Privacy Policy

Last updated: 2 June 2025

1. Who We Are

LaunchGuide B.V. ("LaunchGuide", "we", "us" or "our") is a private limited company registered in the Netherlands. LaunchGuide is the controller of the personal data described in this Policy.

You can reach our privacy team at hello@launchguide.io.

2. Scope of This Policy

This Privacy Policy applies to personal data processed when you:

  • visit or interact with our website launchguide.io and any sub‑domains;
  • create or use an account on the LaunchGuide platform (the "Service");
  • communicate with us via email, chat or social media;
  • receive marketing communications from us.

3. Personal Data We Collect

CategoryExamplesSource
Account dataname, email address, password (hashed), company name, role, avatarProvided by you
Usage dataIP address, browser & device information, timestamps, pages viewed, clicks, referral URLCollected automatically
Platform contenttext, files, images and other materials you upload or generate through the ServiceProvided by you
Payment datalast four digits of card, billing country, subscription details (processed by Stripe)Provided by you / Stripe
Support datacorrespondence, bug reports, feedbackProvided by you
Third–party dataOAuth profile data (Google/GitHub), public company info from our website crawlerThird parties

4. Purposes and Legal Bases

PurposeLegal basis (Art. 6 GDPR)
Create and administer your account; provide the ServiceContract performance Art. 6(1)(b)
Process payments and invoicesContract performance Art. 6(1)(b); Legal obligation Art. 6(1)(c)
Provide customer supportLegitimate interest Art. 6(1)(f)
Improve, secure and debug the Service; analyticsLegitimate interest Art. 6(1)(f)
Send product updates and newslettersConsent Art. 6(1)(a) or Legitimate interest Art. 6(1)(f) (B2B soft opt‑in)
Comply with legal obligations (tax, accounting, law‑enforcement requests)Legal obligation Art. 6(1)(c)

If we rely on your consent, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.

5. Cookies and Similar Technologies

We use:

  • Essential cookies – required for site functionality and security;
  • Analytics cookies – help us understand how the Service is used;
  • Marketing cookies – allow us to deliver relevant content.

You can manage cookie preferences via our banner or your browser settings. For more detail please see our [Cookie Policy].

6. How Long We Keep Your Data

We keep personal data only as long as necessary:

  • Account data – for the lifetime of your account and up to 12 months after closure;
  • Financial records – 7 years (statutory requirement);
  • Support tickets – 24 months;
  • Back‑ups – retained securely for 30 days before automatic deletion.

7. Sharing and Disclosure

We never sell your data. We share it only with:

RecipientRoleSafeguards
Netlify, Inc. (USA)Front‑end hosting & CDNStandard Contractual Clauses ("SCCs")
Supabase Inc. (Ireland / USA)Managed database, authentication & storageSCCs; EU region option
OpenAI, L.L.C. (USA)AI content generationSCCs + data residence controls
Stripe Payments Europe Ltd. (Ireland)Payment processingGDPR‑compliant DPA
Competent public authoritiesLegal complianceLegal obligation

All processors act under written Data Processing Agreements and only on our instructions.

8. International Transfers

Where personal data is transferred outside the European Economic Area ("EEA"), we rely on:

  • an adequacy decision of the European Commission; or
  • Standard Contractual Clauses and supplementary safeguards such as encryption and strict access controls.

9. Security Measures

We implement appropriate technical and organisational measures including:

  • HTTPS/TLS encryption in transit and AES‑256 encryption at rest;
  • Least‑privilege access controls and role‑based permissions;
  • Regular penetration testing and vulnerability scanning;
  • 2‑factor authentication for staff and critical systems;
  • Business continuity and incident response procedures.

10. Your Rights

Subject to conditions and limitations under the GDPR, you have the right to:

  1. Access your personal data;
  2. Rectify inaccurate or incomplete data;
  3. Erase data ("right to be forgotten");
  4. Restrict processing;
  5. Object to processing based on legitimate interests or direct marketing;
  6. Data portability (receive data in machine‑readable format);
  7. Withdraw consent at any time;
  8. Lodge a complaint with the Dutch Supervisory Authority (Autoriteit Persoonsgegevens) or your local authority.

To exercise your rights, email hello@launchguide.io.

11. Automated Decision‑Making and Profiling

We do not use personal data for decisions producing legal or similarly significant effects based solely on automated processing.

12. Children

Our Service is not directed at children under 16. We do not knowingly process children's data. If you believe we have collected such data, please contact us immediately.

13. Changes to This Policy

We may amend this Policy from time to time. We will post the updated version on this page and, if changes are material, notify you via the Service or email. Please review this page periodically.

14. Contact

If you have questions about this Policy or our privacy practices, contact us at:

LaunchGuide
Email: hello@launchguide.io

Version 1.0 – Effective 2 June 2025