Privacy policy

Launch My AI, LLC (“LaunchMy.ai,” “we,” “us,” or “our”) operates the LaunchMy.ai platform at launchmy.ai. This policy explains what personal information we collect, how we use it, who we share it with, and the choices you have. We’ve tried to write it in plain English, because the whole point of LaunchMy.ai is to keep things simple.

The short version: we collect the minimum we need to run your account, set up your assistant, and bill you. Your assistant runs on a server you own — we don’t read the data it processes, and we never install a way to log into that server.

Who we are

LaunchMy.ai is a launcher, not an operator. We help you create and manage a private AI assistant that runs on a cloud server in your own DigitalOcean account, using your own Anthropic AI account. We automate the setup, monitoring, and teardown of that server; we do not run your assistant or process the conversations it has.

Information we collect

Account information. When you create an account, we collect your name (optional), email address, and a password (stored only as a one-way bcrypt hash — we never store or see your actual password).

Your provider credentials. To set up and manage your assistant on your behalf, we store:

• your DigitalOcean personal access token,
• your Anthropic API key, and
• your Telegram bot token (if you connect Telegram).

These are encrypted at rest using AES-256-GCM and are used only to provision and manage your infrastructure. We never use them for our own purposes. See “Your credentials and your server” below for how we handle each one.

Connected-account credentials (Google / Gmail). If you connect a Google service (Gmail, Calendar, Contacts, or Drive), you supply your own Google OAuth application and authorize it. We briefly hold the resulting credentials (encrypted), push them to your server, and then delete them from our systems once your server confirms receipt. After that, only your server holds them. We retain non-secret details such as the connected email address, the access level you granted, and connection status.

Billing information. When you subscribe, we create a customer record with our payment processor, Stripe, and send Stripe your email and name. We store the resulting Stripe customer ID, subscription ID, subscription status, and billing-period end date. We never see, receive, or store your card number — all payment details are entered directly on Stripe’s secure checkout.

Assistant details. We store metadata about each assistant you create: its name, the cloud region and server size you chose, the DigitalOcean server ID, and its public IP address (so we can show you status and manage it). We also keep a record of the actions our management agent (“Dex”) takes on your server, which you can review in your dashboard.

Messages you send us. If you use our contact form or email us, we receive your name, email, and message so we can respond. We also keep support requests you submit.

Technical and security logs. For security, fraud prevention, and rate-limiting, we record limited technical information for sensitive actions (such as sign-up, sign-in, password reset, and contact-form submissions), including your IP address and browser user-agent, along with a timestamp and the action taken.

What we do not collect. We do not use any third-party analytics, advertising, or tracking services. We set no advertising or tracking cookies. We do not sell your personal information.

How we use your information

We use the information above to:

• create and secure your account and log you in;
• provision, configure, monitor, and (at your request) destroy your assistant’s server;
• process subscriptions and payments through Stripe;
• send you essential service emails (email verification, password resets, and account/billing notices);
• respond to your support and contact requests;
• protect the service against abuse, fraud, and security threats; and
• comply with our legal obligations.

Your credentials and your server

This is the part people care about most, so we’ll be precise.

• Your DigitalOcean token is encrypted and retained for as long as your assistant exists, because we need it to create your server, check its status, and shut it down when you ask. You can revoke this token in your DigitalOcean account at any time.
• Your Anthropic API key is encrypted and pushed to your own server, which calls Anthropic directly. We do not call Anthropic on your behalf or operate your assistant — aside from a one-time validation check when you first add the key, your AI usage and conversations are between your server and Anthropic.
• We never install an SSH key, set a root password, or keep any other way to log into your server. Your server only ever connects outward to us; we cannot initiate a connection into it, and we do not read the data it processes. All management actions are initiated by you, authenticated per-server, and recorded in an activity log you can see and disconnect at any time.

Who we share information with

We share information only with the service providers needed to run LaunchMy.ai. These are sometimes called “sub-processors”:

We may also disclose information if required by law, to enforce our Terms, or to protect the rights, safety, and security of our users or the public. If we’re ever involved in a merger or acquisition, information may transfer as part of that transaction.

If you connect a Google service, Google’s use of any data accessed through those connections is also governed by Google’s API Services User Data Policy, and the Google app you authorize is one you control.

Cookies and sessions

We use a small number of strictly necessary cookies to keep you securely signed in and to protect against cross-site request forgery. We do not use analytics, advertising, or tracking cookies.

Data retention and deletion

• Destroying an assistant (from your dashboard) deletes the underlying server and removes the associated credentials and connection data from our systems.
• Deleting your account. You can delete your account at any time using the “Delete my account” option in your account settings, which removes your personal information from our systems. You may also contact us at the address below and we will process your request. We may retain limited information we are required to keep — for example, certain billing records for tax and accounting purposes, and security audit records (see next).
• Security audit records. For security and accountability, certain audit-log entries are retained even after an assistant or account is deleted; where possible these are disassociated from your identity.
• Verification and password-reset tokens are short-lived and removed once used or expired.

How we protect your information

We encrypt your stored API credentials with AES-256-GCM, hash passwords with bcrypt, and serve the site over HTTPS. Payment card data is handled entirely by Stripe and never touches our servers. No method of storage or transmission is 100% secure, but we work to protect your information using industry-standard measures.

Your privacy rights

Depending on where you live, you may have the right to access, correct, delete, or receive a copy of your personal information, and to object to or restrict certain processing. To exercise any of these rights, contact us using the details below; we will respond as required by applicable law. We will not discriminate against you for exercising your rights.

Children

LaunchMy.ai is intended for adults and is not directed to children under 13 (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us information, please contact us and we will delete it.

International users

LaunchMy.ai is operated from the United States, and your information is processed there. If you access the service from outside the U.S., you understand that your information will be transferred to and processed in the U.S.

Changes to this policy

We may update this policy from time to time. When we do, we’ll revise the “Last updated” date above and, for significant changes, take additional steps to notify you where appropriate.

Contact us

Questions or requests about this policy or your information:

Launch My AI, LLC
1040 Belcor Dr
Spring Hill, TN 37174
Email: jimmy.ballard@launchmy.ai