⚠️ Draft — Review with legal counsel before launch. Placeholders in brackets need to be filled in.
← Back to TheLaunchpad
Terms

Privacy Policy

Effective Date: [EFFECTIVE DATE]

1. Introduction

[COMPANY LEGAL NAME] (“Company,” “we,” “us,” or “our”) operates TheLaunchpad, a multi-tenant insurance CRM and lead marketplace platform available at thelaunchpad.now (the “Service”). This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use the Service. By accessing or using the Service, you agree to the collection and use of information in accordance with this Policy.

2. Information We Collect

We collect several categories of information in order to provide and improve the Service:

Account Information

When you register, we collect your name, email address, phone number, agency or company name, National Producer Number (NPN), state licensing information, and password credentials (stored in hashed form).

Contact and Lead Data

As a tenant of the Service, you may upload, import, receive, or otherwise store personal information about leads, prospects, and contacts. This data may include names, email addresses, phone numbers, mailing addresses, demographic information, and communication history. You are the data controller of this information; we act as a data processor on your behalf.

Usage Data and Cookies

We automatically collect information about your device and how you interact with the Service, including IP address, browser type, operating system, pages viewed, session duration, referral URLs, and timestamps. We use cookies and similar technologies to authenticate sessions, remember preferences, and measure usage.

Payment Information

Payments are processed by Stripe, our third-party payment processor. We do not store your full credit or debit card numbers. Stripe collects and stores payment information subject to its own privacy policy. We receive limited information from Stripe such as the last four digits of your card, card brand, and transaction identifiers.

3. How We Use Information

We use the information we collect to:

  • Provide, operate, and maintain the Service;
  • Process payments, subscriptions, and lead purchases through Stripe;
  • Distribute leads to Agents based on licensing, tier, and targeting preferences;
  • Send transactional emails and notifications through Resend, including account updates, receipts, lead delivery confirmations, and security alerts;
  • Provide customer support and respond to inquiries;
  • Detect, prevent, and address fraud, security issues, and abuse;
  • Analyze usage, improve functionality, and develop new features;
  • Comply with legal obligations and enforce our Terms.

4. How We Share Information

We share information with third parties only as described below:

  • Stripe — payment processing and billing.
  • GoHighLevel — if you connect your GHL sub-account, we share data necessary to sync contacts, conversations, pipelines, and appointments bidirectionally.
  • Resend — delivery of transactional and notification emails.
  • Meta (Facebook/Instagram) — if you enable the Meta lead ads integration, we exchange data with Meta to receive and process leads generated through your ad campaigns.
  • Service providers — hosting (Railway), infrastructure, analytics, and similar vendors that act on our behalf and are contractually bound to protect your information.
  • Legal compliance — we may disclose information when required by law, subpoena, court order, or to protect the rights, property, or safety of the Company, our users, or others.
  • Business transfers — in connection with a merger, acquisition, financing, reorganization, or sale of assets, information may be transferred as part of the transaction.

We do not sell your personal information to third parties.

5. Data Retention

We retain personal information for as long as necessary to provide the Service, comply with our legal obligations, resolve disputes, and enforce our agreements. Account data is generally retained for the duration of your account plus a reasonable period thereafter. Contact and lead data uploaded or generated by you is retained for as long as your account remains active. You may request deletion of your data as described in Section 7.

6. Security Measures

We implement administrative, technical, and physical safeguards designed to protect personal information, including 256-bit TLS encryption in transit, encryption at rest, role-based access controls, authentication safeguards, credential hashing, and automated redaction of sensitive fields in logs. No method of transmission or storage is one hundred percent secure, and we cannot guarantee absolute security.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access — request a copy of the personal information we hold about you;
  • Correction — request correction of inaccurate or incomplete information;
  • Deletion — request deletion of your personal information, subject to legal retention obligations;
  • Portability — request a copy of your data in a structured, machine-readable format;
  • Objection and Restriction — object to or restrict certain processing activities.

If you are located in the European Economic Area or United Kingdom, you have rights under the General Data Protection Regulation (GDPR). If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA/CPRA), including the right to know, delete, correct, and opt out of the sale or sharing of personal information. To exercise any of these rights, contact us at [EMAIL].

8. Children’s Privacy

The Service is not directed to, marketed to, or intended for individuals under the age of eighteen (18). We do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will take steps to delete that information promptly.

9. TCPA and Consent

Leads distributed through the Service are represented to have provided consent for contact consistent with applicable law at the time of lead generation. However, you, as the Agent, are solely responsible for your own outreach practices, including compliance with the Telephone Consumer Protection Act (TCPA), the Do Not Call (DNC) Registry, the CAN-SPAM Act, state telemarketing laws, and any obligations to honor opt-out and unsubscribe requests. We make no warranty regarding the validity, currency, or scope of any consumer consent associated with leads.

10. International Transfers

The Service is hosted and operated in the United States. If you access the Service from outside the United States, your information will be transferred to, stored, and processed in the United States. By using the Service, you acknowledge and consent to such transfers, which may involve jurisdictions with data protection laws different from those of your country.

11. Cookies

We use session cookies to keep you signed in, preference cookies to remember your settings, and analytics cookies to understand how the Service is used. You can configure your browser to refuse cookies or alert you when cookies are being sent; however, certain features of the Service may not function properly without cookies.

12. Third-Party Links

The Service may contain links to third-party websites, services, or integrations that are not operated by us. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party site or service. We encourage you to review the privacy policies of any third party before providing them with information.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated Policy on the Service and updating the Effective Date above. Your continued use of the Service after any change indicates your acceptance of the updated Policy.

14. Contact

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

[COMPANY LEGAL NAME]
Email: [EMAIL]