Privacy Policy

The short version

HardLaunch stores what you put into your workspace so the product works: your account, your business details, your website, and your customer records. We don't sell data, we don't run advertising, and we don't set tracking cookies. You can export or delete everything yourself from Settings.

What we store and why

Account details — your name and email, managed through our sign-in provider Clerk — so you can sign in and we can reach you about your account.

Business workspace data — your business profile and canvas, website content, brand assets, bookings, invoices, documents, and customer records — because storing and showing this back to you is the product.

Billing records — your subscription status and Stripe identifiers. Card numbers never touch HardLaunch; Stripe handles all payment details.

AI history — the prompts you send and the drafts that come back are kept for 90 days so your history works, then deleted automatically.

Operational logs — basic technical logs (like errors and rate-limit counters) kept briefly to keep the service healthy and abuse-resistant.

Your customers' data (where HardLaunch is a processor)

When someone submits the contact form on your published site, their name, contact details, and message are stored in your workspace. For that data, you (the business) are the controller and HardLaunch is your processor: we store it, show it to you, and notify you about it, and we don't use it for anything else. Every published site includes a privacy notice page that explains this to your visitors.

Page views on published sites are counted without cookies and without identifying visitors.

Who processes data for us

HardLaunch runs on a small set of infrastructure providers, each processing data only to provide their service: Vercel (hosting and file storage), Neon (database), Clerk (sign-in), Stripe (payments and payouts), OpenAI via Vercel AI Gateway (AI drafts you request — the gateway is configured for zero data retention), and Resend (email notifications, when configured). Data is processed in the United States.

Cookies

HardLaunch uses only cookies that are necessary to run the app: your sign-in session (set by Clerk) and a small preference cookie that remembers whether your sidebar is open. There are no advertising or third-party analytics cookies, which is why there is no cookie banner. Published business sites set no cookies at all.

Your controls and rights

Export: Settings → Business details → Export data downloads everything HardLaunch stores for a business as one file.

Deletion: you can delete a business or your entire account from Settings. Deletion is immediate and permanent, removes uploaded images, and cancels billing. If you delete your account through the sign-in provider instead, we remove your HardLaunch data when we're notified.

If you are in the EU/EEA, UK, or a US state with a privacy law, you have rights to access, correct, delete, and port your data, and to complain to your supervisory authority. The built-in tools cover most of this instantly; for anything else, email privacy@hardlaunch.dev.

Retention and security

Workspace data is kept while your account exists and removed when you delete it. AI history is deleted after 90 days. Stripe billing records are retained as required for financial compliance.

Data is encrypted in transit, stored with access controls, and every workspace is isolated to its members. No internet service can promise perfect security, so we also give you the export tool to keep your own copies.

Changes and contact

If this policy changes in a way that matters, we'll say so in the product before it takes effect. Privacy questions and requests: privacy@hardlaunch.dev.