Loop

Privacy Policy

Loop is committed to protecting your privacy and ensuring the security of your data.

Effective Date: June 09, 2025 - Last Updated: September 18, 2025

Quick Summary

Loop is built with privacy-by-design principles using secure infrastructure:

  • Vercel for frontend hosting and edge network delivery
  • Clerk for authentication and identity management
  • Convex for real-time database and storage, including vector database and retrieval augmented generation (RAG)
  • Industry-standard encryption for all data transmission and storage

1. Introduction

Launch Engine, Inc., the maker of Loop ("Launch Engine," "we," "us," or "our") is committed to protecting your privacy and ensuring the security of your data. This Privacy Policy explains how we collect, use, share, and protect information when you use Loop, our intelligent automation platform operated by Launch Engine, Inc.

2. Information We Collect

2.1 Account Information

When you create a Loop account, we collect:

  • Profile Information: First name, last name, email address, profile picture
  • Authentication Data: OAuth tokens from social providers (Google, GitHub, LinkedIn, etc.)
  • Organization Details: Company name, role, department (if applicable)
  • Contact Information: Phone number (optional), social profiles (optional)

2.2 Content You Create ("Customer Data")

You own and control all content you create or upload to Loop:

  • Files and Documents: Text files, markdown, spreadsheets, presentations, images
  • Templates: Handlebars templates and custom document templates
  • Prompts: AI prompts and prompt chains you create and save
  • Agents: Custom AI agents and their configurations
  • AI-Generated Content: Documents created using AI features
  • Metadata: Tags, descriptions, quality scores, freshness metrics
  • Extracted Text: Content extracted from uploaded documents for search and AI processing

2.3 Integration Data

When you connect third-party services:

  • Slack: Messages, channels, and files you choose to sync or share
  • Google Workspace: Files, folders, documents from Google Drive (with your permission)
  • Notion: Pages, databases, and content you explicitly share
  • OAuth Tokens: Securely stored, encrypted access tokens for connected services
  • Sync Preferences: Which folders, labels, or content types to sync

3. How We Use Your Information

3.1 To Provide and Improve Loop

  • Service Delivery: Enable file management, document generation, and collaboration
  • AI Features: Process documents, generate content, provide intelligent suggestions
  • Search Functionality: Index content for fast, accurate search (respecting permissions)
  • Real-time Sync: Keep data synchronized across devices and team members

3.2 For Security and Safety

  • Authentication: Verify your identity through Clerk
  • Authorization: Enforce role-based access control
  • Fraud Prevention: Detect and prevent unauthorized access
  • Rate Limiting: Prevent abuse and ensure service stability

4. AI and Machine Learning

4.1 AI Processing Controls

Loop gives you granular control over AI processing:

  • User-Level Settings: Enable/disable AI for your personal content
  • File-Level Permissions: Control AI access per document
  • Organization Policies: Admins can set organization-wide AI policies

4.2 AI Data Practices

  • No Training on Your Data: We do not train AI models on your content
  • Immediate Deletion: When AI is disabled, all derived data is immediately deleted
  • Provider Security: We use OpenAI and Anthropic APIs with enterprise agreements
  • Prompt Isolation: Your prompts and content are never shared with other users

5. Data Sharing and Disclosure

5.1 We Do Not Sell Your Data

Loop never sells, rents, or trades your personal information or content.

5.2 Service Providers

We share data with trusted service providers:

  • Vercel: Frontend hosting, edge functions, and CDN delivery
  • Clerk: Authentication and user management
  • Convex: Database and file storage
  • OpenAI/Anthropic/Google: AI processing (with your permission)

6. Data Security

6.1 Technical Measures

  • Encryption in Transit: TLS 1.3 for all API communications
  • Encryption at Rest: AES-256 encryption for stored data
  • Secure Storage: Convex's SOC 2 compliant infrastructure
  • Access Controls: Multi-factor authentication available via Clerk

6.2 Your Security Responsibilities

  • Keep your password secure
  • Enable two-factor authentication
  • Review organization member permissions regularly
  • Report suspicious activity immediately

7. Your Rights and Controls

7.1 Access and Portability

  • View Your Data: Access all your content through the Loop interface
  • Export Your Data: Download files in original formats
  • API Access: Use API keys to programmatically access your data

7.2 Correction and Deletion

  • Edit Content: Update or correct your information anytime
  • Delete Files: Remove individual files or bulk delete
  • Account Deletion: Delete your account and all associated data

7.3 Privacy Controls

  • Permission Management: Control who can access your content
  • AI Opt-Out: Disable AI processing for your content
  • Integration Management: Connect or disconnect services anytime
  • Notification Preferences: Choose which communications you receive

8. Data Retention

8.1 Active Accounts

  • Content: Retained as long as you have an active account
  • Activity Logs: Retained for 90 days for security and debugging
  • Deleted Files: Soft-deleted for 30 days, then permanently removed

8.2 Account Deletion

  • Immediate: Account marked for deletion, access revoked
  • 30 Days: Grace period for accidental deletion
  • Permanent: All data permanently deleted after grace period

9. International Data Transfers

9.1 Data Location

  • Frontend Hosting: Global edge network (via Vercel)
  • Primary Storage: United States (via Convex infrastructure)
  • CDN and Edge: Global distribution for performance (Vercel Edge Network)
  • Compliance: Standard contractual clauses for international transfers

9.2 Your Rights by Region

  • GDPR (Europe): Full data subject rights including access, rectification, erasure
  • CCPA (California): Right to know, delete, and opt-out of sale (we don't sell data)
  • Other Jurisdictions: We respect applicable local privacy laws

10. Children's Privacy

Loop is not intended for users under 13 years of age. We do not knowingly collect information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of material changes via:

  • Email notification to your registered address
  • In-app notification
  • Update notice on our website

12. Contact Us

Privacy Questions

For privacy-related questions or requests:

Email: privacy@launch-engine.com
Website: launch-engine.com

13. Legal Entity Information

This Privacy Policy is provided by Launch Engine, Inc., a Delaware corporation and the maker and operator of Loop.

Corporate Information:

14. Commitment to Privacy

At Loop, privacy isn't just compliance—it's core to our product:

  • Privacy by Design: Built into every feature
  • User Control: You decide how your data is used
  • Transparency: Clear about what we collect and why
  • Security First: Industry-best practices for data protection

Version History: v1.1 - September 18, 2025

This privacy policy is written in plain language to ensure clarity and transparency.

Questions? Contact us at privacy@launch-engine.com or visit launch-engine.com