Launch Everywhere Privacy Policy

Proudly Owned and Operated by The Trading Post of Everywhere

Privacy Policy

Effective Date: July 14, 2025

This Privacy Policy explains how Launch Everywhere (“we,” “us,” or “our”) collects, processes, and protects personal data. It is designed to comply with GDPR, CCPA/CPRA, LGPD, and APPI requirements.

1. Definitions

Key terms as used in this Privacy Policy:

“Personal Data”: Any information relating to an identified or identifiable natural person, as defined under GDPR Art. 4(1), CCPA Sec. 1798.140(o), LGPD Art. 5(I), and APPI Art. 2.
“Processing”: Any operation performed on personal data, including collection, recording, storage, alteration, retrieval, disclosure, erasure, or destruction (GDPR Art. 4(2)).
“Controller”: The entity that determines the purposes and means of processing personal data.
“Processor”: The entity processing data on behalf of the Controller.
“Applicable Laws”: Includes GDPR, UK GDPR, CCPA/CPRA, LGPD, APPI, and related privacy regulations.

2. Introduction

This Privacy Policy ensures compliance with international data protection laws and clarifies how Launch Everywhere handles personal data. By using our services, you acknowledge this policy.

We operate as a Controller when processing personal data for our business purposes and as a Processor for customer-controlled data in hosted environments.

3. Scope

This Privacy Policy applies to:

Customers purchasing or using our services.
End-users interacting with systems hosted by us.
Prospective customers engaging with our marketing content.
Partners, vendors, and suppliers in contractual relationships.
Visitors accessing our websites and digital platforms.

This policy does not govern third-party websites linked from our platform.

4. Personal Data We Collect

We collect personal data for legitimate purposes, including:

Identity & Contact Data: Name, email, phone number, address, job title.
Account Data: Username, hashed passwords, authentication logs.
Financial Data: Billing address, payment details (processed by Stripe).
Technical Data: IP address, browser type, operating system, access logs.
Communications: Emails, chat transcripts, support tickets.

Sensitive Data: We do not intentionally collect sensitive categories (e.g., racial origin, biometrics) unless required by law and with explicit consent.

5. How We Collect Data

Direct Collection: When you create an account, complete forms, or contact support.
Automated Collection: Through cookies, server logs, and monitoring systems.
Third-Party Sources: Payment processors, fraud prevention services, and publicly available sources for business verification.

6. Purposes & Legal Bases

We process personal data for the following purposes and under these legal bases:

Service Delivery: To provide and manage your account and services. Legal Basis: GDPR Art. 6(1)(b) – Contract performance.
Billing & Compliance: To process payments, comply with tax and legal obligations. Legal Basis: GDPR Art. 6(1)(c) – Legal obligation.
Security & Fraud Prevention: To monitor unauthorized access or misuse. Legal Basis: GDPR Art. 6(1)(f) – Legitimate interest.
Marketing & Communications: To inform you about features, promotions (only with consent where required). Legal Basis: GDPR Art. 6(1)(a) – Consent; CCPA – Opt-in/Opt-out rights.
Service Improvement: To analyze usage and improve performance. Legal Basis: GDPR Art. 6(1)(f) – Legitimate interest.

7. Cookies

We use cookies and similar technologies to enable functionality, analyze performance, and enhance user experience. Types of cookies:

Essential Cookies: Required for login, security, and core functions (cannot be disabled).

You may adjust cookie preferences via your browser settings or our cookie banner.

8. Data Sharing & Disclosure

We do not sell your personal data. We share data only when necessary, under confidentiality obligations, and for the following purposes:

Service Providers: Payment processors (Stripe), hosting, and security vendors.
Legal Compliance: Law enforcement or regulators when legally required.
Corporate Transactions: In case of mergers, acquisitions, or restructuring (with safeguards).
Authorized Third Parties: With your explicit consent.

9. International Transfers

Where data is transferred outside your jurisdiction (e.g., from EU to U.S.), we implement safeguards such as:

Standard Contractual Clauses (SCCs) approved by the European Commission.
Transfers only to jurisdictions with adequacy decisions or appropriate protections.

All transfers comply with GDPR Chapter V, LGPD Art. 33, and APPI guidelines.

10. Third-Party Processors

We use trusted vendors to support our operations. Each vendor is bound by strict confidentiality and data protection obligations.

Vendor	Purpose	Jurisdiction
Stripe	Payment Processing	United States
Email Service Provider	Transactional Emails	United States/EU

11. Data Retention

We retain personal data only as long as necessary for its purpose or as required by law. Below is our retention schedule:

Data Type	Purpose	Retention Period
Account Information	Service provision & account management	Active subscription + 12 months after termination
Billing Records	Tax & regulatory compliance	7 years (per U.S. tax law)
Support Tickets	Customer service history	24 months after resolution
Log Files	Security & troubleshooting	90 days unless required for legal investigation

12. Your Rights

You have the following rights, subject to applicable laws:

GDPR: Access (Art. 15), Rectification (Art. 16), Erasure (Art. 17), Restriction (Art. 18), Data Portability (Art. 20), and Objection (Art. 21).
CCPA/CPRA: Right to Know, Delete, Opt-Out of Sale/Sharing, Correct, and Limit Use of Sensitive Data.
LGPD: Confirmation, Access, Correction, Anonymization, Portability, Deletion, and Revocation of Consent.
APPI: Disclosure, Correction, Suspension of Use, and Deletion.

We respond to all requests within statutory time limits (GDPR: 30 days; CCPA: 45 days).

13. Exercising Your Rights

To exercise your rights under GDPR, CCPA, LGPD, or APPI, please contact us at:

Email: privacy@launcheverywhere.com

Verification: For your security, we may request additional information to verify your identity before processing your request. This may include confirming details of your recent interactions with us.

Response Time: We will respond within applicable legal timeframes (GDPR: 30 days, CCPA: 45 days, extendable where allowed).

Authorized Agents: If you are submitting a request on behalf of another person, you must provide written authorization and proof of identity for both parties.

14. Security Measures

We implement technical and organizational measures to protect your personal data against unauthorized access, disclosure, alteration, and destruction, including but not limited to:

Encryption: Data at rest encrypted with AES-256; data in transit protected by TLS 1.3.
Access Control: Role-based permissions and strict authentication policies (including MFA).
Monitoring: Continuous monitoring for anomalies and intrusion attempts.
Regular Audits: Internal reviews and vulnerability assessments to ensure compliance with our standing principles.

While we take strong measures, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

15. Breach Notification

If a personal data breach occurs that may pose a risk to your rights and freedoms, we will:

Notify the relevant supervisory authority within 72 hours (as per GDPR Article 33).
Inform affected individuals without undue delay when the breach is likely to result in high risk (GDPR Article 34).
Provide details of the breach, likely consequences, and mitigation steps.

16. Children’s Privacy

Our services are not directed to individuals under 13 (or the age of digital consent in your jurisdiction). We do not knowingly collect data from children. If we become aware that we have collected personal data from a child, we will delete it immediately.

17. Marketing & Communication

We may send you service updates and marketing communications if you have given us consent or if allowed under applicable law:

Email Marketing: Sent only with consent or where permissible under legitimate interest (GDPR Article 6(1)(f)).
Opt-Out: You may unsubscribe at any time using the link provided in our emails or by contacting us directly.

We do not use your data for targeted advertising or profiling.

18. Automated Decision-Making

We do not engage in automated decision-making that produces legal or similarly significant effects on individuals (GDPR Articles 22(1)–(4)).

19. Legal Disclosures

We may disclose personal data to comply with legal obligations, enforce our terms, or protect our rights and the safety of others, including:

Responding to lawful requests from government authorities, courts, or regulators.
Complying with subpoenas, warrants, and applicable laws.
Investigating and preventing fraud, abuse, or security incidents.

20. Dispute Resolution & Governing Law

This Privacy Policy is governed by the laws of the State of Wyoming, United States. Any disputes will be subject to the exclusive jurisdiction of the courts located in Wyoming, except where mandatory local law provides otherwise.

Where applicable law requires, you have the right to lodge a complaint with your local data protection authority.

21. Changes to This Policy

We may update this Privacy Policy from time to time to reflect legal, technical, or business changes. When we make significant changes, we will notify you by posting an update on our website and revising the “Effective Date” at the top of this policy.

22. Contact Details

If you have any questions, concerns, or complaints about this Privacy Policy or how we handle your data, you can contact us:

Email: privacy@launcheverywhere.com
Address
Launch Everywhere,
C/O The Trading Post of Everywhere LLC,
412 N Main ST,
STE 100,
Buffalo,
Wyoming,
82834,
USA