Our security posture, described honestly.
This page says what is true today — the protections that are actually in place — and is deliberate about what we do not yet claim. If you need something we do not have, we would rather tell you than imply it.
How your data is protected in transit and at rest
We ask for the least access that does the job
Who can do what, and how we know
We keep your data while you need it, and let it go when you don’t
Crawl artifacts, snapshots and other operational data are pruned on a schedule, and stale connection tokens are cleaned up automatically. You can request a full export or deletion of your data at any time by emailing privacy@maark.ai. The specifics live in our privacy policy.
Honesty about where we are
We are not currently SOC 2 or ISO 27001 certified, and we do not claim to be. If your procurement needs a formal security and data-processing review before you buy, that review is part of our Custom plan — talk to us and we will walk through our controls and sign a data processing agreement. We would rather earn that trust in a conversation than print a badge we have not earned.
Found a vulnerability? Please email security@maark.ai with the details and steps to reproduce. We will acknowledge your report and keep you posted as we work on a fix.
Need a deeper security review?
Our Custom plan includes a security and data-processing review, and a signed DPA.