Privacy Policy

Last updated: September 2025

This Privacy Policy explains how MarkerKit (“we”, “us”, “our”) collects, uses, and shares personal data when you use our website, dashboard, APIs, and embeddable widgets (the “Service”).

We never sell personal data.

1. Who is the controller?

MarkerKit is the data controller for the hosted Service.
Contact: hello@markerkit.com

For self-hosted deployments run by a customer, that customer is the controller for end-user data processed on their infrastructure (see §12).

2. Data we collect

We aim to collect the minimum necessary data.

  • Account data (when you sign up or log in): name, email, password hash or identity provider ID (e.g., Google).
  • Billing data (only for payments): name, company, VAT/tax ID, billing address, transaction details. Card data is handled by our payment processor and is not stored by us.
  • Analytics data (website/app usage): page views, referrer, device/OS, approximate location, session metrics. We may use Google Analytics or another analytics platform.
  • Logs & telemetry: IP address, request/response metadata, error traces, performance metrics—used for security, debugging, and reliability.
  • Support communications: messages you send to us (email or in-app).
  • Embedded widget events (pseudonymous): aggregate counts such as widget loads, interaction events, and tile requests to operate usage-based features and billing.

We do not collect or process special categories of data.

3. Why we collect it (purposes) and legal bases (GDPR)

  • Provide and operate the Service (account access, widget delivery, APIs): Contract necessity.
  • Billing and compliance (invoicing, tax records, fraud prevention): Legal obligation and legitimate interests.
  • Analytics and product improvement (understanding usage, fixing UX issues): Legitimate interests. Where required, we’ll rely on your consent via a cookie banner.
  • Security and abuse prevention (rate limiting, investigating incidents): Legitimate interests.
  • Communications (transactional emails, account notices): Contract necessity.
  • Marketing emails (news, tips): Consent. You can opt out anytime.

We do not use your data for automated decision-making that produces legal or similarly significant effects.

4. Cookies and analytics

We use cookies and similar technologies to:

  • keep you signed in,
  • remember preferences,
  • measure usage (e.g., Google Analytics or privacy-friendly alternatives).

Where required by law, we obtain consent through a cookie banner for non-essential cookies. You can control cookies via your browser and, where applicable, our cookie settings.

5. Email practices (no spam)

  • We send transactional emails (receipts, security alerts, service notices). You cannot opt out of strictly necessary transactional emails.
  • Marketing emails are optional. Each message includes an unsubscribe link. You can also email hello@markerkit.com to opt out.

We do not share your email for third-party marketing.

6. Sharing your data (processors and recipients)

We share data only with service providers that help us run the Service, subject to data-processing agreements:

  • Payments (e.g., Stripe) – billing and invoicing
  • Analytics (e.g., Google Analytics / alternative platform) – usage measurement
  • Hosting/CDN (e.g., cloud infrastructure, object storage, email delivery) – service operation
  • Error/monitoring (e.g., Sentry or similar) – reliability and debugging
  • Customer support tools (if used) – handling your requests

We may disclose data to comply with law or to protect rights, safety, and security. In a merger/acquisition, your data may transfer to the successor entity.

We never sell personal data.

7. International transfers

If data is transferred outside the EU/EEA (e.g., to the U.S.), we use appropriate safeguards such as Standard Contractual Clauses (SCCs) and implement additional measures where needed.

8. Security

We use reasonable technical and organizational measures (encryption in transit, access controls, least-privilege, logging, backups) to protect data. No method of transmission or storage is 100% secure.

9. Data retention

  • Billing records: retained as required by applicable tax/accounting laws (often up to 10 years).
  • Account data: retained while your account is active; deleted or anonymized after closure, subject to legal holds.
  • Analytics and logs: retained for a limited period needed for security and product improvement, then aggregated or anonymized.
  • Support communications: retained as needed to address requests and maintain records.

10. Your rights (EU/EEA & similar jurisdictions)

You may have the right to access, rectify, erase, restrict, object, and port your personal data, and to withdraw consent at any time (withdrawal does not affect prior lawful processing).
To exercise these rights, email hello@markerkit.com.
You may also lodge a complaint with your local data protection authority.

11. Children

The Service is not directed to children under 16 (or the age defined by local law). We do not knowingly collect personal data from children.

12. Self-hosted deployments

If you deploy MarkerKit on your own infrastructure, you act as the controller for end-user data processed there. You are responsible for:

  • implementing a lawful basis and consent (where required),
  • providing required notices to your users,
  • securing your deployment, and
  • honoring data-subject rights.

13. Changes to this policy

We may update this Policy from time to time. Material changes will be announced (e.g., via the dashboard or email). The “Last updated” date reflects the latest version. Continued use of the Service indicates acceptance of the updated Policy.

14. Contact

Questions or requests: hello@markerkit.com

Pricing Blog Contacts Developers
© 2025 MarkerKit | Privacy Policy | Terms of Service