Skip to main content
🚀 We just launched on Product Hunt! Check it out →
Enterprise-grade security

Your data is safe with us

Security isn't an afterthought — it's foundational. We protect your data with encryption, strict access controls, and industry-leading infrastructure.

TLS 1.3AES-256SOC 2 Type IIGDPRCCPA99.99% Uptime SLA

How we protect your data

Multiple layers of security at every level — from code to cloud.

Encryption everywhere

  • TLS 1.3 for all data in transit
  • AES-256 encryption for data at rest
  • Encrypted database backups stored in separate regions
  • HTTPS enforced on all endpoints — no exceptions

Infrastructure

  • Hosted on AWS (US-East / EU-West) with auto-scaling
  • SOC 2 Type II compliant data centers
  • DDoS protection via Cloudflare
  • 99.99% uptime SLA for enterprise plans
  • Automated failover and disaster recovery

Access controls

  • Role-based access control (RBAC) for all team members
  • Two-factor authentication (2FA) available on all plans
  • SSO via SAML 2.0 for enterprise organizations
  • Session management with configurable timeout
  • Audit logs for all account-level actions

Business continuity

  • Daily encrypted backups with 30-day retention
  • Point-in-time recovery for databases
  • Multi-region redundancy for critical services
  • Incident response plan tested quarterly
  • Status page with real-time uptime monitoring

Compliance & certifications

We meet the standards your legal and security teams care about.

GDPR

GDPR Compliant

Full compliance with the EU General Data Protection Regulation, including data processing agreements, the right to erasure, and data portability.

CCPA

CCPA Compliant

Compliant with the California Consumer Privacy Act, including opt-out rights and transparent data collection disclosures.

SOC 2

SOC 2 Type II

Our infrastructure providers maintain SOC 2 Type II certification, with annual audits covering security, availability, and confidentiality.

ISO

ISO 27001

We follow ISO 27001 information security management practices and are pursuing formal certification.

Security practices

Vulnerability management

Automated dependency scanning, regular penetration testing by third-party firms, and a responsible disclosure program.

Secure development

Code reviews for every pull request, static analysis in CI/CD, and security-focused engineering training for all developers.

Data residency

Choose where your data lives. US and EU hosting regions available. Data never leaves your selected region without explicit consent.

Responsible disclosure

We maintain a security vulnerability reporting program. Researchers can report findings to security@getlaunchday.com.

Security FAQ

Where is my data stored?+
All data is stored on AWS infrastructure in US-East (Virginia) by default. EU hosting (Frankfurt) is available for customers who require data residency in Europe.
Do you sell or share my data?+
Never. We do not sell, rent, or share your personal data or your customers' data with any third party for marketing purposes.
Can I export my data?+
Yes. You can export all your data — landing pages, waitlist entries, analytics, and email lists — in standard formats (CSV, JSON) at any time from your dashboard.
What happens if there's a breach?+
We have an incident response plan that includes immediate containment, investigation, user notification within 72 hours (per GDPR requirements), and a detailed post-mortem report.
Do you support SSO?+
Yes. SAML 2.0 SSO is available on the Scale plan and above. We support Okta, Azure AD, Google Workspace, and other SAML-compatible identity providers.

Questions about security?

Our team is happy to answer security questionnaires, provide our SOC 2 report, or schedule a call with our security lead.

Contact security team Privacy policy