Legal

Privacy Policy

Last updated: April 14, 2026

maark.ai ("Maark," "we," "us," or "our") is operated by Nordica Marketing ehf. This Privacy Policy explains how we collect, use, store, and protect information when you use our platform at maark.ai.

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, and authentication credentials. If you sign in with Google, we receive your Google account ID, name, and email.

Google Search Console Data

When you connect Google Search Console, we access the following data using the webmasters.readonly scope:

  • Search performance data: clicks, impressions, CTR, and average position
  • Search queries and landing pages
  • Sitemaps and index coverage status

We request read-only access. We cannot modify your Search Console settings, submit URLs, or make changes to your properties.

Usage Data

We collect standard usage information such as pages visited, feature usage, and browser type to improve our service.

2. How We Use Your Data

We use the information we collect to:

  • Analyze search performance trends for your websites
  • Generate SEO insights, keyword opportunities, and content recommendations
  • Create automated content tasks based on search performance signals
  • Display dashboards and reports within your project workspace
  • Operate, maintain, and improve the Maark platform

We do not:

  • Sell, rent, or trade your Google user data to third parties
  • Use Google user data for advertising or marketing purposes
  • Share Google user data with third parties except as described in Section 5
  • Allow humans to read your Google user data unless you give explicit consent, it is needed for security purposes, or it is required by law

3. Data Storage and Security

Your data is stored and protected as follows:

  • Database: Encrypted at rest in Vercel Postgres (powered by Neon) and Google BigQuery
  • OAuth tokens: Encrypted with AES-256-GCM before storage
  • Transport: All data transmitted over HTTPS/TLS
  • Access: Role-based access controls limit data access to authorized team members within your project
  • Audit: Access logs retained for security audit purposes

4. Data Retention

  • Active accounts: Data is retained for as long as your account and project are active
  • Deletion requests: You may request full deletion of your data by emailing privacy@maark.ai. Requests are processed within 30 days
  • Automatic pruning: Raw Google Search Console data older than 16 months is archived or deleted
  • Account termination: After account closure, all associated data is deleted within 90 days

5. Third-Party Service Providers

We use the following third-party services to operate Maark. These providers process data on our behalf and are bound by their respective privacy policies:

  • Vercel — Application hosting and serverless functions
  • Neon — PostgreSQL database hosting
  • Google Cloud Platform — BigQuery data warehousing and compute
  • Modal — Serverless compute for AI agent execution
  • Anthropic — Claude AI for content generation and analysis
  • OpenAI — Embeddings and optional AI features
  • Cloudflare — CDN, DNS, and artifact storage
  • Convex — Real-time data backend
  • Sentry — Error tracking and performance monitoring
  • Supabase — Authentication services

We do not share your Google user data with any party not listed above, and all listed providers only receive the minimum data necessary to provide their service.

6. Your Rights

You have the right to:

  • Access — Request a copy of the data we hold about you
  • Correction — Request corrections to inaccurate data
  • Deletion — Request deletion of your data
  • Revoke access — Disconnect Google Search Console at any time from within Maark, or revoke access via your Google Account permissions
  • Data portability — Request an export of your data in a machine-readable format

To exercise any of these rights, contact us at privacy@maark.ai.

7. Google API Services User Data Policy

Maark's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

8. Cookies

We use essential cookies for authentication and session management. We do not use third-party advertising or tracking cookies. Analytics cookies, if used, are anonymized and do not track individual users across sites.

9. Children's Privacy

Maark is not directed at children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us at privacy@maark.ai.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of Maark after changes constitutes acceptance of the revised policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Nordica Marketing ehf.

Email: privacy@maark.ai

Website: maark.ai