Security

LaunchPad OS is built for field service operators who trust us with customer records, payment data, job history, and crew communications. Security is treated as a product requirement, not a checklist.

Infrastructure

The platform runs on managed cloud infrastructure with hardened defaults, isolated production environments, and automated patching. Production data is encrypted in transit (TLS 1.2+) and at rest (AES-256).

Access controls

• Single sign-on with role-based access at the account, location, and crew level.
• Least-privilege internal access; production access requires multi-factor authentication and is logged.
• Customer admins can audit user sessions, revoke access, and rotate API keys at any time.

Data handling

Customer data is owned by the customer. We do not sell customer data and do not use it to train third-party models. Data export and deletion are available on request.

Payments

Card and ACH transactions are processed via PCI-DSS Level 1 certified processors. LaunchPad OS does not store full card numbers.

Sub-processors

A current list of sub-processors (hosting, email, analytics, payments) is available on request and updated when our vendor list changes.

Incident response

We maintain a written incident response plan, run quarterly tabletop exercises, and commit to customer notification within the timelines required by applicable law.

Contact

Questions, audit requests, or vulnerability disclosures: security@launchpad.bot.