Security and Privacy

← Return to FAQ
  • How does rmForge protect my uploaded documents?

    Uploads are stored in secure cloud storage with row-level access controls and signed-URL access. All traffic is HTTPS. Files are accessible only to the uploading user and authorized rmForge personnel on a need-to-know basis.

  • Does rmForge share my data with anyone?

    No. We do not sell, rent, or share customer data with third parties. The only sub-processors are infrastructure providers (application hosting, database, language-model APIs) listed in our Privacy Policy.

  • Where is data stored?

    Customer data is hosted in a secure US-region cloud environment. Data is not stored or replicated outside of the US by rmforge.io.

  • Is rmForge HIPAA compliant?

    rmForge is not designed to process Protected Health Information (PHI). Uploaded documents are device design files, not patient records, so a Business Associate Agreement (BAA) is not required for typical use. If your use case involves PHI, contact support@rmforge.io to discuss requirements and support. Do not upload PHI data.

  • Do you scan uploaded files for malware?

    Yes. Every uploaded file is scanned. Files with detections are quarantined and the upload is rejected.

← Return to FAQ