Privacy Policy

Effective date: May 29, 2026

1. Introduction

5Labs, Inc. ("5Labs," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our autonomous launch assurance platform and related services (collectively, the "Service"). By using the Service, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, password (hashed), and selected subscription plan when you register
  • Project Information: Application names, staging/production URLs, technology stack details, and descriptions you submit for testing
  • Payment Information: Billing details processed through our third-party payment processor (we do not store full credit card numbers)
  • Communications: Messages, feedback, and support requests you send to us

2.2 Information Generated Through Service Use

  • Test Data: LRI scores, glitch reports, revenue leakage analyses, webhook verification results, session replay metadata, compliance assessments, AI agent outputs, and generated reports
  • Application Blueprints: Feature maps, user flow diagrams, page inventories, and API endpoint catalogs generated by the Discovery Engine™
  • Certification Records: Launch Certified™ badge status, certification history, and public verification data

2.3 Automatically Collected Information

  • Usage Data: Pages visited, features used, actions taken, timestamps, and session duration
  • Device Information: Browser type, operating system, screen resolution, and IP address
  • Cookies and Tracking: Authentication tokens, session identifiers, and analytics data (see Section 8)

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: To operate the platform, execute test runs, generate reports, and provide the features you request
  • Account Management: To create and maintain your account, authenticate access, and manage subscriptions
  • Improvement: To analyze usage patterns, diagnose technical issues, and improve Service performance, features, and user experience
  • Communication: To send transactional emails (account verification, run completions, billing), and with your consent, product updates and marketing communications
  • Security: To detect, prevent, and respond to fraud, abuse, or security incidents
  • Compliance: To comply with legal obligations and enforce our Terms of Service
  • Aggregated Analytics: To produce anonymized, aggregated benchmarks and industry insights that cannot identify individual users or applications

4. Zero-Copy Architecture™

5Labs is designed with privacy at its core through our Zero-Copy Architecture™:

  • Our AI agents interact with Your Applications through standard web protocols, the same way an end user would
  • We do not copy, store, or retain the source code or proprietary business logic of Your Applications
  • We do not access Your Application's databases, servers, or internal infrastructure
  • Test interactions are conducted against the staging or production URLs you explicitly provide
  • Screenshots captured during session replays are metadata-level representations and are stored encrypted

5. Data Sharing and Disclosure

We do not sell your personal information. We may share information in the following circumstances:

  • Service Providers: With trusted third-party vendors who assist in operating the Service (e.g., cloud hosting, payment processing, email delivery), bound by contractual confidentiality obligations
  • Legal Requirements: When required by law, regulation, legal process, or governmental request
  • Safety and Rights: To protect the rights, property, or safety of 5Labs, our users, or the public
  • Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, with notice to affected users
  • Public Certification: If you choose to publish a Launch Certified™ badge, the certification status, date, LRI score, and application name may be publicly verifiable
  • With Your Consent: For any other purpose with your explicit consent

6. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. Specifically:

  • Account Data: Retained for the duration of your account plus 30 days after deletion request
  • Test Data: Retained per your subscription plan's data retention policy (typically 90 days for Founder, 1 year for Agency, unlimited for Enterprise)
  • Billing Records: Retained for 7 years as required for tax and accounting compliance
  • Anonymized Data: May be retained indefinitely for analytics and Service improvement

7. Data Security

We implement industry-standard security measures to protect your information, including:

  • Encryption in transit (TLS 1.3) and at rest (AES-256)
  • Passwords stored using bcrypt hashing with salting
  • Role-based access controls and least-privilege principles
  • Regular security audits and penetration testing
  • SOC 2 Type II compliant infrastructure

While we strive to protect your data, no method of transmission or storage is 100% secure. You are responsible for maintaining the security of your account credentials.

8. Cookies and Tracking Technologies

We use the following types of cookies and similar technologies:

  • Essential Cookies: Required for authentication, session management, and security. These cannot be disabled.
  • Analytics Cookies: Used to understand usage patterns and improve the Service (e.g., Google Analytics). You can opt out through your browser settings or the Google Analytics Opt-out Browser Add-on.

We do not use advertising cookies or cross-site tracking technologies.

9. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data, subject to legal retention requirements
  • Portability: Request your data in a structured, machine-readable format
  • Objection: Object to processing of your data for certain purposes
  • Withdrawal of Consent: Withdraw consent where processing is based on consent

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission, when transferring data outside the European Economic Area (EEA).

11. GDPR Compliance (EEA Users)

If you are located in the European Economic Area, our legal bases for processing your data include:

  • Contract Performance: Processing necessary to provide the Service you requested
  • Legitimate Interests: Improving our Service, ensuring security, and communicating with you
  • Consent: Where you have given explicit consent (e.g., marketing emails)
  • Legal Obligation: Compliance with applicable laws and regulations

You may lodge a complaint with your local data protection authority if you believe your rights have been violated.

12. CCPA Compliance (California Residents)

Under the California Consumer Privacy Act, California residents have the right to:

  • Know what personal information we collect and how it is used
  • Request deletion of personal information
  • Opt out of the sale of personal information (we do not sell personal information)
  • Non-discrimination for exercising your privacy rights

To exercise your CCPA rights, contact us at [email protected] or call our designated number.

13. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will take steps to delete such information promptly.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on the Service and updating the effective date. We encourage you to review this policy periodically.

15. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at:

5Labs, Inc.
Data Protection Officer
[email protected]