Cookie Settings
By clicking “Accept All”, you agree to the storing of cookies to help us enhance site navigation, analyze site usage, and assist in marketing efforts.
Skip to main content
  • Product
    • Release Notes
    • Changelog
    • Roadmap
    • Feedback
    • Widget
    • Integrations
  • Resources
    • Security
    • Blog
    • Glossary
    • YouTube
    • About
    Product Ops Playbook
    Release Notes Examples
    Release Notes Templates
    • Buying Resources
    • Free Trial
  • Audience
    • Product Management
    • Product Operations
    • Customer Success
    • Product Marketing
  • Customers
  • Pricing
  • What's New
Book a Demo
Book a Demo
Log in
Log in
Product
  • Release Notes
  • Roadmap
  • Feedback
  • Changelog
  • Widget
  • Integrations
Product Ops Manual
Release Notes Examples
Resources
  • Security
  • Blog
  • Glossary
  • About
  • Buying Resources
  • Free Trial
  • Podcast
Audience
  • Product Management
  • Product Operations
  • Customer Success
  • Product Marketing

Security Posture

Last update: February 3, 2025

Privacy and security are core functions of the LaunchNotes platform, as well as foundational requirements for all new feature development. Earning and keeping the trust of our customers is our top priority, so we hold ourselves to the highest privacy, security, and compliance standards.

Privacy compliance and data processing

We take the protection of your information seriously, and we comply with all applicable privacy laws and regulations.

You can learn more about LaunchNotes’s privacy practices in our Data Retention Policy and Disclosure Policy, and learn more about LaunchNotes’s commitment to compliance with the General Data Protection Regulation (“GDPR”) here.

Our Data Processing Addendum is available for your review. In addition, you can find a current list of LaunchNotes’ data subprocessors at the end of the DPA and at this link.

Network and system security

When you visit the LaunchNotes website or app, the transmission of information between your device and our servers is protected using 256-bit TLS encryption. At rest, LaunchNotes encrypts data using AES-256.

LaunchNotes servers are located in the US, in data centers that are SOC 1, SOC 2 and ISO 27001 certified. We regularly install security updates and patches to keep servers up to date. Servers are segmented based on role and protected using restrictive firewalls.

Penetration test and report

LaunchNotes has engaged TrilogySecurity to provide annual penetration testing against our internal and internet-facing information technology infrastructure. Testing was performed remotely via internet in-testing environment. Finding categories, severities, and CVSS scores are aligned with LaunchNotes standards. The report is available upon request.

Business continuity: 99.97% uptime

LaunchNotes utilizes industry-leading Amazon Web Services (AWS) hosting infrastructure. Backups are redundantly replicated across multiple availability zones for data durability. LaunchNotes maintains business continuity and disaster recovery plans. Components of the disaster recovery plan include an operations playbook, which is regularly reviewed and rehearsed. A review of LaunchNotes business continuity performance is available upon request.

Product security

Within the LaunchNotes product, collaborator permissions can be managed through the management portal. These permissions allow you to control who you share a project with and whether they can modify the projects that you’ve shared with them. LaunchNotes also enables you to restrict access to a project or view share link with a password or with an email domain.

LaunchNotes recommends enabling two-factor authentication (2FA) for your account if you’re using password-based authentication. LaunchNotes supports SAML-based Single Sign On (SSO) and additional administration features for teams on the Business and Enterprise plans. Additional information is available here.

Organizational and information security

LaunchNotes vets employees and performs background checks in accordance with local laws. Employees complete annual security training which covers topics such as data privacy, information security, and password security.

Employee workstations are configured with full-disk encryption, strong passwords, and automatic locking. Employees are prohibited from installing unauthorized software or using portable media.

LaunchNotes maintains separate production and testing environments.

Application security

LaunchNotes runs automated application-level security scans on a daily basis, package dependency security advisory scans on a weekly basis, and endpoint scans on a monthly basis. In addition to internal scans, LaunchNotes commissions external penetration tests on a regular basis.

As part of the software development process, code and configuration changes are thoroughly reviewed. Before being deployed, these changes are tested during the quality assurance process to help ensure a consistent experience across all devices, platforms, and browsers that are supported by LaunchNotes.

How to report an issue

If you believe you've discovered a security-related issue, please report the issue to hey@launchnotes.io.

‍

Ready to see more?

We'd love to show you.

Book a Demo
Book a Demo
Product
Coordinate
Communicate
Connect
Integrations
Graph AI
Pricing
Free Trial
Features
What's New
Login
Solutions
Changelog Tool
Roadmap Tool
Feedback Tool
Release Notes Tool
Product Updates Tool
Connect
Community
Blog
LinkedIn
Twitter
Podcast
YouTube
Support
Help Center
Getting Started Guide
API Documentation
Statuspage
Trust Center
Company
About
Privacy Policy
Terms of Service
Data Processing Addendum
Top Resources
Product Ops Playbook
Release Notes Best Practices
Release Notes Examples
Product Roadmap Examples
Product Management Frameworks
Product Marketing Launch Plan
What is Product Operations?
Product Operations Assessment
The Product Operations Glossary
Product Operations vs Product Management
How to Build a High-Performance Product Ops Teams
Enterprise-grade security
AICPA and SOC badgeGDPR logo
Copyright © 2025 Shiny Planes, Inc. All rights reserved.
AICPA and SOC badge
GDPR logo
Best in-class security