← Back to MarqOps

Privacy Policy

Last updated: March 28, 2026

1. Introduction

MarqOps Inc. ("MarqOps," "we," "us," or "our") operates the MarqOps platform at marqops.com. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered marketing operations platform, including our website, applications, and related services (collectively, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree, please discontinue use of the Service.

2. Information We Collect

2.1 Account Information

When you create an account through Google OAuth, we collect:

  • Full name
  • Email address
  • Profile picture (avatar URL)
  • Google account identifier

2.2 Brand and Business Data

When you create brand workspaces, you may provide:

  • Brand name, website URL, and description
  • Brand guidelines, color palettes, and style preferences
  • Brand assets such as logos and reference images
  • WordPress site credentials for content publishing

2.3 Analytics and Integration Data

When you connect third-party marketing accounts, we access and store:

  • Google Search Console: Search performance data including queries, clicks, impressions, CTR, and ranking positions (read-only access)
  • Google Analytics 4: Website traffic metrics including sessions, users, page views, bounce rate, and conversions (read-only access)
  • Google Ads: Campaign performance data including impressions, clicks, cost, and conversions (read-only access)
  • DataforSEO: Domain-level SEO metrics including organic traffic, keyword rankings, and backlink profiles

OAuth access tokens and refresh tokens for these integrations are stored securely on our servers with encryption at rest. We request only the minimum scopes necessary for read-only data access.

2.4 AI-Generated Content

We store content generated through the platform, including:

  • AI-generated blog posts, images, and videos
  • Chat conversations with the analytics AI assistant
  • Content generation prompts and metadata
  • Vector embeddings of your analytics data used for AI-powered insights

2.5 Billing Information

Payment processing is handled entirely by Stripe, Inc. We do not directly collect or store credit card numbers, bank account details, or other sensitive payment information. We receive from Stripe your subscription status, plan tier, and billing period dates. Please refer to Stripe's Privacy Policy for details on their data practices.

2.6 Usage Data

We automatically collect:

  • AI credit consumption and usage logs
  • Feature usage patterns and interactions
  • Browser type, device information, and IP address
  • Pages visited and time spent on the platform

3. How We Use Your Information

We use the collected information to:

  • Provide the Service: Deliver AI-powered creative generation, SEO content creation, analytics dashboards, and advertising tools
  • Cache and optimize: Store analytics data locally to reduce redundant API calls and improve performance
  • Power AI features: Generate vector embeddings of your analytics data to enable natural-language querying through our AI assistant
  • Process payments: Manage subscriptions, credit balances, and billing through Stripe
  • Improve the Service: Analyze usage patterns to enhance features, fix bugs, and develop new capabilities
  • Communicate: Send transactional emails related to your account, billing, and service updates
  • Ensure security: Detect and prevent fraud, abuse, and unauthorized access

4. Third-Party Services

We share data with the following categories of third-party service providers:

4.1 AI Model Providers

Your prompts, brand context, and content generation requests are sent to AI model providers including Google (Gemini), Anthropic (Claude via OpenRouter), and other model providers available through OpenRouter. These providers process your data to generate content. We recommend reviewing their respective privacy policies.

4.2 Infrastructure Providers

  • Supabase: Database hosting, authentication, and file storage (US-East region)
  • Vercel: Application hosting and edge network delivery

4.3 Marketing and Analytics Integrations

When you connect Google Search Console, Google Analytics 4, or Google Ads, your data is accessed through Google's official APIs under your authorization. We act as an intermediary and do not share your Google data with other third parties. DataforSEO provides supplementary domain analysis using publicly available data.

4.4 Payment Processing

Stripe processes all payment transactions. Your financial data is handled directly by Stripe and is subject to Stripe's security standards (PCI DSS Level 1).

4.5 Analytics

We use Google Tag Manager to collect anonymous usage analytics to improve the Service.

5. Data Storage and Security

Your data is stored in Supabase-hosted PostgreSQL databases located in the United States (us-east-1 region). We implement the following security measures:

  • Row-Level Security (RLS): Database-level access controls ensure users can only access their own data
  • Encryption in transit: All data transmitted between your browser and our servers is encrypted via TLS/SSL
  • Encryption at rest: Database storage is encrypted at rest
  • OAuth token security: Google OAuth tokens are stored server-side with automatic refresh, never exposed to client-side code beyond the initial authentication flow
  • Access controls: Administrative access to production systems is restricted and logged

6. Data Retention

  • Account data: Retained for as long as your account is active
  • Analytics cache: Automatically expires based on source (4-24 hours) with a maximum age of 7 days
  • Generated content: Retained until you delete it or close your account
  • Chat history: Retained until you delete individual conversations or close your account
  • Usage logs: Retained for 12 months for billing reconciliation and service improvement
  • Account deletion: When you delete your account, all associated data is permanently removed through cascading database deletions, including brand workspaces, generated content, analytics data, chat history, and OAuth tokens

7. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate personal data
  • Deletion: Request deletion of your account and all associated data
  • Portability: Request your data in a machine-readable format
  • Withdrawal of consent: Disconnect third-party integrations at any time through your dashboard, revoking our access to those services
  • Objection: Object to certain processing activities

To exercise any of these rights, contact us at privacy@marqops.com.

8. International Data Transfers

If you access the Service from outside the United States, your data will be transferred to and processed in the United States where our servers are located. By using the Service, you consent to this transfer. We take reasonable steps to ensure your data is treated securely and in accordance with this Privacy Policy.

9. Children's Privacy

The Service is not intended for individuals under the age of 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such data, please contact us immediately and we will delete it.

10. AI and Automated Decision-Making

MarqOps uses artificial intelligence to generate marketing content, analyze analytics data, and provide recommendations. Your brand data and analytics are processed by AI models to deliver these features. We do not use your data to train AI models. Your content and analytics data are processed solely to provide the Service to you and are not used to improve third-party AI models.

11. Cookies and Tracking

We use the following types of cookies and similar technologies:

  • Essential cookies: Required for authentication and session management (Supabase auth tokens)
  • Analytics cookies: Google Tag Manager for anonymous usage analytics

You can control cookies through your browser settings. Disabling essential cookies will prevent you from using the Service.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after changes are posted constitutes acceptance of the revised policy.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, contact us at:

MarqOps Inc.
Email: privacy@marqops.com
Website: marqops.com