Legal · LaunchDocs
Privacy Policy
Version 1.0 · Effective 25 June 2026
1.Who We Are
LaunchDocs is operated by Kimberly Rowden, Entrepreneur Individuel, SIREN 104560511, registered in France. We provide AI-powered procurement document intelligence tools under the LaunchDocs brand, including LaunchProcure, LaunchBid, LaunchDocs, and LaunchCompliance.
For all privacy matters, contact: legal@launchdocs.ai
2.What Data We Collect
We collect the following categories of personal data:
- Account data: name, email address, organization name, job title, password (stored as a bcrypt hash — never in plain text).
- Usage data: which features you use, when you log in, which documents you generate or export.
- Procurement content: documents, RFP files, supplier responses, evaluation data, and other content you upload to the platform. This is your data — we process it on your instructions only.
- Billing data: payment card details and subscription information processed by Stripe Inc. on our behalf. We do not store card numbers.
- Technical data: IP address, browser type, and session information collected automatically when you use the platform.
3.Why We Collect It
We process your data for the following purposes:
- To provide the LaunchDocs platform and its features
- To manage your account and subscription
- To send transactional emails (account confirmations, billing receipts, security alerts)
- To maintain security and prevent abuse
- To comply with our legal obligations
We do not sell your data. We do not use your data for advertising. We do not share your data with third parties except as described in Section 4.
4.Who We Share It With
We share data only with the following sub-processors, and only to the extent necessary to provide the service:
- Mistral AI (France) — AI inference for EU accounts. Your documents are processed within the EEA. Mistral does not use your data to train AI models.
- Anthropic (USA) — AI inference for US accounts only. Not used for EU accounts.
- MongoDB Atlas — database storage. EU accounts are stored in Frankfurt, Germany (AWS eu-central-1). US accounts are stored in the United States.
- Stripe Inc. (USA) — payment processing. Only billing data is shared. No document content is transmitted to Stripe.
- Resend / Plus Five Five Inc. (Ireland) — transactional email delivery.
- Cloudflare (Global) — TLS termination and web application firewall.
We do not share your data with any other third parties. We do not sell your data.
5.Where Your Data Is Stored
EU accounts: all personal data and procurement content is stored and processed within the European Economic Area. AI inference uses Mistral AI (Microsoft Azure, Sweden and Norway). Database storage uses MongoDB Atlas, Frankfurt, Germany.
US accounts: data is stored and processed in the United States using MongoDB Atlas and Anthropic.
Payment data is processed by Stripe Inc. in the United States under Standard Contractual Clauses.
6.How Long We Keep It
Active subscription: we retain your data for the duration of your subscription.
After cancellation: data is deleted from production systems within 30 days of subscription termination.
Inactive trial accounts: deleted 180 days after last activity, with warning emails at 90, 30, and 14 days.
Audit logs: retained for 6 years for compliance purposes.
You can export all your data at any time through platform settings. You can request deletion at any time by emailing legal@launchdocs.ai.
7.Your Rights
Under GDPR, if you are based in the European Economic Area, you have the following rights:
- Right of access — request a copy of your personal data
- Right to rectification — correct inaccurate data
- Right to erasure — request deletion of your data
- Right to restriction — limit how we process your data
- Right to portability — receive your data in a machine-readable format
- Right to object — object to processing based on legitimate interests
To exercise any of these rights, email legal@launchdocs.ai. We will respond within 30 days.
If you are not satisfied with our response, you have the right to lodge a complaint with your local supervisory authority:
- France (LaunchDocs): CNIL — www.cnil.fr
- Ireland: Data Protection Commission — www.dataprotection.ie
- Other EU countries: your national data protection authority
8.Cookies
We use only essential cookies required for the platform to function (session management and authentication). We do not use advertising cookies or third-party tracking cookies.
9.Security
We implement the following security measures:
- TLS 1.2+ encryption for all data in transit
- AES-256 encryption for data at rest (MongoDB Atlas)
- Bcrypt password hashing
- Role-based access control
- Audit logging of security-relevant events
- Incident response procedures
If you discover a security vulnerability, please report it to legal@launchdocs.ai.
10.AI Processing
LaunchDocs uses AI to help generate procurement documents. Important facts about how this works:
- All AI outputs are advisory only — no automated decisions with legal effect are made
- Human review and approval is required before any AI-generated document can be exported
- EU accounts use Mistral AI, hosted within the EEA
- US accounts use Anthropic Claude, hosted in the US
- Your data is not used to train AI models
- Every AI-generated export is marked as AI-assisted
11.Changes to This Policy
We will notify you of material changes to this policy by email at least 30 days before they take effect. EU users will be prompted to re-acknowledge any updated Data Processing Agreement on next login.
The current version of this policy is always available at launchdocs.ai/legal/privacy.
12.Contact
For any privacy question or to exercise your rights:
- Email: legal@launchdocs.ai
- Operator: Kimberly Rowden
- Address: available on request and on the French business register (INPI) under SIREN 104560511
Response time: within 30 days for all requests, within 72 hours for urgent matters.