We take privacy policies seriously and we value transparency.
Effective day 31 March 2018.
LaunchDarkly is a Software-as-a-Service (SaaS) platform provider that serves companies looking to implement feature flags in their overall software development lifecycle. Feature flags allow software developers to change application behavior from outside of the application without redeploying their code. This has a number of benefits including a separation of risks, ability to deliver different experiences in a targeted manner, and the lower administrative burden of software release. LaunchDarkly provides a turnkey robust feature management solution that offers high availability, scalability, and audit control.
Because LaunchDarkly customers themselves have customers, language can get very confusing. In this document, we refer to our customers (Companies who utilize our platform in their software) as members (team members). We refer to the customers of those members to be "users" or "end-users". When the generic pronoun "you" is used, it is meant to refer to anyone reading this policy and can generically mean anyone who interacts with our website, a member of our services, or a user of one of our members.
This policy does not cover third party websites, products, or services even if they link to our services—you should consider their own privacy policies carefully. If you disagree with the practices described in this policy, then you should (a) take necessary steps to remove cookies from your computer after leaving our website, and (b) discontinue your use of our services.
The data we collect depends on how our services are used. We receive some data directly, like when you visit one of our web properties, sign up for a trial, or send us email. Other times, we get data indirectly, like when we record that you visited one of our websites using technologies like cookies. We also get data from third parties, like from our members when they pass data to us to process.
The collection and use of data is essential to the value that we provide as a service, as well as improve on the services we provide; but we aim to do our best to keep data safe and secure.
We collect information about our customers for the following reasons and not for other reasons:
LaunchDarkly does not sell Personal Data or Service Data to marketers or unaffiliated third parties. Data collected by LaunchDarkly will only used for the purposes of furthering, improving, and expanding the LaunchDarkly business. We share Personal and Service Data with the following third parties:
LaunchDarkly takes security very seriously, and if you have reason to believe that your data or someone elses data is no longer secure, please contact firstname.lastname@example.org.
In the event of a security breach, we will take take necessary measures to ensure the continued safety of data and contact affected parties within a reasonable amount of time about the scope and scale of the unauthorized disclosure.
We retain data as necessary to provide the services as described in this policy unless a longer retention is required by law. For personal data, we retain information about you until are no longer a customer, though some data is retained for the purposes of audit. Service data is retained for a period of no more than 30 days, save for data that is required as a part of audit control.
The above principals of how we will manage the data, use the data, protect the data, and remove the data will apply for as long as we control the Personal data.
LaunchDarkly's core services are not directed to minors and we request that minors do not provide to us any Personal Data. We rely on our members, when acting in the role of a Data controller, to take responsibility for making sure their users' privacy rights are respected and ensuring that the appropriate disclosures are made about third party collection and use.
You have a right to access the personal information we hold about you. Whenever you use our site or LaunchDarkly Services, we strive to make sure that your Personal Information is correct. If that information is wrong, we give you tools and methods to update it quickly or delete it, unless that information is necessary for legal or business purposes. When updating your Personal Information, we may ask you to verify your identity before making changes. We may reject requests that are unreasonably repetitive, require disproportionate technical effort (for example, developing new systems or fundamentally changing our existing practice), risk the privacy of others, or would be extremely impractical (e.g. requests concerning information on our backup systems). Because we protect information from accidental or malicious destruction, after data is removed from our servers, it can take some time for that data to be purged.
To request removal of your Personal Information from our site or services, contact us at email@example.com. LaunchDarkly cares deeply about the sanctity of your data and our privacy team will manage each request on a case by case basis.
We totally understand your right to have us stop contacting you. We endeavor to give you the ability to control the way we contact you. You may use the the links at the bottom of each communication to opt-out of further communications.
If you are a user of one of our member's services and need to correct, amend, or delete inaccurate data about you, please contact the member—in this case, they are the data controllers. We will comply with the wishes of our members should they direct us to take action about the modification/removal of collected data.
Our services are global and Data (of all classifications) may be stored and processed anywhere where we or one of our service providers has services. We may transfer data to countries outside of your country of residence, which may have different rules applicable to your data. LaunchDarkly will take measures to ensure that any transfers comply with applicable laws and your data remains protected as per this policy.
LaunchDarkly's Data Privacy Officer is Tim Wong, and you can contact him at firstname.lastname@example.org.
We're committed to the Privacy Shield principles of notice, choice, accountability, security, data integrity and purpose limitation, access and recourse, and are certified by the U.S. Department of Commerce. LaunchDarkly's Privacy Shield notice can be found here, which means that we are deemed to provide "adequate" privacy protection which is a requirement for the transfer of personal data under the General Data Protection Regulation (GDPR).
LaunchDarkly has taken steps to elect a Data Privacy Officer, to ensure that we have adequate data protection policies, procedures, and practices, and has completed Privacy Shield certification. As of April 2nd, 2018, we believe that we are fully in compliance with the provisions and principles of GDPR.
Of course, GDPR isn't just a line in the sand, but a continual journey—LaunchDarkly is committed to adapting to the changing landscape of privacy and renewing its practices as the landscape evolves.