Legal & Compliance Last updated: Oct 24, 2024

Privacy Policy

At Launchpad, we treat your code and data with the same rigor we apply to our own deployments. This policy outlines how we collect, use, and safeguard the information you provide while using our CI/CD automation platform.

We operate in compliance with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). If you have questions about this policy, please contact our Data Protection Officer via the details at the bottom of this page.

Abstract representation of secure data flow

Data Collection

What we collect

We collect minimal data necessary to operate a reliable deployment platform. Below is a breakdown of the data types we gather.

Account Information

We collect your name, email address, organization name, and payment details (for paid plans) to create your account and bill services.

Pipeline Metadata

We collect metadata regarding your CI/CD jobs, including commit hashes, build duration, exit codes, environment variables (redacted for security), and deployment timestamps.

Usage Telemetry

We collect anonymous usage data such as API request volume, feature usage statistics, and system performance metrics to improve stability and load times.

Data Usage

How we use your data

Service Operation: We use your data to execute pipelines, manage build artifacts, store logs, and provide real-time notifications. Without this data, the platform cannot function.

Product Improvement: We analyze aggregated, non-personal usage data to identify bottlenecks, optimize deployment speeds, and plan new features that address actual developer workflows.

Security & Compliance: We monitor for suspicious activity, unauthorized access attempts, and potential security vulnerabilities to protect the integrity of your codebase.

Communication: We may send transactional emails regarding account status, billing, and security alerts. You can opt-out of marketing communications in your account settings.

Retention

Data Retention Schedules

We adhere to strict retention policies to minimize data storage while ensuring you retain access to your historical deployment records.

Data Type Retention Period Description
Pipeline Logs 30 Days Standard execution logs and output streams.
Build Artifacts 30 Days Docker images, binaries, and compiled assets.
Usage Telemetry 14 Days Anonymous aggregate metrics for analytics.
Account Information Indefinite Kept as long as your account is active.
Payment Records 7 Years Required for tax and financial auditing.

User Rights

Your Privacy Rights

Under GDPR and CCPA, you have specific rights regarding your personal data.

Right to Access (Data Subject Access Request): You may request a copy of all personal data we hold about you, including pipeline metadata linked to your identity.

Right to Rectification: You may request correction of inaccurate or incomplete data at any time.

Right to Erasure (Right to be Forgotten): You may request deletion of your account and associated data. Please note that pipeline artifacts and logs may be retained for 30 days after deletion to comply with legal obligations.

Right to Data Portability: You may request a machine-readable copy of your data in a common format (e.g., JSON or CSV) for use with other services.

Right to Object: You may object to the processing of your data for direct marketing purposes.

Third-Party Services

Sub-processors

We work with trusted third-party providers to host and process your data. These entities may have access to your data solely for the purposes of providing services to Launchpad.

Contact

Contact Information

For all privacy-related inquiries, including Data Subject Access Requests (DSARs), please contact our Data Protection Officer directly.

Data Protection Officer

privacy@launchpad.dev

Mailing Address

123 DevOps Blvd, Suite 400
San Francisco, CA 94105