Privacy policy

Last updated: 28th October 2025

1. Introduction

Marker.io SRL (“Marker.io,” “we,” “our,” or “us”) respects your privacy and is committed to protecting your personal data.
This Privacy Policy describes how we collect, use, disclose, store, and protect personal data when you:

  • Visit or interact with our website at https://marker.io (the “Website”),
  • Use our platform and related applications (the “Service”), or
  • Communicate or otherwise interact with us.

This Policy also explains your privacy rights under the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act (CCPA), and other applicable laws.

By accessing or using our Website or Service, you acknowledge that you have read and understood this Privacy Policy.

2. Who We Are

Marker.io SRL
Avenue Louise 231, 1050 Brussels, Belgium
Company number: BE0556685968
Email: privacy@marker.io

Marker.io acts as:

  • Data Controller for personal data we collect directly (marketing, account management, billing, analytics).
  • Data Processor for personal data processed on behalf of our customers through the Service (see our Data Processing Agreement).

We have appointed a Privacy Manager to handle questions and requests relating to this Policy and our data practices.

3. Personal Data We Collect

We collect personal data in three main ways: directly from you, automatically through your use of our Website or Service, and from third parties.

3.1 Data you provide to us

We collect personal data when you:

  • Create or manage a Marker.io account.
  • Submit or manage feedback, bug reports, screenshots, or attachments.
  • Communicate with our team via email, chat, or support tickets.
  • Subscribe to newsletters or request product information.
  • Participate in beta programs, surveys, or marketing campaigns.
  • Provide billing or payment information.

Categories of data collected:

  • Contact data: name, email address, job title, company name.
  • Account credentials: hashed passwords, authentication tokens.
  • Billing data: payment details, tax IDs, billing address (processed through Stripe).
  • User-generated content: feedback text, comments, screenshots, attachments.
  • Communications: support requests, chat transcripts, emails.

3.2 Data collected automatically

When you use our Website or Service, we automatically collect technical and usage data through cookies and similar technologies:

  • Device type, operating system, browser version.
  • IP address and approximate geolocation (country or region level).
  • Date and time of access, session duration, pages viewed.
  • Clickstream data, referring URLs, interactions within the Service.
  • Error logs and performance metrics.

We use this data for analytics, service performance, and security.
For details, see our Cookie Policy.

3.3 Data from third parties

We may receive information from:

  • Payment processors (e.g. Stripe) for billing verification.
  • CRM and marketing tools (e.g. HubSpot) for lead and account management.
  • Customer-support systems (e.g. Intercom) for chat and ticket tracking.
  • Authentication providers (e.g. Google, GitHub, Slack) for single sign-on.
  • Analytics or advertising partners (e.g. Google Analytics, LinkedIn Ads) to understand Website traffic and campaign effectiveness.

We process only information relevant to your relationship with Marker.io and in accordance with this Policy.

4. How We Use Personal Data

We process personal data only for specific, legitimate purposes and in accordance with applicable data protection laws. Below we explain each purpose of processing and its corresponding lawful basis under the GDPR.

  1. To provide and maintain the Service
    We use your personal data to register accounts, authenticate users, and deliver the Marker.io Service.
    This processing is necessary to perform our contract with you and to enable you to access and use the Service.
  2. To manage customer relationships and billing
    We use contact and billing information to process payments, manage subscriptions, send invoices, and maintain account records.
    This processing is necessary for the performance of a contract and to comply with our legal and tax obligations.
  3. To communicate with you
    We use your contact information to respond to support requests, notify you about changes to our Service, or send administrative messages.
    This processing is based on our legitimate interest in operating and maintaining efficient customer communications.
  4. To send product and feature updates
    We may send you information about product improvements, integrations, and new features that are relevant to your account.
    We rely on our legitimate interest in keeping users informed about the Service, but you can opt out at any time.
  5. To send marketing communications
    If you have subscribed to our mailing list or given consent, we may send promotional emails, newsletters, or event invitations.
    You can withdraw your consent at any time by clicking “unsubscribe” or contacting privacy@marker.io.
  6. To improve and develop our Website and Service
    We analyze usage data, feedback, and performance information to enhance features, fix bugs, and improve usability.
    This processing is based on our legitimate interest in improving and developing our products and understanding how they are used.
  7. To ensure security and prevent fraud
    We process technical and access data (such as IP addresses, device identifiers, and login records) to detect suspicious activity, prevent unauthorized access, and ensure network security.
    This processing is carried out on the basis of our legitimate interest in protecting our systems and users, and where necessary to comply with legal obligations.
  8. To comply with legal and regulatory obligations
    We may process personal data as required by applicable laws, including obligations related to accounting, tax, audits, or responding to lawful requests from authorities.
    This processing is carried out on the basis of our legal obligations.

4.1 Legitimate Interests

Where processing is based on legitimate interest, Marker.io carefully balances these interests with your privacy rights.
Our legitimate interests include:

  • Operating, improving, and securing our Website and Service.
  • Communicating with customers and prospects about relevant product updates.
  • Preventing fraud and ensuring network and information security.

You can object to processing based on legitimate interests (see Section 8).

5. Cookies and Tracking Technologies

We use cookies, web beacons, and similar technologies to:

  • Enable essential website functionality.
  • Analyze usage and performance.
  • Personalize user experience and remember preferences.
  • Support marketing campaigns and measure effectiveness.

You can manage or withdraw cookie consent at any time via our Cookie Policy or your browser settings.

6. How We Share Personal Data

We share data only as necessary to provide our Service or as required by law.

6.1 Service providers and subprocessors

We engage vetted subprocessors that support hosting, analytics, communication, and related operations. All subprocessors sign data-processing agreements consistent with Article 28 GDPR.

Core subprocessors include:

  • Amazon Web Services (AWS) – hosting (EU-Ireland).
  • Intercom R&D Unlimited Company – customer support (EU/US).
  • HubSpot, Inc. – CRM and marketing (US)..

The current list is available at https://marker.io/subprocessors.

6.2 Legal disclosures

We may disclose personal data to competent authorities if required to comply with legal or regulatory obligations, lawful requests, or court orders.

6.3 Business transfers

If Marker.io undergoes a merger, acquisition, or sale of assets, personal data may be transferred as part of that transaction, subject to confidentiality and notice obligations.

7. International Data Transfers

Most personal data is stored in the European Economic Area (EEA).
Where transfers outside the EEA or UK occur, we rely on:

  • Standard Contractual Clauses (SCCs) issued by the European Commission, and/or
  • Adequacy decisions recognized by the European Commission or UK Government.

All subprocessors receiving personal data outside the EEA are contractually required to provide equivalent protection.

8. Your Rights

You have the following rights under GDPR and other laws:

  • Access: request confirmation and a copy of your personal data.
  • Rectification: correct inaccurate or incomplete information.
  • Erasure: request deletion where no longer necessary (“right to be forgotten”).
  • Restriction: limit how your data is processed.
  • Portability: receive your data in a machine-readable format.
  • Objection: object to processing based on legitimate interests or direct marketing.
  • Withdraw consent: withdraw consent at any time (does not affect prior processing).

To exercise these rights, email privacy@marker.io.
‍

We respond within one month, extendable under GDPR if necessary.
You also have the right to lodge a complaint with your local supervisory authority, e.g. the Belgian Data Protection Authority (https://www.dataprotectionauthority.be).

9. Rights of California and Other US State Residents

If you are a resident of California or another US state with applicable privacy laws (such as Virginia, Colorado, or Connecticut), you may have these additional rights:

  • Right to know what personal information we collect, use, disclose, or sell (we do not sell personal data).
  • Right to delete personal information, subject to lawful exceptions.
  • Right to opt out of sale or sharing of personal data (not applicable).
  • Right to non-discrimination for exercising your rights.

To exercise these rights, contact privacy@marker.io.
We will verify identity and respond in accordance with applicable law.

10. Data Retention

Marker.io retains personal data only as long as necessary for the purposes described above or as required by law.
We apply the following principles:

  • Account data: retained for the duration of your subscription + 30 days.
  • Billing records: retained for 7 years (tax and legal obligations).
  • Support tickets and communications: retained for up to 3 years after resolution.
  • Marketing data: retained until you withdraw consent or unsubscribe.

After the retention period, personal data is securely deleted or anonymized.

11. Security of Personal Data

We maintain appropriate technical and organizational measures (TOMs) to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access, including:

  • Encryption in transit (TLS 1.2+) and at rest (AES-256).
  • Multi-factor authentication and role-based access controls.
  • Logging, monitoring, and intrusion detection systems.
  • Daily backups and disaster recovery procedures.
  • Regular vulnerability testing and penetration assessments.
  • Employee confidentiality agreements and annual security training.

For further information, visit our Security Page.

12. Data Processed on Behalf of Customers

When customers use Marker.io to collect feedback or bug reports:

  • The Customer is the Data Controller.
  • Marker.io acts solely as Data Processor, following customer instructions.
  • Processing is governed by our Data Processing Agreement.
  • Customers are responsible for obtaining necessary consents from their end users.

If you are an end user submitting data through a customer’s widget, please contact that customer (the Controller) directly to exercise your privacy rights.

13. Third-Party Services and Links

Our Website and Service may contain links to third-party websites or integrations.
We are not responsible for their privacy practices or content.
Please review those third parties’ privacy policies before interacting with them.

14. Children’s Privacy

Marker.io does not knowingly collect or process personal data from individuals under 16 years of age.
If you believe a child has provided us with personal data, contact privacy@marker.io and we will delete it promptly.

15. Changes to This Privacy Policy

We may update this Policy periodically to reflect changes in our practices or legal requirements.
We will post the updated version on this page and revise the “Last Updated” date.
If changes are material, we will notify users by email or through the Service before they take effect.

16. Contact Information

For any questions, concerns, or requests regarding this Privacy Policy or your personal data, contact:

Marker.io SRL
Attn: Privacy Manager
Avenue Louise 231,
1050 Brussels, Belgium
Email: privacy@marker.io

‍