Skip to main content
DirectoryLaunchDirectoryLaunch

Legal

Privacy Policy

Last updated: April 15, 2026

This Privacy Policy explains how DirectoryLaunch (“we”, “us”, or “our”) collects, uses, discloses, and protects personal information when you visit directory-launch.com (the “Site”) or purchase and use our products and services (together, the “Services”). By using the Services you agree to the practices described below.

1. Who we are

DirectoryLaunch is the data controller for personal information processed through the Site and the Services. For any privacy-related request you can contact us at hello@directory-launch.com.

2. Information we collect

We collect the following categories of information:

  • Information you provide to us. When you purchase a license, contact support, or start a live chat, we process your name, email address, billing address, the contents of your messages, and any other information you choose to share.
  • Transaction information. When you check out we receive order details, license tier, amount paid, currency, and a transaction identifier from our payment processor. We do not store full payment card numbers on our servers — card data is handled directly by the payment processor.
  • Usage and device data. Our analytics providers collect aggregated information about your visit such as pages viewed, referrer, approximate location derived from IP, device type, browser, operating system, language, screen size, and timestamps.
  • Support and chat data. When you use the live chat widget, the chat provider processes messages you send, the page you were on, and basic device information so we can reply.
  • Marketing attribution. We may store short-lived identifiers (see “Cookies” below) to attribute purchases to the campaign or referrer that brought you to the Site.

3. How we use your information

We use personal information to:

  • provide, operate, maintain, and improve the Services;
  • process purchases, deliver licenses, and send transactional emails;
  • respond to support requests and live-chat conversations;
  • send service announcements, security notices, and refund confirmations;
  • measure traffic, diagnose errors, and understand how the Site is used;
  • prevent fraud, abuse, and violations of our Terms of Service;
  • comply with legal obligations and enforce our agreements.

4. Legal bases for processing (EEA / UK)

If you are in the European Economic Area or the United Kingdom, we rely on the following legal bases under the GDPR / UK GDPR:

  • Performance of a contract — to fulfil your order and deliver the license you purchased.
  • Legitimate interests — to operate the Site, secure it against abuse, understand aggregate usage, and communicate with existing customers about the product they bought.
  • Consent — where required by law for non-essential cookies and similar technologies. You may withdraw consent at any time.
  • Legal obligation — to retain invoices and transaction records for tax and accounting purposes.

5. Cookies and similar technologies

A cookie is a small text file stored on your device by your browser. We and our service providers use cookies and similar technologies (localStorage, sessionStorage, tracking pixels) for the following purposes:

  • Strictly necessary — preserving your theme preference (light or dark mode), maintaining your session during checkout, and protecting forms from abuse. These are required for the Site to work and cannot be switched off.
  • Analytics — Umami and Datafast set first-party identifiers (including datafast_visitor_id and datafast_session_id) to measure pageviews, sessions, and conversion events in aggregate. We do not use these identifiers to build advertising profiles.
  • Support chat — Crisp stores a session identifier so we can continue a conversation with you if you return to the Site.
  • Checkout — our payment processor may set cookies during checkout to secure the transaction and remember your progress.

You can block or delete cookies at any time through your browser settings, and you can stop scripts from loading using a content blocker. Note that disabling cookies may break parts of the Site (for example the checkout flow or the chat widget).

6. Third-party services we use

We rely on the following sub-processors to operate the Services. Each of them is bound by their own privacy policy and, where applicable, a data-processing agreement with us.

  • Polar.sh — payment processing, invoicing, and license delivery. Receives your email, billing details, and order information.
  • Supabase — database and backend hosting. Stores account, order, and content records.
  • Resend — transactional email delivery (receipts, license emails, password resets). Receives your email address and message content.
  • Crisp — live-chat customer support. Receives messages, page context, and basic device information during a chat session.
  • Umami — privacy-friendly web analytics. Receives anonymized pageview and event data.
  • Datafast — revenue attribution and analytics. Receives pageview, session, and conversion data.
  • Vercel (or our current hosting provider) — hosts the Site and processes server logs needed to operate it.

7. International data transfers

Some of our sub-processors are located outside the EEA, the UK, or your country of residence. Where we transfer personal information internationally we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses, the UK International Data Transfer Addendum, or an adequacy decision.

8. Data retention

We keep personal information only as long as necessary for the purposes described in this policy. Transaction and invoice records are retained for the period required by applicable tax and accounting law (typically 7 years). Support conversations are kept for up to 24 months. Analytics data is retained in aggregate form and does not identify individual users.

9. How we protect your information

We use industry-standard technical and organisational measures — including TLS-encrypted transport, access controls, secret management, and principle-of- least-privilege permissions — to protect personal information. No system is perfectly secure, and we cannot guarantee absolute security.

10. Your rights

Depending on where you live, you may have the right to access, correct, delete, or port your personal information, to object to or restrict certain processing, and to withdraw consent. Residents of California may have additional rights under the CCPA/CPRA, including the right to know, the right to delete, and the right to opt out of “sale” or “sharing” of personal information. We do not sell personal information in the traditional sense, and we do not share personal information for cross-context behavioural advertising.

To exercise any of these rights, email us at hello@directory-launch.com. We will respond within the time frame required by applicable law. You also have the right to lodge a complaint with your local data-protection authority.

11. Children's privacy

The Services are not directed to children under 16 and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will delete it.

12. Do Not Track

Our Site does not respond to Do Not Track signals because no common industry standard exists. You can, however, opt out of analytics by blocking the relevant scripts in your browser.

13. Changes to this policy

We may update this Privacy Policy from time to time. When we do we will update the “Last updated” date at the top of this page and, for material changes, provide additional notice (for example by email or a banner on the Site).

14. Contact us

Questions, requests, or complaints about this policy can be sent to hello@directory-launch.com.