Privacy Policy

Effective: April 3, 2026

This Privacy Policy explains how Launch Fast ("Launch Fast", "we", "us") collects, uses, and protects information when you use our web application, remote MCP server, and Chrome extension. It reflects modern SaaS expectations under GDPR and CPRA/CCPA and outlines our commitments for Amazon SP‑API and Amazon Ads integrations.

Contents
  1. Company & contact
  2. Data we collect
  3. How we use data
  4. How we share data
  5. Third-party privacy notices
  6. Security
  7. Retention
  8. Your rights
  9. Cookies & ads
  10. Chrome Extension
  11. Amazon SP‑API & Ads
  12. International transfers
  13. Children’s privacy
  14. Changes to this policy
  15. California Notice at Collection

Company & contact

Launch Fast is a product of LegacyX FBA. Contact: launchfastlegacyx@gmail.com or our support page. If you require a postal address for rights requests or legal notices, contact us and we will provide the appropriate address for your region.

Data we collect

  • Account data: name, email, password hash, and optional company.
  • Billing: handled by our payment processor (e.g., Stripe). We do not store full card numbers.
  • App, extension, and MCP activity: feature usage, request metadata, performance metrics, and content you save (e.g., markets, products, supplier notes). For our remote MCP server, this can include API key records, OAuth client registration metadata such as allowed redirect URIs, tool usage metadata (for example endpoint, method, timestamps, processing time, status code, keyword or ASIN counts), and related diagnostics needed to operate and secure the service. For our Chrome extension, this includes Amazon product interactions (ASINs, titles, prices, ratings), extension usage patterns, authentication tokens (stored locally in your browser), and cached research results.
  • Device & log data: IP address, device/browser type, user agent, and diagnostic or security logs used for reliability, fraud prevention, and abuse detection.
  • Cookies & trackers: session cookies, analytics, and advertising tags (see “Cookies & ads”).

How we use data

  • Provide and improve the app/extension and deliver requested features
  • Authenticate users and MCP clients, manage API keys and OAuth registrations, enforce rate limits, prevent fraud/abuse, and ensure security
  • Billing, account management, and customer support
  • Analytics, troubleshooting, and product development
  • Marketing communications where permitted; you can opt out

How we share data

  • We do not sell your personal information.
  • Processors that help us run the service (cloud hosting, database, analytics, payments, email). Access is limited by contract and necessity.
  • Legal disclosures where required, or to protect users and our services.
  • If you use Launch Fast through Claude or another AI/MCP client, that client provider may independently process your prompts, tool arguments, and tool results under its own terms and privacy policy.

Third-party privacy notices

Some parts of Launch Fast rely on third-party providers that may independently collect, receive, or process information when you use specific features. Their privacy practices are governed by their own policies and terms.

  • Anthropic / Claude: If you use Launch Fast through Claude or another Anthropic surface, prompts, tool arguments, tool results, and connector activity may be processed by Anthropic under the Anthropic Privacy Policy.
  • Stripe: Payments and billing information are processed by Stripe under the Stripe Privacy Policy.
  • Google and Meta: If analytics or advertising tags are active for your session, related usage and marketing signals may be processed under the Google Privacy Policy and the Meta Privacy Policy.

Security

  • Encryption in transit (TLS 1.2+) and encryption at rest (AES‑256) via our infrastructure providers
  • Least‑privilege, role‑based access and MFA for administrative access
  • Logging and monitoring of privileged operations; change management
  • Secure key and secret management; environment segregation

Retention

We retain account and product data while your account is active. We also retain MCP API key records, OAuth client registration records, and limited usage or security logs for as long as needed to operate the connector, support customers, investigate abuse, comply with legal obligations, and enforce our agreements. If you delete your account, we delete or anonymize data within a reasonable period unless retention is required by law or legitimate business purposes (for example fraud prevention, accounting, or security investigations).

Your rights

If you are in the EU/UK, you have rights under GDPR; if you are in California, you have rights under CPRA/CCPA. These include access, correction, deletion, portability, restriction/objection (GDPR), and the right to opt out of sale/share (CPRA). To exercise rights, email launchfastlegacyx@gmail.com or use our contact page. We may request verification and will respond within applicable timelines.

For Chrome Extension users: You can also disable the extension through Chrome settings, clear locally stored data by reinstalling the extension, or request deletion of any server-side cached research data associated with your account.

Cookies & ads

We use essential cookies for authentication and security, and optional analytics/advertising tags (e.g., Google Tag Manager, Meta Pixel) to understand usage and measure marketing performance. Where required, we will honor your consent choices. You can also manage cookies in your browser settings and opt out of interest‑based advertising via platform settings.

For CPRA purposes, some advertising tags may constitute "sharing" for cross‑context behavioral advertising. You may opt out by contacting us; we will apply your preference and, where supported, set an opt‑out signal.

Chrome Extension

Our Chrome extension enhances your Amazon product research experience by overlaying intelligence data directly on Amazon pages. Here's how it works:

Permissions & Data Access

  • activeTab: Access to the current Amazon tab to provide product enhancement features
  • storage: Store authentication tokens and cache research data locally in your browser
  • Amazon domains: Access Amazon product pages to display enhanced analytics and research tools

Local Browser Storage

  • Authentication tokens stored securely in Chrome's local storage
  • Cached product and keyword research results (expires automatically after 3 days)
  • Extension settings and user preferences
  • Temporary session data for improved performance

Extension Data Collection

  • Amazon product page interactions (ASINs, product titles, prices, ratings) for research enhancement
  • Extension usage patterns, feature interactions, and performance metrics
  • Cached API responses from SellerSprite and other research providers to improve performance
  • Error logs and diagnostic information for reliability improvements

User Control

You can disable the extension at any time through Chrome settings, clear cached data by removing and reinstalling the extension, or contact us to request deletion of any server-side cached research data. All extension data follows the same security and privacy standards outlined elsewhere in this policy.

Amazon SP‑API & Amazon Ads

When you connect Amazon services or use our Chrome extension on Amazon pages, we will comply with applicable Amazon program terms, including the Selling Partner API Data Protection Policy and Amazon Ads policies:

  • Minimized scopes & consent: We request the minimum scopes necessary and only after your explicit authorization.
  • Purpose limitation: Use of Amazon data is restricted to in‑product features you select. No secondary use or resale.
  • PII minimization & retention: Avoid storing Amazon customer PII. If storage is necessary to deliver functionality, retain only the minimum required and delete/anonymize promptly. For order‑related PII, we follow Amazon’s strict retention limits (generally ≤ 30 days after fulfillment unless a longer period is legally required).
  • Encryption & tokens: TLS 1.2+ in transit; AES‑256 at rest. Secure token storage with periodic rotation.
  • Access controls: Role‑based internal access with logging/monitoring of privileged operations.
  • Disconnection & deletion: Upon disconnect or your request, we revoke access and delete associated Amazon data within Amazon‑required timelines.
  • Incident response: Documented process to detect, mitigate, and notify in accordance with contractual and legal requirements.

International transfers

Data may be processed in the United States and other countries where our processors operate. Where required, we rely on appropriate safeguards (e.g., Standard Contractual Clauses) for cross‑border transfers.

Children’s privacy

Our services are not directed to children under 13 (or under 16 in the EU). We do not knowingly collect personal information from children.

Changes to this policy

We may update this policy as we release new features or as laws and platform policies evolve. We will post updates here and revise the effective date.

California Notice at Collection

We collect the following categories of personal information for business purposes: identifiers (e.g., email), commercial information (subscription details), internet or network activity (logs/analytics), and in limited cases geolocation (approximate IP‑based). We use this information to provide and secure the service, for analytics, and for limited marketing where permitted. We do not sell personal information. We may “share” personal information for cross‑context behavioral advertising as described above; you can opt out by contacting us.

How to contact us

Email: launchfastlegacyx@gmail.com | Support: launchfastlegacyx.com/contact

Ready to start?

Join sellers who research smarter.

Get Started

Cancel anytime