Legal

Privacy Policy

Last updated: 7 May 2026

Overview

Marqos AI (“we”, “us”, or “our”) is committed to protecting your personal information and being transparent about what data we collect and how we use it. This Privacy Policy explains our practices when you use the Marqos AI platform at www.marqosai.com.

By using our service, you agree to the collection and use of information in accordance with this policy.

Data We Collect

Account Information

  • Email address
  • Full name (optional)
  • Password (hashed — we never store plain text passwords)
  • Google account details if you sign in with Google

Brand Profile Data

  • Business/brand name
  • Website URL
  • Industry and business description
  • Social media profile URLs (Facebook, Instagram, TikTok, LinkedIn, etc.)
  • Competitor website URLs
  • Brand logo (stored in our file storage)
  • Brand primary colour

Report Data

  • URLs submitted for analysis
  • Crawled website content (page text, meta tags, links — used for analysis only)
  • AI-generated analysis and scores
  • Report generation history and timestamps

Google Integration Data (optional)

  • Google Search Console access tokens (encrypted at rest)
  • Search performance data (keywords, impressions, clicks)
  • Google Analytics 4 traffic metrics (sessions, bounce rate, top pages)

Usage Data

  • Chat messages sent to Nova (your AI CMO)
  • Report generation counts per month
  • Feature usage patterns (anonymous, aggregated)

How We Use Your Data

Service Delivery

Your website URL and brand profile data are used to generate marketing health reports. Crawled website content is processed by our AI (Anthropic Claude) to produce analysis and recommendations. This data is not stored beyond what is needed for your reports.

AI Chat (Nova)

Chat messages are sent to Anthropic's Claude API to generate responses. Your chat history is stored locally in your browser (localStorage) and a summary context is sent with each message to maintain conversation continuity.

Account Management

Your email is used for authentication, transactional emails (report ready notifications, welcome emails), and billing communications. We do not send unsolicited marketing emails.

Billing

Payment processing is handled entirely by Lemon Squeezy. We do not store credit card numbers or payment details. We receive subscription status and plan information via webhooks.

We do not sell your personal data to third parties. We do not use your data to train AI models.

Third-Party Services

We use the following trusted third-party services to operate Marqos AI:

ServicePurposeData Shared
SupabaseDatabase & authenticationAccount data, brand profiles, reports
AnthropicAI analysis (Claude API)Website content, brand info, chat messages
GoogleOAuth login, Search Console & GA4Email, name (OAuth); search & traffic data (if connected)
Lemon SqueezyPayment processingEmail, subscription plan
ResendTransactional emailEmail address, name
VercelHosting & deploymentRequest logs (IP, user agent)

Each of these services has their own privacy policy governing their use of your data. We encourage you to review them. Anthropic's API does not use your data for model training by default.

Data Retention

  • Account dataRetained until you delete your account.
  • ReportsRetained indefinitely so you can access your history. You may delete individual reports at any time.
  • Crawl dataRaw crawled page content is not stored; only the AI-generated analysis is saved.
  • GSC / GA4 cacheCached for up to 24 hours to reduce API calls. Cleared when you disconnect Google.
  • Chat historyStored in your browser's localStorage only. We do not store chat logs on our servers.

Your Rights

You have the following rights regarding your personal data:

AccessRequest a copy of all personal data we hold about you.
CorrectionUpdate or correct inaccurate data via your account settings.
DeletionDelete your account and all associated data at any time from Settings → Account → Delete Account. This is immediate and irreversible.
Data ExportRequest an export of your reports and brand profile data in JSON format by emailing us.
Disconnect IntegrationsRevoke Google access at any time from Settings → Integrations. This immediately stops data access.
Opt-out of EmailsUnsubscribe from any email we send by clicking the unsubscribe link or emailing hello@marqosai.com.

To exercise any of these rights, contact us at hello@marqosai.com. We will respond within 30 days.

Security

We take reasonable measures to protect your data:

  • All data is transmitted over HTTPS/TLS.
  • Passwords are hashed using bcrypt via Supabase Auth — we never see plain text passwords.
  • Google OAuth tokens are encrypted at rest in our database.
  • Our database has row-level security (RLS) enabled — users can only access their own data.
  • We run on Vercel and Supabase, both of which maintain SOC 2 compliance.

Despite our efforts, no system is completely secure. If you discover a security vulnerability, please report it responsibly to hello@marqosai.com.

Cookies

We use minimal cookies:

  • Authentication cookie — set by Supabase to maintain your logged-in session. Essential and cannot be disabled.
  • Preference cookies — stored in localStorage (not cookies): sidebar state, chat history, AI name preference.

We do not use advertising cookies or third-party tracking cookies. See our Cookie Policy for full details.

Changes to This Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will notify you by email or by displaying a notice within the application. The “Last updated” date at the top of this page indicates when the policy was last revised. Continued use of Marqos AI after changes constitutes acceptance of the updated policy.

Contact Us

If you have any questions about this Privacy Policy or how we handle your data:

Email: hello@marqosai.com

Website: www.marqosai.com