1. Introduction
This Privacy Policy describes how Prodision, LLC ("Company," "we," "us," or "our"), the operator of Launchet.ai (the "Service"), collects, uses, stores, and protects your personal information. We are committed to protecting your privacy and handling your data responsibly.
2. Information we collect
2.1 Information you provide
Account information: When you create an account, we collect your email address and a password (stored as a cryptographic hash, never in plain text). If you sign up via Google, LinkedIn, or Apple, we receive your name and email address from the provider. We do not receive or store your social login passwords.
Business ideas and content: When you use the Service, you submit business ideas, descriptions, and other content for evaluation and planning. This content is stored in your account and used solely to provide the Service to you.
Payment information: If you subscribe to a paid plan, payment is processed by Stripe. We do not collect, store, or have access to your credit card number, CVV, or bank account details. Stripe provides us only with a transaction identifier and your subscription status.
2.2 Information collected automatically
Usage data: We collect data about how you use the Service, including the number of evaluations performed, features accessed, and timestamps. This helps us enforce usage limits, improve the Service, and detect abuse.
Device and browser information: We may collect your IP address, browser type, device type, and operating system for security purposes (rate limiting, fraud detection) and to improve the Service.
Cookies and similar technologies: We use session tokens (JWT) stored in your browser's local storage to maintain your login session. We do not use third-party tracking cookies for advertising purposes.
2.3 Information from third parties
Social login providers: If you authenticate via Google, LinkedIn, or Apple, we receive your name, email address, and profile identifier from the provider. We do not post to your social accounts or access your contacts.
Cloudflare: We use Cloudflare for security (bot protection via Turnstile, DDoS protection). Cloudflare may process your IP address and browser characteristics to distinguish humans from bots. See Cloudflare's privacy policy for details.
3. How we use your information
We use your information for the following purposes:
Providing the Service: Processing your business ideas through AI analysis, generating evaluations and business plans, storing your projects and results.
Account management: Creating and managing your account, authenticating your identity, processing subscription payments.
Security: Detecting and preventing fraud, abuse, and unauthorized access. This includes rate limiting, bot detection, and monitoring for suspicious activity.
Communication: We send three categories of email:
(a) Transactional emails (always sent, cannot be opted out): Payment receipts, invoices, subscription confirmations, password reset links, security alerts, and account notifications. These are essential to the operation of your account and the Service.
(b) Product activity notifications (sent by default, you can manage in account settings): Notifications triggered by activity related to your ideas, such as feedback received from other users, investor interest in your business plan, team interest notifications, and evaluation completion alerts. You can enable or disable these individually in your account notification preferences.
(c) Marketing communications (opt-in only): Idea progress updates, launch tips, founder insights on building a successful business, product updates, new feature announcements, and re-engagement reminders. These are only sent if you opt in during signup or through your account settings. You can unsubscribe at any time via the unsubscribe link at the bottom of any marketing email or through your account notification preferences.
Improvement: Analyzing usage patterns to improve features, fix bugs, and develop new capabilities. We may use aggregated, anonymized data for this purpose.
Legal compliance: Responding to legal requests and complying with applicable laws and regulations.
4. How we share your information
We do not sell your personal information. We do not share your business ideas or evaluations with other users or third parties, except in the following limited circumstances:
AI service providers: Your business ideas are sent to AI model providers (OpenAI, Google, Anthropic, xAI) for processing. These providers process the content to generate analysis and are contractually prohibited from using your content to train their models or for any purpose other than providing the service. We do not send your email, name, or account details to these providers.
Payment processor: Stripe processes your payment information. We share only the minimum information necessary to process your subscription (email address, plan selection).
Security services: Cloudflare processes your IP address and browser data for security purposes (bot detection, DDoS protection).
Analytics: We may use analytics services (such as Google Analytics) to understand how the Service is used. These services collect anonymized, aggregated data.
Legal requirements: We may disclose your information if required by law, court order, or governmental authority, or if we believe disclosure is necessary to protect our rights, safety, or property.
Business transfers: If the Company is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your information becomes subject to a different privacy policy.
5. Data storage and security
We take reasonable measures to protect your information, including:
Password security: Passwords are hashed using bcrypt (industry-standard one-way hashing). We never store or have access to your plain-text password.
Authentication: Sessions are managed using JWT tokens with expiration. Tokens are invalidated when you change your password.
Access controls: Your data is accessible only to you and authorized administrators for support purposes.
Encryption in transit: All data transmitted between your browser and our servers is encrypted using HTTPS/TLS.
While we implement reasonable security measures, no system is completely secure. We cannot guarantee absolute security of your data.
6. Data retention
We retain your account data and content for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required for legal, accounting, or legitimate business purposes (such as maintaining records of transactions).
Aggregated, anonymized data that cannot identify you may be retained indefinitely for analytics and improvement purposes.
7. Your rights
Depending on your location, you may have the following rights regarding your personal data:
Access: Request a copy of the personal data we hold about you.
Correction: Request correction of inaccurate or incomplete data.
Deletion: Request deletion of your personal data ("right to be forgotten").
Portability: Request a copy of your data in a portable format.
Opt-out of marketing: Unsubscribe from marketing communications at any time via the unsubscribe link at the bottom of any marketing email or through your account notification preferences.
Manage activity notifications: Control which product activity notifications you receive (feedback, investor interest, team interest) through your account notification preferences.
Withdraw consent: Where processing is based on consent, you may withdraw consent at any time. Note that transactional emails related to your account and payments cannot be opted out of as they are necessary for the Service.
To exercise any of these rights, contact us at privacy@launchet.ai. We will respond within 30 days.
8. California residents (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect and how it is used, the right to request deletion, and the right to opt out of the sale of personal information. We do not sell personal information.
9. European residents (GDPR)
If you are located in the European Economic Area (EEA) or the United Kingdom, your data is processed under the following legal bases: contract performance (providing the Service, transactional communications), legitimate interest (security, improvement, product activity notifications), and consent (marketing communications). Product activity notifications are sent under legitimate interest but you may opt out via account settings. Marketing communications require explicit consent and you may withdraw consent at any time. You have the rights described in Section 7 above, plus the right to lodge a complaint with your local data protection authority.
10. Children's privacy
The Service is not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child under 18, we will delete it promptly.
11. Third-party links
The Service may contain links to third-party websites or services (such as Amazon for the book). We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.
12. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email or a notice on the Service at least 30 days before they take effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.
13. Contact us
If you have questions or concerns about this Privacy Policy or our data practices, contact us at:
Prodision, LLC
Email: privacy@launchet.ai