Security Policy

Effective Date: 1st November 2025
Company: Launcha Tech Ltd (registered in England)
Company Number: 15537010
Registered Office: 7 Bell Yard, London, England, WC2A 2JR, United Kingdom
Last Updated: 1st November 2025

1. Security Overview

Launcha is built with a security-first mindset to ensure the protection, confidentiality, and integrity of customer and Amazon data.

We follow industry best practices and continuously improve our controls through monitoring, audits, and internal reviews.

2. Data Security Practices

  • Encryption: All data in transit and at rest is encrypted using industry standards (TLS 1.2+ and AES-256).
  • Access Control: Role-based access with least-privilege principles. Administrative access is restricted and audited.
  • Audit Logging: Sensitive operations are logged and reviewed regularly for compliance and incident detection.
  • Authentication: Secure OAuth2.0 flows for Amazon integrations. Multi-factor authentication (MFA) required for internal systems.
  • Monitoring: Continuous infrastructure monitoring for performance, uptime, and anomaly detection.

3. Data Isolation

  • Each client’s Amazon data is processed and stored in logically isolated environments.
  • No cross-account data access or aggregation occurs.
  • Data processed through SP-API and Ads API is always tied to the specific Selling Partner or Advertiser who granted authorization.

4. Infrastructure and Hosting

  • Hosted on Google Cloud Platform (GCP) within UK/EU data regions.
  • GCP provides ISO 27001, ISO 27018, SOC 1/2/3, and GDPR compliance certifications.
  • All data processing remains within approved data protection jurisdictions.

5. Compliance Commitments

Launcha complies with:

  • Amazon Selling Partner API Data Protection Policy
  • Amazon Ads API Data Protection Policy
  • Amazon Acceptable Use Policy
  • UK GDPR and the Data Protection Act 2018

We conduct periodic internal reviews to ensure continued alignment with Amazon’s policies and best practices.

6. Incident Response

  • Launcha maintains an incident response procedure for identifying, containing, and resolving security incidents.
  • In the event of a breach affecting user or Amazon data, Launcha will notify impacted parties and Amazon without undue delay, as outlined in our Privacy & Data Policy.

7. Responsible Disclosure

We welcome responsible security disclosures from researchers and partners.

If you believe you have identified a security issue, please contact our security team at security@launcha.co.

8. Continuous Improvement

Security at Launcha is not a one-time task — it’s an ongoing commitment.

We review and update our security controls, vendor relationships, and internal policies regularly to ensure that we meet or exceed Amazon and industry expectations.

2. Eligibility and Account Use

You may use the Service only if you are acting on behalf of a registered business or brand.

You are responsible for safeguarding your account credentials and all activities that occur under your account.

You agree to provide accurate business information and to keep it up to date.

Launcha reserves the right to suspend or terminate accounts that violate these Terms or provide misleading information.

Explore
Home
Features
Support
ContactPricing
Others
Terms & ConditionsPrivacy & Data PolicySecurity Policy

©2025 Launcha Tech Ltd.

Terms & Conditions

Privacy & Data Policy

Security Policy