Security & Data Protection

Last Updated:

Our Commitment to Security

At LaunchDS, security is not an afterthought—it's built into every layer of our platform. We employ industry-leading security practices to protect your data and maintain your trust.

Technical Measures

Encryption

HTTPS encryption for all data in transit. Data at rest is encrypted using AES-256. We use secure password hashing with industry-standard algorithms.

Authentication & Access

JWT-based authentication and role-based access control. CSRF protection, XSS sanitization, and secure password hashing.

Row Level Security

Row-Level Security for database isolation. Database-level security policies ensure users can only access their own data. Comprehensive audit logs for key actions.

Organizational Measures

  • Access limited to authorized personnel
  • Annual penetration testing and vulnerability audits
  • Vendors under SOC 2–equivalent or ISO 27001 standards
  • Signed DPAs with all data processors

Infrastructure Security

  • Hosted on enterprise-grade cloud infrastructure (Supabase/AWS)
  • Regular security patches and updates
  • DDoS protection and rate limiting
  • Automated backups with point-in-time recovery
  • Network isolation and firewall protection
  • Intrusion detection and monitoring

Monitoring & Compliance

We maintain comprehensive audit logs of all system access and data modifications. Our security practices are regularly reviewed and audited.

  • 24/7 security monitoring and alerting
  • Regular vulnerability scanning and penetration testing
  • GDPR and CCPA compliance
  • Quarterly automated and manual security testing

Incident Response

In the unlikely event of a security incident, we have a comprehensive response plan:

  1. Immediate containment and mitigation
  2. Thorough investigation and root cause analysis
  3. Notification of affected users within 72 hours
  4. Remediation and preventive measures
  5. Post-incident review and documentation

Responsible Disclosure

We welcome reports from security researchers. If you discover a vulnerability:

Report to:

dpo@launchds.tech

Please allow us 90 days to address the issue before public disclosure. We do not currently offer a bug bounty program but greatly appreciate responsible disclosure.

Your Responsibilities

Security is a shared responsibility. To protect your account:

  • Use a strong, unique password
  • Enable multi-factor authentication
  • Keep your contact information up to date
  • Log out on shared devices
  • Report suspicious activity immediately
  • Review audit logs regularly

Contact

For security questions or concerns: