GDPR Compliant

Privacy Policy

Your privacy is fundamental to how we operate. This policy explains how Launchmind B.V. collects, uses, and protects your personal data.

Last updated: November 25, 2025 • Effective: November 25, 2025

Privacy at a Glance

Encrypted Data

All data encrypted in transit (TLS 1.3) and at rest (AES-256)

EU Data Storage

Your data is stored in the European Union

No Selling

We never sell your personal data to third parties

1. Data Controller

Launchmind B.V. (hereinafter referred to as "Launchmind," "we," "us," or "our") is the data controller responsible for the processing of your personal data in accordance with the General Data Protection Regulation (GDPR) and applicable Dutch privacy legislation.

Company: Launchmind B.V.

Address: Netherlands, European Union

Email: privacy@launchmind.io

Chamber of Commerce: KvK Netherlands

2. Information We Collect

2.1 Information You Provide Directly

When you use our services, create an account, or contact us, you may provide:

  • Identity Data: Name, email address, phone number
  • Account Data: Username, password (encrypted), account preferences
  • Business Data: Company name, industry, website URL, business requirements
  • Payment Data: Billing address, payment method details (processed securely by Stripe)
  • Content Data: Any content you provide for website creation or optimization
  • Communication Data: Messages, feedback, support requests

2.2 Information Collected Automatically

When you visit our website or use our services, we automatically collect:

  • Technical Data: IP address, browser type and version, operating system, device identifiers
  • Usage Data: Pages visited, time spent on pages, click patterns, navigation paths
  • Location Data: Country and region (derived from IP address) for service optimization and GEO-targeting
  • Performance Data: Page load times, error logs, API response times

2.3 Cookies and Similar Technologies

We use cookies and similar tracking technologies to enhance your experience. See our Cookie Policy for detailed information. You can manage cookie preferences through your browser settings.

3. Legal Basis for Processing

We process your personal data only when we have a lawful basis under GDPR:

Contract Performance (Art. 6(1)(b) GDPR)

Processing necessary to fulfill our contractual obligations to you, including service delivery, account management, and customer support.

Legitimate Interests (Art. 6(1)(f) GDPR)

Processing for our legitimate business interests, such as fraud prevention, security, analytics, and service improvement, where these interests do not override your fundamental rights.

Consent (Art. 6(1)(a) GDPR)

Where you have given explicit consent, such as for marketing communications. You may withdraw consent at any time.

Legal Obligation (Art. 6(1)(c) GDPR)

Processing required to comply with applicable laws, regulations, or legal proceedings.

4. How We Use Your Information

We use your personal data for the following purposes:

  • Service Delivery: To provide, maintain, and improve our website creation and SEO/GEO optimization services
  • Account Management: To create and manage your account, authenticate access, and process transactions
  • Payment Processing: To process payments securely through our payment processor (Stripe)
  • Customer Support: To respond to inquiries, troubleshoot issues, and provide technical assistance
  • Communication: To send service-related notifications, updates, and (with consent) marketing communications
  • Analytics: To understand usage patterns, improve our services, and develop new features
  • GEO Optimization: To provide location-appropriate content and language preferences
  • Security: To detect, prevent, and respond to fraud, abuse, and security threats
  • Legal Compliance: To comply with applicable laws and respond to legal requests

5. Data Sharing and Disclosure

We do not sell your personal data. We may share your data only in the following circumstances:

5.1 Service Providers

We work with trusted third-party service providers who process data on our behalf:

  • Stripe: Payment processing (PCI-DSS compliant)
  • Supabase: Database and authentication services (EU region)
  • Vercel: Hosting and content delivery
  • OpenAI: AI content generation (with appropriate data processing agreements)
  • Resend: Transactional email delivery

All service providers are contractually bound to protect your data and may only process it for specified purposes.

5.2 Legal Requirements

We may disclose your information when required by law, regulation, legal process, or governmental request, or when necessary to protect our rights, property, or safety.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction. You will be notified of any such change.

6. International Data Transfers

Your data is primarily stored and processed within the European Economic Area (EEA). When we transfer data outside the EEA, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions (where applicable)
  • Binding Corporate Rules (for applicable vendors)

You may request information about the specific safeguards in place by contacting privacy@launchmind.io.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

Account Data: Duration of account + 2 years after deletion

Transaction Records: 7 years (legal requirement)

Marketing Preferences: Until consent is withdrawn

Support Communications: 3 years after last contact

Analytics Data: 26 months (aggregated/anonymized)

Generated Content: As long as your account is active

After the retention period, data is securely deleted or anonymized.

8. Your Data Protection Rights

Under GDPR and applicable privacy laws, you have the following rights regarding your personal data:

Right of Access (Art. 15)

Request a copy of all personal data we hold about you, including processing purposes and data sources.

Right to Rectification (Art. 16)

Request correction of inaccurate or incomplete personal data without undue delay.

Right to Erasure (Art. 17)

Request deletion of your personal data ("right to be forgotten") under certain circumstances.

Right to Data Portability (Art. 20)

Receive your data in a structured, machine-readable format and transfer it to another controller.

Right to Restrict Processing (Art. 18)

Request limitation of how we process your data in specific situations.

Right to Object (Art. 21)

Object to processing based on legitimate interests, including profiling and direct marketing.

Right to Withdraw Consent

Withdraw previously given consent at any time, without affecting prior lawful processing.

Right to Lodge a Complaint

File a complaint with a supervisory authority (Dutch DPA: autoriteitpersoonsgegevens.nl).

To exercise any of these rights, contact us at privacy@launchmind.io. We will respond within 30 days. We may need to verify your identity before processing your request.

9. Data Security

We implement comprehensive technical and organizational measures to protect your personal data:

Encryption

TLS 1.3 encryption for data in transit; AES-256 encryption for data at rest

Access Controls

Role-based access control, multi-factor authentication, and least privilege principles

Infrastructure Security

Secure cloud infrastructure with regular security updates and monitoring

Security Audits

Regular vulnerability assessments and security reviews

Incident Response

Established procedures for data breach detection, containment, and notification

Employee Training

Regular privacy and security awareness training for all team members

10. Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information promptly.

11. Third-Party Links

Our website may contain links to third-party websites or services that are not operated by us. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policy of every site you visit.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by:

  • Posting the updated policy on this page with a new "Last updated" date
  • Sending an email notification to registered users (for significant changes)
  • Displaying a prominent notice on our website

We encourage you to review this Privacy Policy periodically.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: privacy@launchmind.io

Website: launchmind.io/contact

Response Time: Within 30 days

You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at autoriteitpersoonsgegevens.nl.