Layup Labs Logo
Contact us

Legal - Privacy Policy

This policy explains how Layup Labs (operated by Rhino Labs LLC) collects, uses, and protects your information across our website and all of the products and brands we operate. Last updated April 7, 2026.

Scope

This is an umbrella privacy policy that applies to Layup Labs and to each of the products and brands we own and operate, including:

  • Mail Sweeper (mailsweeper.co)
  • Deductible (deductible.me)
  • StoryCraftr (storycraftr.ai)
  • Amino Health (aminohealth.app)
  • Chargewell (chargewell.shop)
  • Canopy API (canopyapi.co)

Throughout this policy, “we,” “us,” and “our” refer to Rhino Labs LLC and any of the products listed above.

Information we collect

We collect information you provide directly (such as your name, email address, and any content you submit), information collected automatically when you use our products (such as device, browser, IP address, and usage analytics), and information from third-party services you choose to connect (such as authentication providers and integrations).

How we use information

We use the information we collect to provide, maintain, and improve our products, to communicate with you, to keep our services secure, to comply with legal obligations, and to understand how our products are used so we can make them better.

Sharing

We do not sell your personal information. We share information only with service providers who help us operate our products (such as hosting, analytics, and payment processors), when required by law, or with your consent.

How we protect your information

Protecting customer information is a core part of how we build and operate every product. We apply the following safeguards across our platforms:

  • Encryption in transit and at rest. All traffic to our products is served over TLS, and sensitive data is encrypted at rest in our databases and backups.
  • Least-privilege access. Access to production systems and customer data is limited to the people who need it, protected by SSO and multi-factor authentication, and audited regularly.
  • Secure infrastructure. We host on reputable cloud providers with industry-standard certifications (such as SOC 2 and ISO 27001) and isolate environments between products.
  • Secrets and credential hygiene. API keys, tokens, and credentials are stored in dedicated secret managers — never in source control — and rotated when necessary.
  • Monitoring and backups. We continuously monitor our systems for anomalies, maintain encrypted backups, and test our recovery procedures.
  • Data minimization. We collect only the information we need to operate each product and retain it only as long as necessary for the purposes described in this policy or as required by law.
  • Incident response. If we ever become aware of a security incident affecting your data, we will investigate promptly and notify affected users in accordance with applicable law.

No system is perfectly secure, but we work hard to apply current best practices and continuously improve how we protect the information our customers trust us with.

Your rights

Depending on where you live, you may have rights to access, correct, delete, or export your personal information, or to object to certain processing. To make a request, contact us using the details below.

Children

Our products are not directed to children under 13, and we do not knowingly collect personal information from children.

Changes

We may update this policy from time to time. When we do, we will revise the “last updated” date above and, where appropriate, provide additional notice.

Contact

Questions about this policy or your data? Email us at privacy@layuplabs.com.