CannaForge
Age Verification · Compliance

Are you 21 or older?

CannaForge is a curated, hand-vetted cannabis genetics platform — verified breeders, managed onboarding, and platform-supported fulfillment. By entering, you confirm you are of legal age in your jurisdiction. Seeds are sold for collection where germination is restricted by local law.

Leave
CannaForge
CannaForge

Privacy Policy

Last updated: February 2026.

1. The promise. CannaForge is private by default. The username you choose is the only identity other users see. Your legal name, email address, phone number, shipping and billing addresses, payment information, internal account identifiers, and authentication metadata are never displayed publicly.

2. What we collect. To operate the platform we collect: account email, an account display name (kept private), a chosen public username, payment-method tokens (handled by Authorize.net — we never receive raw card numbers), shipping and billing addresses you enter at checkout, order history, content you publish (grow logs, reviews, comments, community posts), authentication artifacts (session tokens, password hashes), and operational metadata such as a hashed signup IP used for abuse prevention.

3. What is public. Only the username you pick, an optional public avatar, an optional public bio, public badges, and your user-generated public contributions (auction bids, grow logs marked public, giveaway entries, reviews, leaderboard placement, grow-off participation) are visible to other users.

4. What is never public. Legal name, email, phone, shipping address, billing address, payment information, order number, internal customer ID, IP address, password hashes, and other private account metadata are never returned by public APIs, never embedded in HTML, never shown in browser state, and never exposed in social-share or SEO metadata.

5. Payments. Payment information is processed by Authorize.net. CannaForge stores only a payment-method token returned by the processor, never your card number or CVV.

6. Service providers. We share private data only with providers that operate the platform on our behalf: Authorize.net (payments), Resend (transactional email), our hosting provider (database, application servers), and shipping carriers (for delivery only). Each provider is bound by contract to use the data only for its intended purpose.

7. Email. We email you transactional messages (order confirmations, password resets, outbid alerts, giveaway results). We do not sell, rent, or share your email with marketers. Emails sent to one user never expose another customer's email.

8. Cookies and sessions. We use a single HTTP-only secure session cookie for authentication and short-lived analytics cookies for operational metrics. We do not run third-party advertising or behavioral re-targeting trackers.

9. Public attribution accuracy. Older content that predates this privacy contract may still contain denormalized display data. Public read endpoints hydrate attribution from your current username at read time so legacy values do not leak.

10. Username changes. You may change your public username from Account → Public identity. A 7-day cooldown applies to permanent username changes to prevent abuse. The first permanent claim from a temporary handle is exempt from the cooldown.

11. Username deletion / account deletion. You may request deletion at support@thecannaforge.com. We retain order, tax, and fraud-prevention records as required by law and accounting standards. Public user-generated content you produced may be retained but is re-attributed to 'Deleted Collector' so your username is no longer associated with it. We never replace a deleted username with the person's legal name.

12. Security. CannaForge uses HTTPS for all traffic, hashes passwords with industry-standard algorithms, restricts administrative access through role-based authorization, isolates payment-card data via Authorize.net tokenization, and logs sensitive administrative actions. No system is perfectly secure; we describe our specific safeguards rather than making absolute claims like '100% secure' or 'unhackable'.

13. Legal exceptions. We may disclose private information to comply with a valid legal request, to prevent fraud or imminent harm, or to defend CannaForge's legal rights. We do not voluntarily disclose collector identity for any other reason.

14. Children. CannaForge is restricted to users 21 and older. We do not knowingly collect data from minors.

15. Contact. Privacy questions and data-deletion requests: support@thecannaforge.com.