MVP Launch Checklist 2026: 47 Items Before You Go Live

Most MVPs launch with the feature working and almost everything else broken. The payment flow is untested in production. The error tracking is configured but no one watches it. The privacy policy is a placeholder from a template generator. The first user hits a 500 error and there is no way to know.

This is a 47-item checklist I run before any MVP launch. It is grouped by category and ordered by priority within each. Skip nothing. Each item is a 5-30 minute investment that prevents a real failure mode.

Legal & Compliance (8 items)

1. Privacy Policy published — live URL, linked from footer and signup form. Template: Termly or Iubenda. Cost: €0-€10/month.
2. Terms of Service published — same as above. Cover liability, payment, refunds, account termination.
3. Cookie banner if EU traffic — Cookiebot free tier or self-hosted. Must allow rejection without dark patterns.
4. GDPR data map — what data you collect, where it is stored, who has access. One page. Required if you process EU user data.
5. Data processor agreements (DPAs) signed — Stripe, SendGrid, analytics provider, hosting. Required by GDPR Article 28.
6. Imprint / company info if EU-based — Germany, Austria, Switzerland require this on the website. Italy too.
7. Tax registration confirmed — if charging customers, you need a VAT/sales tax setup. Stripe Tax handles most jurisdictions for €0.50/transaction.
8. App Store / Google Play account terms accepted — if shipping mobile, do this 2 weeks before launch. Account approval takes time.

Analytics & Tracking (6 items)

9. GA4 or alternative installed — verify events firing in real-time dashboard, not just the snippet on the page.
10. Conversion events defined — signup, activation (first key action), payment. Verify each fires correctly with test data.
11. UTM parameters working — test with a tracked link, confirm source/medium attribution in GA4.
12. Server-side analytics for revenue events — client-side gets blocked by ad blockers. Revenue events should fire from your backend after Stripe webhook confirmation.
13. Funnel analytics tool installed — PostHog (free tier), Mixpanel, or Amplitude. GA4 funnels are workable but limited.
14. Cohort retention dashboard configured — weekly retention curves by signup cohort. This is your PMF early-warning system.

Error Tracking & Monitoring (5 items)

15. Sentry installed (frontend + backend) — free tier 5K events/month. Confirm errors actually reach the dashboard.
16. Sentry Slack integration — new error types ping a #errors channel. Old errors stay quiet to avoid noise.
17. Uptime monitoring — BetterStack (free tier 10 monitors), UptimeRobot, or Pingdom. 1-minute interval on key URLs.
18. Status page — Statuspage.io, BetterStack, or a public-facing /status route. Tell users when something is broken.
19. Health check endpoint — /health on your backend returns 200 if DB + dependencies reachable. Used by uptime monitor.

Payment Flow (7 items)

20. Stripe test mode end-to-end — signup, subscribe, see entitlement, cancel, refund. Each is a separate flow.
21. Real €1 production charge — your own card, full flow. Refund afterward. Confirms keys are live, not test.
22. Card decline flow tested — Stripe test card 4000 0000 0000 0002. Confirms your UI handles failure gracefully.
23. Webhook signing verified — Stripe webhook deliveries should fail without correct signature. If they succeed, you have a security hole.
24. Failed payment dunning configured — Stripe Smart Retries enabled, dunning emails written, 3 retry attempts over 14 days.
25. Cancellation flow has an "are you sure?" with a save offer — 10-20% of churn is recoverable here.
26. Invoice / receipt emails firing — Stripe handles by default. Verify they arrive and look professional.

Deployment & Infrastructure (6 items)

27. CI/CD configured — push to main → deploy. No SSH-to-server-and-run-script in 2026.
28. Database backups automated — at least daily, retained for 30 days. Test the restore procedure once before launch.
29. Secrets in env vars, not code — grep your repo for API keys before pushing public.
30. HTTPS everywhere — Cloudflare or Let's Encrypt. HTTP redirect to HTTPS at the load balancer level.
31. Load test for 50 concurrent users — k6 or Locust. If your MVP cannot handle 50, Product Hunt will kill it.
32. Rate limiting on auth endpoints — Cloudflare or app-level. Prevents brute-force and credential stuffing from day one.

Email & Communication (5 items)

33. Transactional email working — Resend, SendGrid, or Postmark. Confirm signup, password reset, payment receipt all arrive.
34. Email domain SPF/DKIM/DMARC configured — required for Gmail/Outlook deliverability. Use a tool like mxtoolbox to verify.
35. From-address is a real inbox someone reads — not noreply@. If users reply to your email, the reply should reach a human.
36. Support email visible on website — footer, contact page, signup confirmation. Inbox monitored by someone with a SLA.
37. Onboarding email sequence (3-5 emails) — welcome, value-prop, activation nudge, social proof, ask-for-feedback. Drip over 7-14 days.

Marketing & Launch Assets (6 items)

38. Landing page with one clear CTA — one button, one action. Multiple CTAs reduce conversion.
39. OG image for social sharing — 1200×630px, includes product name and value prop. Test with metatags.io.
40. App Store screenshots (if mobile) — 5+ per screen size, localized for top markets. Captions in plain language.
41. Demo video (optional but high-leverage) — 60-90 seconds, shows the core flow. Loom or screen recording is fine.
42. Press kit / one-pager — for journalists, partners, investors. Logo files, founder bio, screenshots, one-paragraph description.
43. Launch tweet / LinkedIn post drafted — three variants written before launch day so you are not writing them at midnight.

Support & Feedback (4 items)

44. Help center with 10+ articles — FAQ, getting started, common errors, billing, account management. Notion or Helpscout works.
45. In-app feedback widget — Featurebase, Canny, or a simple form. Capture feature requests from day one.
46. User interview calendar booking link — Calendly free tier. Email first 20 paying customers asking for 20 minutes.
47. Internal incident response playbook — one page. What to do when payments break, when the site is down, when a security issue is reported.

The 47 Items by Category

The Anti-Checklist: What to NOT Do Before Launch

Things founders waste time on pre-launch that do not matter:

• SOC 2 compliance: matters for enterprise sales, not for an MVP. Postpone until your first enterprise prospect asks.
• Multi-region deployment: one region is fine until you have 1,000+ users. Premature optimization.
• Kubernetes: a single VPS or Heroku-style platform handles your first 10K users. K8s is operational tax before that.
• Mobile app if you do not need it: ship web first. Native mobile is 6+ months of dev time.
• Custom dashboards: use off-the-shelf (PostHog, Mixpanel) until you outgrow them. Building dashboards is engineering time that could ship features.
• Perfect copy: launch with rough copy and iterate. The first version will be wrong anyway.

Launch Day Itself

The launch event is not the most important day. The most important day is day 8 — when the launch traffic is gone and you see whether the people who signed up are still using the product. Plan for that day as much as for launch day.

On launch day specifically: watch error tracking constantly, respond to every support email within 1 hour, post on all your channels at the same time (not staggered — let the volume create the moment), and have someone other than the founder monitoring infrastructure.

Do not launch on a Friday. Do not launch the day before a major holiday. Tuesday or Wednesday morning Pacific time is the sweet spot for tech launches.