Legal

Privacy Policy

Last updated: March 21, 2025  ·  Effective immediately

LaunchQ ("we", "our", "us") operates launchq.co. This policy explains what data we collect, how we use it, and your rights. We're a small team that takes privacy seriously — we collect only what we need and never sell your data.

1. Data We Collect

We collect data in two ways: information you provide directly, and data collected automatically when you or your waitlist subscribers use our service.

From LaunchQ account holders (you)

  • Email address and password (for account creation)
  • Waitlist configurations and settings you create
  • Custom domain and DNS verification status
  • Billing information (processed by Stripe — we never see raw card details)

From your waitlist subscribers

  • Email address (required to join a waitlist)
  • IP address — used to infer approximate country and city via geolocation
  • User-Agent string — used to determine device type (mobile / desktop / tablet)
  • Referral source (the referral code used to arrive at the waitlist)
  • Signup timestamp

This data is collected on your behalf as part of the waitlist service and stored in Firestore under your account. You own this data and can export or delete it at any time.

2. How We Use Your Data

  • To create and manage your waitlist account
  • To operate the waitlist signup and referral mechanics
  • To send automated emails (confirmation, Day-2 nudge, launch blast) via AWS SES
  • To display subscriber analytics in your dashboard
  • To prevent spam, abuse, and fraudulent signups
  • To respond to support requests
  • To improve the LaunchQ product based on aggregate usage patterns

We do not use subscriber data for advertising, and we do not sell or share personal information with third parties for marketing purposes.

3. Email Sending and Deliverability

LaunchQ uses Amazon Web Services Simple Email Service (AWS SES) to send transactional emails on your behalf. When you configure a custom sending domain, your domain's DNS records are registered with AWS SES to enable DKIM signing and improve deliverability.

We automatically handle bounce and complaint events from SES:

  • Hard bounces are permanently suppressed from future sends
  • Soft bounces are tracked; 3 soft bounces within 30 days triggers suppression
  • Spam complaints immediately suppress the email and mark the subscriber as unsubscribed

Every email includes an unsubscribe link. Clicking it immediately removes the subscriber from your list and suppresses future sends to that address.

4. Data Storage and Security

All waitlist and subscriber data is stored in Google Cloud Firestore in the us-east1 region. We use Firebase Authentication for account management.

We take reasonable technical measures to protect stored data, including:

  • Firestore security rules limiting data access to authenticated account owners
  • All data transmitted over HTTPS/TLS
  • Environment secrets stored in Netlify encrypted environment variables
  • API routes protected by authentication middleware

No system is completely secure. We will notify affected users promptly if we become aware of a data breach.

5. Data Retention

We retain your account data as long as your account is active. Subscriber data for a waitlist is retained until you delete the waitlist or your account.

You can delete a waitlist and all associated subscribers from the Settings page (Danger Zone). Account deletion can be requested by emailing hello@launchq.co.

6. Third-Party Services

We use the following third-party services to operate LaunchQ:

  • Google Firebase / Firestore — database and authentication
  • Amazon Web Services (SES) — transactional email sending
  • Netlify — hosting and CDN
  • Stripe — payment processing (billing plan upgrades)

Each of these services has its own privacy policy governing their data handling. We have Data Processing Agreements in place where required.

7. Cookies and Tracking

LaunchQ does not use advertising cookies or third-party tracking pixels. We use session cookies strictly necessary for authentication (Firebase Auth session tokens). No analytics tracking scripts are loaded on subscriber-facing waitlist pages.

8. Your Rights (GDPR / CCPA)

Depending on your location, you may have rights to:

  • Access the personal data we hold about you
  • Correct inaccurate personal data
  • Request deletion of your data ("right to be forgotten")
  • Request a portable export of your data
  • Object to or restrict certain processing

For waitlist subscribers managed through your LaunchQ account, you are the data controller. Your subscribers can exercise their rights by contacting you directly, or by unsubscribing via the link in any LaunchQ email.

To exercise your rights as a LaunchQ account holder, contact us at hello@launchq.co.

9. Children's Privacy

LaunchQ is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered account holders of material changes via email. Continued use of the service after changes constitutes acceptance of the updated policy.

11. Contact

Questions about this Privacy Policy? Contact us:

LaunchQ
Email: hello@launchq.co
Website: launchq.co

Terms of Service →Documentation →