Privacy Policy

LAST UPDATED: JANUARY 1, 2026

Introduction
Data controller
Information we collect
How we use your information
Legal bases (GDPR)
How we share information
Third-party processors
Data retention
Data security
International transfers
Your rights
California (CCPA / CPRA) rights
Children's privacy
Changes to this policy
Contact

1. Introduction

This Privacy Policy explains how ShortsLaunch ("ShortsLaunch", "we", "us", "our") collects, uses, discloses, and protects information when you visit shortslaunch.com (the "Site") or use any of our digital products and services (collectively, the "Service"). It applies to all visitors, customers, and prospective customers.

We respect your privacy. We collect only what we need to operate, improve, and provide the Service, and we never sell your personal information.

2. Data controller

The data controller responsible for your personal data is:

ShortsLaunch
Email: support@shortslaunch.com

3. Information we collect

We collect the following categories of information:

a) Information you provide directly

Account information: name, email address, password (hashed), country.
Order information: billing name, billing address, country, order amount, transaction ID. Full payment-card details are collected and processed directly by our payment processor, Stripe; we do not store them.
Communications: messages, support tickets, refund requests, and any information you voluntarily share when contacting us.
Marketing preferences: if you subscribe to our newsletter or marketing emails.

b) Information collected automatically

Device & technical data: IP address, browser type and version, operating system, device type, language, time zone, referring URL.
Usage data: pages visited, links clicked, lessons viewed, session duration, approximate location derived from IP.
Cookies and similar technologies: see our Cookie Policy.

c) Information from third parties

We may receive limited information from payment, analytics, advertising, and authentication providers, such as confirmation of a successful payment, fraud-risk signals, or analytics aggregates.

4. How we use your information

We use your information to:

Provide, operate, and maintain the Service, including delivering access to digital products you purchase;
Process payments, send order confirmations and receipts;
Provide customer support and respond to your enquiries and refund requests;
Send transactional emails (e.g. account, billing, product updates);
Send marketing communications where you have consented or where permitted by law (you can unsubscribe at any time);
Monitor and improve the Service, analyse usage, debug issues;
Detect, prevent, and address fraud, abuse, security incidents, and violations of our Terms;
Comply with legal obligations, including tax, accounting, and consumer-protection requirements.

5. Legal bases for processing (GDPR / UK GDPR)

If you are located in the European Economic Area, the United Kingdom or Switzerland, we process your personal data on the following legal bases:

Performance of a contract — to deliver the Service you have purchased.
Legitimate interests — to operate, secure, and improve our business, including fraud prevention and analytics, where these interests are not overridden by your rights.
Consent — for non-essential cookies, marketing communications, and optional analytics. You may withdraw consent at any time.
Legal obligation — to comply with applicable laws, such as accounting and tax obligations.

We do not sell your personal information. We share it only with:

Service providers who process data on our behalf under written agreements (see Section 7);
Professional advisers such as auditors, lawyers, and accountants, where necessary;
Authorities when required by law, valid legal process, or to protect rights, property or safety;
Successors in connection with a merger, acquisition, financing, reorganisation, or sale of assets, in which case we will require the recipient to honour this Privacy Policy.

7. Third-party processors

We use the following categories of third parties to operate our Service. Each is bound to appropriate confidentiality and data-protection obligations:

Payments: Stripe, Inc. — payment processing, fraud prevention. (stripe.com/privacy)
Email: a transactional and marketing email provider (e.g. Postmark, SendGrid, Mailchimp, ConvertKit) — to deliver order confirmations, account messages and, where applicable, marketing emails.
Hosting & infrastructure: our website and member-area hosting provider.
Analytics: privacy-respecting analytics (e.g. Plausible, Fathom, or Google Analytics where applicable). See our Cookie Policy.
Customer support: our helpdesk tool used to manage your support requests.

8. Data retention

We retain your personal data only as long as necessary for the purposes set out in this Policy and to comply with our legal, tax, accounting and reporting obligations. Typical retention periods:

Account and access data — for as long as your account is active, plus a reasonable archival period;
Transaction records — for the period required by applicable tax, accounting, and consumer-protection laws (typically 5–10 years);
Support correspondence — for up to 3 years after the last interaction;
Marketing data — until you unsubscribe or withdraw consent.

9. Data security

We implement reasonable technical and organisational measures to protect your personal data, including TLS/SSL encryption in transit, secure infrastructure providers, access controls, and strict vendor contracts. Payment data is handled by Stripe, which is PCI-DSS Level 1 certified. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

10. International data transfers

We are based in our country of operation and may process your personal data in countries outside your country of residence, including the United States and the European Economic Area. Where required, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses or equivalent mechanisms to protect your data.

11. Your rights

Subject to applicable law, you have the right to:

Access a copy of the personal data we hold about you;
Rectify inaccurate or incomplete data;
Erase your data ("right to be forgotten");
Restrict or object to certain processing;
Data portability — receive your data in a structured, machine-readable format;
Withdraw consent at any time where processing is based on consent;
Lodge a complaint with your local data-protection authority.

To exercise any of these rights, email us at support@shortslaunch.com. We will respond within the time required by applicable law (typically 30 days).

12. California (CCPA / CPRA) rights

If you are a California resident, you have the right, subject to certain exceptions, to: (a) request disclosure of the categories and specific pieces of personal information we have collected about you; (b) request deletion of your personal information; (c) request correction of inaccurate personal information; (d) opt out of the "sale" or "sharing" of your personal information; and (e) not be discriminated against for exercising your rights.

We do not sell your personal information. To exercise your California rights, contact support@shortslaunch.com.

13. Children's privacy

The Service is not directed to children under the age of 16, and we do not knowingly collect personal data from anyone under that age. If you become aware that a child has provided us with personal data, please contact us and we will take steps to delete it.

14. Changes to this policy

We may update this Privacy Policy from time to time. The "Last Updated" date will be revised accordingly. Material changes will be communicated through the Site or by email where appropriate. Your continued use of the Service after the changes take effect constitutes your acknowledgement of the revised Policy.

15. Contact