LaunchPoint
Privacy Policy
Effective Date: July 2026 | Version 1.0 | UK GDPR & Data Protection Act 2018 Compliant
This Privacy Policy explains how LaunchPoint (an unregistered partnership operated by Reece Cartwright and Joshua Martin) collects, uses, stores, shares, and protects personal data in connection with our web design, hosting, maintenance, and associated digital services, and in connection with our own website at launchpointweb.co.uk.
This Policy should be read alongside our Terms of Service, which governs the commercial relationship between LaunchPoint and its Clients. By engaging our services, submitting an enquiry, or using our website, you confirm that you have read and understood this Policy.
Contents
Section 1
Introduction
LaunchPoint is committed to protecting the privacy and security of personal data belonging to our Clients, website visitors, and other individuals we interact with in the course of business.
This Policy applies to personal data processed through our website, enquiry forms, email correspondence, billing systems, and any other channel through which LaunchPoint collects or receives personal data.
Section 2
Data Controller Information
LaunchPoint is an unregistered partnership operated by Reece Cartwright and Joshua Martin ("LaunchPoint", "we", "us", "our"). We act as the Data Controller for personal data processed for our own business purposes under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Where LaunchPoint processes personal data on behalf of a Client in connection with a Client's own Website (for example, data submitted through a contact form built for that Client), LaunchPoint acts as a Data Processor and the Client is the Data Controller in respect of that data. Clients are responsible for ensuring their own compliance with applicable data protection law in relation to data collected through their Website.
You can contact us regarding any data protection matter at hello@launchpointweb.co.uk.
Section 3
Definitions
Client
Any individual, sole trader, or business entity that engages LaunchPoint for Services, as defined in our Terms of Service.
Personal Data
Any information relating to an identified or identifiable living individual, as defined under UK GDPR.
Processing
Any operation performed on personal data, including collection, storage, use, disclosure, or deletion.
Data Processor
A third party that processes personal data on our behalf and under our instruction, such as Stripe or Framer.
Section 4
Personal Data We Collect
Depending on your interaction with LaunchPoint, we may collect the following categories of personal data:
We do not intentionally collect special category data (such as health, religious, or biometric data) and ask that Clients do not submit such data to us unless it is strictly necessary and lawful to do so.
Section 5
How We Collect Data
Section 6
How We Use Personal Data
We use personal data for the following purposes:
Section 7
Legal Basis for Processing
We only process personal data where we have a valid lawful basis to do so under UK GDPR. Depending on the purpose, we rely on:
Section 8
Cookies & Tracking Technologies
Our website and hosted Client Websites use essential cookies required for core functionality, such as maintaining session state. These cannot be disabled without affecting site performance.
We may also use non-essential analytics cookies, described in Section 9, subject to your consent where required by applicable law. Where a consent banner is presented, your preferences will be respected and can be changed at any time.
Section 9
Analytics
We use analytics tools provided by Framer, our hosting platform, to understand how visitors interact with our website and with hosted Client Websites. This may include page views, session duration, and general geographic location derived from IP address.
Analytics data is used in aggregate form wherever possible and is not used by LaunchPoint to build individual profiles for marketing purposes.
Section 10
Payment Processing
All Subscription and Buyout payments are processed securely through Stripe, a PCI-DSS compliant payment processor. LaunchPoint does not receive, store, or have access to full card numbers, CVV codes, or other sensitive payment card data.
Stripe acts as an independent Data Controller in respect of the payment data it processes on its own systems, in addition to acting as our Data Processor for billing records. Stripe's own privacy practices are available at stripe.com/privacy.
Section 11
Data Sharing & Third-Party Processors
We do not sell or rent personal data. We only share personal data with third parties where necessary to deliver the Services, and only under appropriate contractual safeguards. Our current third-party processors include:
We do not permit third-party processors to use personal data for their own marketing purposes.
Section 12
International Data Transfers
Some of our third-party processors, including Stripe and Framer, may process personal data on servers located outside the United Kingdom, including in the United States or the European Economic Area.
Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place, such as the UK's International Data Transfer Agreement (IDTA), Standard Contractual Clauses, or reliance on an adequacy decision recognised by the UK Government.
Section 13
Data Retention
We retain personal data only for as long as reasonably necessary for the purposes set out in this Policy, in line with the following general principles:
Where data is no longer required, we will securely delete or anonymise it in accordance with Section 6 of our Terms of Service.
Section 14
Website Data on Cancellation or Termination
Where a Client's Subscription is cancelled or terminated, any personal data collected through that Client's Website (for example, via contact forms) will be handled in accordance with our Terms of Service.
Following the standard six-month storage period, or immediately in cases of termination for breach as described in Section 15 of our Terms of Service, we reserve the right to permanently delete stored Website data, including any personal data contained within it. Clients are responsible for exporting any personal data they require prior to cancellation or as soon as possible thereafter.
Section 15
Data Security
We implement appropriate technical and organisational measures designed to protect personal data against unauthorised access, alteration, disclosure, or destruction, including relying on the security infrastructure of reputable third-party processors such as Stripe and Framer.
No method of electronic transmission or storage is completely secure. While we take reasonable steps to protect personal data, we cannot guarantee its absolute security, and any transmission of data is at your own risk.
Access to Client data within LaunchPoint is limited to Reece Cartwright and Joshua Martin, and to third-party processors strictly as required to deliver the Services.
Section 16
Automated Decision-Making
LaunchPoint does not use personal data for any form of automated decision-making or profiling that produces legal effects or similarly significant effects concerning an individual.
Section 17
Your Rights Under UK GDPR
Subject to certain exemptions and conditions, you have the right to:
To exercise any of these rights, please contact hello@launchpointweb.co.uk. We will respond within one month, in accordance with UK GDPR, and may request proof of identity before actioning a request.
Section 18
Marketing Communications
Where you have consented, or where permitted under the "soft opt-in" exemption for existing Clients, we may send service updates or marketing communications by email. You may opt out at any time by using the unsubscribe link provided or by emailing hello@launchpointweb.co.uk.
Opting out of marketing communications does not affect service-related communications necessary for the delivery of your Subscription.
Section 19
Children's Privacy
Our Services are intended for business use and are not directed at, or knowingly used by, individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected such data, we will take reasonable steps to delete it promptly.
Section 20
Data Breach Notification
In the event of a personal data breach that poses a risk to your rights and freedoms, LaunchPoint will assess the breach without undue delay and, where legally required, notify the Information Commissioner's Office (ICO) within 72 hours of becoming aware of it.
Where a breach is likely to result in a high risk to affected individuals, we will notify those individuals directly and without undue delay, together with guidance on steps they can take to protect themselves.
Section 21
Complaints
If you have any concerns about how LaunchPoint handles your personal data, please contact us first at hello@launchpointweb.co.uk so we can attempt to resolve the matter directly.
You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk, or by calling their helpline, if you remain unsatisfied with our response.
Section 22
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. Where changes are material, we will provide no less than 30 days notice to existing Clients by email, consistent with the amendment provisions in our Terms of Service.
The most current version of this Policy will always be available at launchpointweb.co.uk/privacy, together with its effective date.
Section 23
Contact Information
For any questions, requests, or concerns relating to this Privacy Policy or how we handle personal data, please contact us using the details below:
LaunchPoint
Email: hello@launchpointweb.co.uk
Website: launchpointweb.co.uk
Operated by: Reece Cartwright and Joshua Martin