Privacy Policy

Last updated: 26 June 2026

This Privacy Policy explains how High Bridge Enterprises AB (“Launchfile”, “we”, “us”) collects, uses, and protects personal data when you use Launchfile and the website at https://launchfile.io. We act as the data controller for the account and website data described below. For data inside the applications you deploy, you are the controller and we act as your processor.

1. Data we collect

• Account & identity: name and email address (via magic-link or OAuth sign-in), and the organization you belong to.
• Billing: subscription and billing details. Payment card data is collected and processed directly by our payment processor (Stripe); we do not store full card numbers.
• Deployments: records about apps you launch — the catalog app, deployment status, and the URLs assigned to your deployments.
• Technical & usage: IP address, approximate location, device/user-agent, and request metadata, collected by our infrastructure and edge network.
• Logs: application and infrastructure logs from the platform and your deployments, which may contain personal data.

2. How and why we use it

We process personal data to:

• provide, operate, and secure the service (legal basis: performance of a contract);
• authenticate you and manage your account and organization (contract);
• process payments and manage subscriptions (contract);
• monitor, troubleshoot, and improve reliability and security (legitimate interests);
• comply with legal obligations (e.g. tax, accounting).

3. Subprocessors & sharing

We share personal data with the third-party subprocessors that help us run the service — hosting, content delivery, logging, and payments — each under a data processing agreement. See our Subprocessors page for the current list. We do not sell personal data.

4. Data residency & international transfers

You can choose the region (EU or US) where your deployments and their logs are processed. Where data is transferred outside your region or the EEA, we rely on appropriate safeguards such as Standard Contractual Clauses. Our logging provider stores EU customers' logs in the EU; hosting region is selected per deployment.

5. Retention

We keep account and billing data for as long as your account is active and as required by law. Logs are retained for a limited period (typically 7–30 days) and then deleted. Data inside the applications you deploy is retained until you delete the deployment.

6. Security

We use technical and organizational measures to protect personal data, including encryption in transit, least-privilege access to databases, and isolation of customer application data from platform/authentication data. No system is perfectly secure, but we work to protect your data.

7. Your rights

Subject to applicable law (including the GDPR), you may have the right to access, correct, delete, port, or restrict processing of your personal data, and to object to certain processing. You may also lodge a complaint with your local data protection authority. To exercise these rights, contact privacy@launchfile.io.

8. Children

The service is not directed to children and is not intended for anyone under 16.

9. Changes

We may update this policy. We will post the updated version here and revise the “last updated” date; material changes will be communicated as required.

10. Contact

High Bridge Enterprises AB (559359-5977), Stockholm, Sweden. Privacy enquiries: privacy@launchfile.io.

See also our Terms of Service and Subprocessors.