1. What is a cookie?
A cookie is a small text file stored on your device by your browser when you visit a website. We also use similar technologies such as localStorage, sessionStorage, tracking pixels and SDKs. In this policy, we use the word "cookies" to cover all of these.
Our use of cookies is governed by Article 5(3) of the ePrivacy Directive 2002/58/EC, transposed in France in Article 82 of the Loi Informatique et Libertés, the General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR") and the CNIL guidelines of 17 September 2020 on cookies and similar technologies.
2. Your choices
2.1. The first time you visit LaunchLoop, a cookie consent banner is displayed. You may choose to Accept all cookies, Reject all non-essential cookies (essential only), or Customise your preferences by category.
2.2. Refusing non-essential cookies is as easy as accepting them, and is the default if you do not interact with the banner. No non-essential cookies are placed before you make an active choice.
2.3. You can change your mind at any time by clicking "Cookie settings" in the footer of any page, or by clearing your browser's site data. The consent banner will reappear on your next visit.
2.4. Your cookie choice is stored for up to 6 months, after which we will ask you again (in accordance with CNIL recommendations).
2.5. You can also configure your browser to block or delete cookies. Please note that doing so may affect the functionality of certain parts of the Service.
3. Categories of cookies we use
3.1. Essential cookies (always on, no consent required)
These cookies are strictly necessary to deliver the Service you have requested (Article 82, paragraph 2, of the Loi Informatique et Libertés). They cannot be turned off through the consent banner.
| Name | Purpose | Duration | Provider |
|---|---|---|---|
| sb-access-token | Authenticates your session with the database. | 1 hour | LaunchLoop (via Supabase) |
| sb-refresh-token | Refreshes your authentication session. | 7 days | LaunchLoop (via Supabase) |
| ll_consent | Stores your cookie consent choice. | 6 months | LaunchLoop |
| ll_csrf | Protects forms against cross-site request forgery (CSRF) attacks. | Session | LaunchLoop |
| __stripe_mid | Fraud prevention during checkout. | 1 year | Stripe Payments Europe, Ltd. |
| __stripe_sid | Fraud prevention during an active checkout session. | 30 minutes | Stripe Payments Europe, Ltd. |
3.2. Analytics cookies (optional, consent required)
We use privacy-friendly analytics to understand how users interact with the Service, which pages and features are most useful, and to identify technical issues. These analytics are configured with IP anonymisation and no cross-site tracking. These cookies are set only if you accept them.
| Name | Purpose | Duration | Provider |
|---|---|---|---|
| ph_phc_* | Anonymous product analytics (page views, feature usage, session data). | 12 months | PostHog, Inc. (US) |
3.3. Marketing cookies (optional, consent required)
We may use these cookies to measure the performance of our own marketing campaigns (for example, attributing a sign-up to a specific referral source or social media campaign). They are off by default and are only set if you explicitly accept them.
| Name | Purpose | Duration | Provider |
|---|---|---|---|
| utm_source, utm_medium, utm_campaign | Campaign attribution (tracks which referral source, medium or campaign brought you to LaunchLoop). | 30 days | LaunchLoop |
4. Third-party cookies
Some cookies are set by third-party providers we rely on to operate the Service (authentication, payments, analytics). These providers may act as independent or joint controllers for those specific cookies. Please refer to their own privacy policies for more information:
- (a) Google (Sign in with Google): policies.google.com/privacy
- (b) Stripe (payments and fraud prevention): stripe.com/privacy
- (c) PostHog (analytics): posthog.com/privacy
5. International transfers
Some third-party cookies may result in the transfer of data outside the European Economic Area, notably to the United States. Where this is the case, transfers are protected by the safeguards described in our Privacy Policy (Standard Contractual Clauses, EU–US Data Privacy Framework, etc.).
6. Do Not Track and Global Privacy Control
6.1. Some browsers send a "Do Not Track" (DNT) signal. There is currently no industry consensus on how to interpret DNT signals, and we do not treat DNT as a consent or opt-out signal.
6.2. We do treat a Global Privacy Control (GPC) signal as a valid opt-out of the "sale" or "sharing" of personal information for users covered by the California Consumer Privacy Act as amended by the CPRA, in line with the California Attorney General's guidance. Note that LaunchLoop does not sell or share personal information as defined by the CPRA.
7. Changes to this policy
When we add, remove or materially change the cookies we use, we update this page and re-prompt you for consent if the changes affect non-essential cookies. The date at the top of this page reflects the date of the last update.
8. Contact
Questions about cookies or this policy? Email contact@paratoregroup.com.