Privacy Policy

Effective date: 2026-04-14

This policy describes how Liftoff handles data on the website (get-liftoff.app) and in the Liftoff mobile app for iOS and Android. Plain language. No dark patterns.

Website data

The Liftoff website uses Vercel Web Analytics. Vercel Analytics collects aggregated, anonymous request metadata — page views, referrer, country, browser — with no cookies and no client-side fingerprinting. IP addresses are processed by Vercel infrastructure for request routing but not stored in the analytics dataset. No third-party advertising or marketing SDKs load on this site.

Mobile app data

The Liftoff mobile app collects the minimum data required to deliver its features:

  • Firebase Cloud Messaging push token. Required to deliver T-24h, T-1h, and T-0 launch notifications. Stored by Firebase on Google infrastructure and associated with your device, not with a user account.
  • Launch filter preferences. Provider, pad, and mission preferences you select. Stored locally on your device. Not sent to any server.
  • Crash reports. Firebase Crashlytics collects anonymized stack traces when the app crashes. Used to fix bugs. No personal content from inside the app is included.

We do not collect an email address, a phone number, a name, contacts, photos, location, or any advertising identifier. There is no account. There is no login.

Third-party processors

  • Vercel — website hosting and analytics (website only).
  • Firebase (Google) — push notification delivery and crash reporting (mobile app only).
  • Launch Library 2 — public launch data API. No personal data sent.

Children's data

Liftoff is not directed at children under 13. We do not knowingly collect data from children under 13. If you believe a child has provided data to us, contact us (see Contact below) and we will delete it.

Data retention

  • Push tokens are kept until you uninstall the app or disable notifications.
  • Crash reports are retained by Firebase Crashlytics for up to 90 days.
  • Website analytics are retained by Vercel per their policy.

Your rights

Under GDPR and CCPA you have the right to access, delete, or port your data, and to opt out of analytics. Because we do not associate data with user accounts, most rights are exercised by uninstalling the app (which revokes the push token) and by using your browser's Do Not Track or ad-blocking settings on the website.

International transfers

Data is processed in the United States (Vercel, Firebase). By using Liftoff you consent to this transfer.

Security

TLS everywhere. HSTS preload on the website. No secrets stored on the device beyond what the OS platform provides for push credentials.

Changes to this policy

We will update this page and change the effective date above when the policy changes.

Contact

⚠ PRE-LAUNCH TODO: REPLACE CONTACT DETAILS BEFORE APP STORE SUBMISSION