ESC HUB & GDPR

Last Updated November 2025

Introduction

Launch Point LLC (“Company,” “we,” “us”) is committed to protecting the privacy of our users and their customers. We closely monitor developments in global data protection laws to help ensure that personal data processed through the ESC Hub platform and The Escapepreneur brand is handled lawfully, transparently, and securely.

This page provides an overview of the General Data Protection Regulation (“GDPR”), how it applies to your use of ESC Hub, and the steps we take to support your compliance. This document is informational only and does not constitute legal advice.

Please review this GDPR Statement together with our Privacy Policy. If you require legal interpretation or tailored advice, we recommend consulting a qualified data protection professional.

For GDPR-related inquiries, please contact:

Email: [email protected]
Attn: Privacy Compliance Officer

General Data Protection Regulation (GDPR)

Regulation (EU) 2016/679 — the General Data Protection Regulation (EU GDPR) — is an EU-wide data protection law designed to harmonize privacy practices and strengthen individual rights.

Following Brexit, the GDPR was incorporated into UK law as the UK GDPR.
Throughout this document, “GDPR” refers collectively to the EU GDPR and the UK GDPR.

GDPR aims to:

  • Give individuals more control over their personal data

  • Require greater transparency from organizations

  • Standardize data protection across the EU

  • Ensure data is processed lawfully, fairly, and securely

As ESC Hub users may process data belonging to individuals in the EU or UK, GDPR considerations may apply to your use of the ESC Hub platform.

Basic GDPR Concepts

To understand how GDPR applies to ESC Hub and to you as a user, it is essential to define several core terms:

Personal Data

Any information relating to an identifiable natural person (“data subject”).
Examples include:

  • Names

  • Email addresses

  • Phone numbers

  • IP addresses

  • Customer information you upload into ESC Hub

Data Subject

A living individual whose personal data is processed.

Processing

Any operation performed on personal data, including:

  • Collecting

  • Storing

  • Organizing

  • Transmitting

  • Modifying

  • Deleting

Data Controller

The person or organization that determines:

  • What personal data is collected

  • Why it is collected

  • How it is processed

Data Processor

The person or organization that processes personal data on behalf of a controller.

This distinction is crucial for understanding how ESC Hub fits into GDPR requirements.

Our Role Under GDPR: Processor

When you use ESC Hub to store or process personal data about your customers (e.g., leads, subscribers, or clients), Launch Point LLC acts as a:

Data Processor

You (or your business) act as the:

Data Controller

This means:

  • You decide what data to collect

  • You decide why you collect it

  • You are responsible for ensuring your processing activities comply with GDPR

We process data only on your documented instructions and only to deliver the ESC Hub service.

Examples of data we process on your behalf:

  • Contacts you upload

  • Customer information gathered through your funnels

  • Messaging data sent through ESC Hub

  • Analytics generated about your customers’ interactions

ESC Hub does not use your Customers’ data for any purpose other than delivering the Services to you.

Our Responsibilities as a Processor

Under GDPR, Launch Point LLC must:

1. Process data only on your instructions

We do not decide how your customer data is used.

2. Maintain appropriate technical and organizational measures

This includes encryption, access controls, secure hosting, and monitoring.

3. Ensure confidentiality obligations

All staff with access to personal data are bound by confidentiality requirements.

4. Assist with data subject rights

Such as access, correction, or deletion requests — when feasible and appropriate.

5. Support you with data breach notifications

If a breach affects data we process on your behalf, we will notify you without undue delay.

6. Maintain a compliant Data Processing Agreement (DPA)

A DPA outlines each party’s GDPR responsibilities.
This agreement is required under GDPR for all EU/UK data processing.

7. Manage subprocessors

We use trusted third-party providers (e.g., hosting, payment processors, email infrastructure).
We ensure they are also bound by GDPR-compliant data protection terms.

A list of subprocessors is available upon request.

Your Responsibilities as a Controller

As a user of ESC Hub, you may act as a Data Controller. You are responsible for:

  • Ensuring you have a lawful basis for collecting and processing personal data

  • Providing adequate privacy notices to your customers

  • Managing customer consent where required

  • Handling data subject requests (e.g., deletion, access, portability)

  • Determining your own data retention periods

  • Complying with all applicable GDPR requirements

ESC Hub tools support compliance, but cannot achieve compliance on your behalf.

Data Transfers Outside the EU/UK

Launch Point LLC is located in the United States.


To lawfully transfer data from the EU/UK to the U.S., we rely on:

  • The EU’s Standard Contractual Clauses (SCCs)

  • UK International Data Transfer Addendum

  • Additional safeguards where required

These mechanisms allow ESC Hub users to process EU/UK data subject information in compliance with GDPR.

Security Measures

We employ industry-standard security measures, including:

  • Encrypted transmission (HTTPS/SSL)

  • Encrypted storage of sensitive data

  • Firewalls and intrusion monitoring

  • Strict access controls

  • Regular backups

  • Secure data center environments

  • Ongoing staff training

These measures help protect the integrity, confidentiality, and availability of personal data.

Data Subject Rights

Individuals can request:

  • Access to their personal data

  • Correction of inaccurate data

  • Deletion (“right to be forgotten”)

  • Restriction of processing

  • Data portability

  • Objection to processing

We will assist you, as controller, in fulfilling such requests when feasible.

Requests must be initiated through the Controller (you), not Launch Point LLC.

Data Retention

Data is retained only:

  • As long as necessary to provide the Services

  • As required by law

  • According to your instructions as controller

You may delete contacts or personal data at any time through your ESC Hub account.

Data Breaches

If personal data processed on your behalf is compromised due to a breach of ESC Hub systems, we will:

  • Notify you without undue delay

  • Provide details about the nature and scope of the breach

  • Support you in meeting your own GDPR notification obligations

Contact Us

For GDPR or privacy-related questions, please contact:

Email: [email protected]
Attn: Privacy Compliance Officer