not access "Private" code for internal business purposes unless strictly required for security investigations (e.g., scanning for malware) or technical support at your specific written request.
10. Real-Time Collection of Collaboration Data
The Forked platform features advanced real-time collaboration tools that allow developers to code together simultaneously. To facilitate this experience, we must process transient streams of data in real-time. Cursor and Selection Data: We transmit the exact position of your text cursor and your text selection highlights to other participants in the session. This data is ephemeral and is not stored permanently. Audio and Video Streams: If you enable voice or video chat, we capture and transmit audio/video data. Whenever technically feasible, we utilize Peer-to-Peer (P2P) WebRTC connections. This means the media stream travels directly between your device and your collaborator's device, without being decrypted or stored by our central servers. In cases where P2P fails (e.g., strict firewalls), data may pass through our TURN servers, but it remains encrypted and is not recorded. Terminal Input: When sharing a terminal session, keystrokes and command outputs are transmitted to keep all participants in sync. We caution users against typing passwords or secrets into shared terminals.
11. Purpose of Usage: Core Service Provision
The primary legal basis for processing your Data is the performance of the contract to provide the Service. This includes authenticating your identity, maintaining your persistent session state, routing your API requests, storing your created content in our databases, rendering your user profile to visitors, executing your code in our server-side sandboxes, and delivering the notifications you have subscribed to.
12. Purpose of Usage: Transaction Processing
We process financial and identity data to facilitate the economic engine of the platform. This involves validating payment instruments with issuing banks, calculating exchange rates, withholding tax where applicable, issuing valid VAT invoices, and maintaining a ledger of transactions for financial reporting and auditing. Without this processing, we could not offer paid services or developer payouts.
13. Purpose of Usage: Advanced Security and Fraud Prevention
We continually process telemetry and usage data to train and deploy automated security systems. These systems detect behavioral anomalies—such as a login from an impossible geographic distance in a short time (impossible travel), recurring failed payment attempts, or rapid-fire API calls indicative of scraping—allowing us to proactively lock compromised accounts and block malicious actors.
14. Purpose of Usage: Product Research and Platform Improvement
We aggregate anonymized data to understand macro-level trends. For example, we might analyze which programming languages are growing in popularity, which UI features cause user drop-off, or which times of day have peak load. This statistical analysis drives our engineering decisions, helping us allocate server resources and prioritize features that deliver the most value to the community.
15. Purpose of Usage: Direct User Communication
We use your verified contact details to send crucial operational communications. These are non-marketing messages that you cannot opt-out of, such as Terms of Service updates, Privacy Policy changes, security breach notifications, or billing receipts. With your separate, explicit consent, we may also use these channels to send newsletters or product announcements, which you can opt-out of at any time.
16. Data Transfer and Sharing with Stripe (Payment Processor)
To facilitate secure payments, we share transaction-specific data with Stripe, Inc. This includes your email, payment token, and purchase amount. Stripe acts as a separate Data Controller for the financial data they process. Their processing is governed by their own robust Privacy Policy. This sharing is essential for PCI-DSS compliance and fraud detection.
17. Data Transfer and Storage with Supabase (Infrastructure)
Our backend infrastructure is built upon Supabase. Consequently, your encrypted User Data, including database records and authentication credentials, is stored on Supabase's enterprise-grade cloud servers. Amazon Web Services (AWS) provides the underlying physical infrastructure. These providers are strictly bound by Data Processing Agreements (DPAs) ensuring they protect your data with state-of-the-art physical and network security.
18. Data Sharing with Google Analytics for Usage Analytics
We integrate Google Analytics to gather intelligence on platform performance and user acquisition. We have configured this service to mask your IP address and have disabled data sharing for Google's own advertising purposes. The data collected is aggregated and used strictly to improve the functionality and usability of the Forked platform.
19. Data Sharing with OneSignal for Push Notifications
Delivering real-time push notifications to mobile devices requires interacting with OS-level push services (APNs for iOS, FCM for Android). We use OneSignal as a gateway to manage these complex interactions. We share your unique device push token and the content of the notification (e.g., 'John commented on your post') with OneSignal to ensure the message reaches your device promptly.
20. Disclosures to Law Enforcement and Legal Compliance
We may be compelled to disclose your Personal Data to law enforcement agencies, courts, or government bodies if required by a valid legal process, such as a subpoena, court order, or search warrant. We maintain a strict policy of reviewing all such requests for legal validity. We will attempt to notify you of such disclosures unless we are prohibited by law from doing so or if there is an immediate threat to life.
21. Mechanisms for International Cross-Border Data Transfers
Forked is a global platform. Your data may be transferred to, stored, and processed in servers handling data outside your country of residence (e.g., in the United States). For users in the European Economic Area (EEA), we rely on adequacy decisions or Standard Contractual Clauses (SCCs) approved by the European Commission to ensure your data remains protected to GDPR standards during these international transfers.
22. Policies on Retention of Personal Data
We adhere to the principle of storage limitation. We retain personal data only for as long as is necessary to fulfill the purposes defined in this Policy. Active account data is retained indefinitely to provide the service. Transaction records are retained for 7 years for tax compliance. Audit logs are retained for 1 year for security forensics. Once the retention period expires, data is securely deleted or anonymized.
23. Secure Deletion and Disposal of Account Data
Upon your request to delete your account via the Settings menu, a rigorous automated process begins. Your public profile is immediately hidden. Over the next 30 days, all your PII, private repositories, and files are permanently purged from our primary databases. We use cryptographic erasure where possible to render data unrecoverable. Backup archives may retain hash-encrypted fragments for a short additional period before being overwritten.
24. User Rights: Right to Access (Subject Access Request)
You have the fundamental right to know exactly what data we hold about you. You may submit a Subject Access Request (SAR) at any time. Upon verification of your identity, we will provide a comprehensive export of your personal data, code, and usage history in a portable format within 30 days, free of charge.
25. User Rights: Right to Rectification of Inaccurate Data
You have the right to ensure your data is accurate and up-to-date. If you discover any errors in your personal information (e.g., misspelled name, old phone number), you can correct most of this directly within the 'Edit Profile' section of the app. For immutable fields, you may contact support for assistance.
26. User Rights: Right to Erasure (Right to be Forgotten)
You have the right to request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected, or if you withdraw your consent. We will comply with this request unless we have a compelling legal ground to retain specific data (e.g., unsettled debts, ongoing fraud investigation).
27. User Rights: Right to Restrict Processing
You have the right to request that we temporarily suspend the processing of your data while keeping it stored. This applies if you contest the accuracy of the data or if you believe the processing is unlawful but you oppose deletion. During this restriction, we will not use your data for active operations.
28. User Rights: Right to Data Portability
Compliance with GDPR Article 20, we empower you to take your data with you. You have the right to receive your personal data in a structured, commonly used, and machine-readable format (e.g., JSON, CSV, XML). This allows you to easily transfer your profile and content history to another service provider without hindrance.
29. Usage of Cookies, Local Storage, and Tracking Technologies
We utilize cookies, HTML5 local storage, and similar technologies to enhance your experience. 'Essential' cookies are required for authentication (keeping you logged in). 'Functional' cookies remember your preferences (theme, language). 'Analytical' cookies help us measure site performance. You have full control to manage or block these technologies via your browser settings, though this may impact service functionality.
30. Security Measures: Encryption Standards (AES-256 / TLS)
We implement defense-in-depth security strategies. All data at rest—including database records and files in object storage—is encrypted using industry-standard AES-256-GCM encryption. All data in transit between your device and our servers is secured using Transport Layer Security (TLS) 1.2 or 1.3, preventing Man-in-the-Middle (MitM) attacks.
31. Security Measures: Internal Access Controls and Staff Operational Security
We practice the 'Principle of Least Privilege'. Access to user data is strictly restricted to a small subset of authorized employees who require it to perform their job functions (e.g., a support agent helping you). All internal access is logged, monitored, and protected by hardware-based Multi-Factor Authentication (MFA).
32. Security Measures: Network Defense and Infrastructure Protection
Our servers operate within a Virtual Private Cloud (VPC), isolated from the public internet by rigorous firewalls and security groups. We deploy Intrusion Detection Systems (IDS) to monitor for malicious activity and use DDoS mitigation services (like Cloudflare) to absorb attacks and ensure platform uptime.
33. Protection of Children's Privacy (COPPA Compliance)
Forked is a professional development platform intended for general audiences. We do not knowingly collect, process, or solicit personal data from children under the age of 13. If we discover a user is under the age of 13, we will immediately freeze the account and permanently delete all associated data. Parents who believe their child has provided us with data should contact us immediately.
34. Apple App Store Privacy Compliance (Nutrition Labels)
We strictly adhere to the Apple App Store Review Guidelines regarding privacy. We provide a truthful and detailed 'App Privacy' label in the App Store Connect, disclosing all data types collected (Contact Info, User Content, Identifiers, Usage Data) and their usage. We limit data collection to what is functionally necessary for the app.
35. Google Play Store Privacy Compliance and User Safety
In compliance with Google Play Developer Policy, we transparently disclose all permission requirements. We do not use deceptive tactics to obtain permissions. We provide a prominent, in-app disclosure explaining why we need sensitive permissions (like Camera or Mic) before the system dialog appears, enabling informed consent.
36. Specific Purpose of Camera Permission Usage
We request access to your device's Camera only when you initiate specific features: (1) Taking a new profile picture, (2) Capturing a photo to attach to a post or comment, (3) Scanning a QR code for desktop login, or (4) Participating in a video call. We never access the camera background, and no image is captured without your explicit tap on the shutter button.
37. Specific Purpose of Microphone Permission Usage
Access to the Microphone is requested solely for: (1) Real-time voice calls with other developers, (2) Sending voice notes in chat. We process audio data only while the session is active. We do not record calls. We do not use the microphone for 'listening' to ambient audio for ad targeting.
38. Specific Purpose of Photo Library Permission Usage
We request 'Read' access to your Photo Library to allow you to select and upload existing images and videos to the platform. On modern iOS and Android versions, we use the 'Photo Picker' privacy feature, which grants us access ONLY to the specific items you select, not your entire library.
39. Specific Purpose of Push Notification Permissions
We request permission to send Push Notifications to keep you connected to the community. This includes alerts for: Direct Messages, @mentions, code execution completions, and security logins. You have absolute control to enable, disable, or fine-tune these notifications categories in Settings at any time.
40. Responsibility for Third-Party Links and Integrations
Our platform allows you to link to external repositories (GitHub, GitLab) and websites. Once you click a link and leave our domain, this Privacy Policy no longer applies. We are not responsible for the content or privacy practices of these external sites. We advise you to read their policies before providing them with any data.
41. Implications of Public Visibility for User Generated Content
By design, content you post to 'Public' context is visible to the world. It can be viewed by non-users, indexed by search engines (like Google), and archived by third parties. You should rigorously avoid including sensitive personal data (like passwords, phone numbers, or API keys) in public code snippets or posts.
42. Confidentiality and Security of Private Repositories
Content in 'Private' repositories is subject to strict Access Control Lists (ACLs). It is visible ONLY to you and the specific collaborators you invite. Our engineering team does not view private code unless necessary to fix a specific support issue you reported, or if flagged by automated systems for containing illegal content (e.g., malware).
43. Automated Decision Making and Profiling Logic
We do not use fully automated decision-making algorithms that produce legal effects concerning you (e.g., we do not use AI to automatically determine creditworthiness). Any automated suspension for spam is subject to human appeal and review.
44. Protocol for Updates and Modifications to this Policy
Data privacy is an evolving landscape. We reserve the right to modify this Policy at any time. For material changes (e.g., new data sharing partners), we will provide 30 days' prior notice via email and an in-app banner. Your continued use of the platform after the effective date implies acceptance of the updated terms.
45. Governing Law and Jurisdiction
This Policy and any disputes arising from it shall be governed exclusively by the laws of the member state of the European Union where Ark Platforms is domiciled (e.g., Ireland or Germany), without regard to conflict of law principles. This ensures a high standard of data protection compliance.
46. Dispute Resolution and Arbitration Procedures
We are committed to resolving privacy concerns amicably. In the event of a dispute, you agree to first contact us at app@arkplatforms.eu to attempt informal resolution. If that fails, disputes shall be settled through binding arbitration or in the competent small claims court, barring class actions.
47. Severability of Policy Provisions
If any clause within this Privacy Policy is found by a court of competent jurisdiction to be legally invalid or unenforceable, that specific clause shall be severed or limited to the minimum extent necessary. The remaining provisions shall remain in full force and effect, preserving the original intent of the Policy.
48. Designation of Supervisory Authority and Right to Complaint
Under GDPR, you have the right to lodge a complaint with a Data Protection Authority (DPA) in your country of residence if you believe your rights have been violated. We provide the contact details of our lead supervisory authority upon request to assist you in this process.
49. Procedures for Data Breach Notification
In the event of a security breach that compromises your personal data, we have a strict incident response plan. We will notify the relevant supervisory authority within 72 hours. If the breach poses a high risk to your rights, we will notify you directly via email and in-app alert without undue delay, advising you on protective steps.
50. Employee Privacy Training and Confidentiality Agreements
Data security is a human factor. Every employee and contractor at Ark Platforms is required to sign strict Non-Disclosure Agreements (NDAs). They also undergo mandatory, recurring training on data privacy, security best practices, and social engineering awareness to ensure they handle your data responsibly.
51. Third-Party Vendor Management and Due Diligence
We do not share data with just anyone. Before onboarding any new vendor or sub-processor, we conduct a rigorous security and privacy assessment. We sign Data Processing Addendums (DPAs) with all vendors to ensuring they meet our high legal standards for data protection.
52. Limit and Monitoring of API Usage Data
Usage of our Developer API implies the collection of metadata: Request Headers, User-Agent strings, and Timestamp logs. We analyze this to maintain API stability, enforce rate limits (quotas), and prevent API abuse (e.g., scraping). This data is technical in nature and is not used to build behavioral profiles of end-users.
53. Data Collection in Beta Features and TestFlight
If you voluntarily join our Beta program (e.g., via TestFlight or Play Console), we may collect additional diagnostics data, including crash dumps and feedback reports. By joining a Beta, you acknowledge that the software is experimental and that additional telemetry is required to fix bugs before public release.
54. Processing of Localization and Language Preferences
To provide a native experience, we process your 'Accept-Language' headers and device locale settings. This allows us to render the interface in your preferred language and format dates, currencies, and numbers according to your local customs. This data is stored in your profile settings.
55. Storage of Accessibility Preferences
We believe in an inclusive web. If you configure accessibility settings (e.g., 'Increase Contrast', 'Reduce Motion', 'Screen Reader Support'), we persist these preferences to your user profile. This ensures that the platform adapts to your specific needs every time you log in, across all your devices.
56. Enforcement of Community Guidelines and Moderation Data
To keep Forked safe, we process user reports and content flags. Our trust and safety team reviews reported content. We maintain records of moderation actions (e.g., warnings, bans) against specific accounts. This processing is based on our legitimate interest in maintaining a civil and lawful platform.
57. Backup Systems and Disaster Recovery Protocols
To prevent data loss due to catastrophic failure (e.g., data center fire), we perform frequent, encrypted backups of our entire database. These backups are stored in geo-redundant locations (e.g., different continents). We regularly test our recovery procedures to ensure we can restore the service and your data minimal downtime.
58. Consent Management and Audit Trails
When you provide consent (e.g., 'I agree' to cookies, or 'Opt-in' to marketing), we create a timestamped digital record of that consent. This audit trail allows us to demonstrate compliance with GDPR 'Accountability' principles and ensures we honor your choices accurately.
59. Verification of Educational/Non-Profit Status
If you apply for our 'Student Pack' or 'Non-Profit' discount tiers, we process additional proof of eligibility, such as a student ID card or .edu email address. This data is used solely to validate your status for the discount and is subject to the same retention policies as other verification documents.
60. Integration with Social Media Platforms
You may choose to link your social media identities (GitHub, Twitter/X, LinkedIn) to your profile. If you do, we use the OAuth protocol to securely authenticate with these providers. We request access only to your public profile info (username, avatar, bio). We do not post to your social accounts without your explicit command.
61. Processing of Feedback, Support Tickets, and Surveys
When you submit a support ticket, bug report, or respond to a user satisfaction survey, we process the content you provide. This information is vital for our Cutomer Support team to resolve your issues and is used by our Product team to identify friction points and improve the user experience.
62. Final Acknowledgement and Contact Information
By creating an account or using the Services, you acknowledge that you have read, understood, and agreed to the terms of this Privacy Policy. You understand that this is a binding contract. If you have any remaining questions, concerns, or require further clarification on any point, our Data Protection Officer is at your disposal. Contact Details: Entity: Ark Platforms Department: Privacy & Legal Team / Data Protection Officer Email: app@arkplatforms.eu We value your trust and are committed to protecting your digital rights.
Questions about your privacy?
Our Data Protection Officer team is here to help. Contact us if you have any questions regarding this policy or the processing of your data.
app@arkplatforms.eu