Markd
← Back to home

Privacy Policy

Last updated: April 2026 — GDPR compliant

1. Data Controller

The data controller for personal data collected on Markd is:

Simon Jouanique

Sole trader (auto-entrepreneur)

SIRET : 939 473 898 00012

9 cours Dupré Saint Maur, Bordeaux, France

simon.jouanique22@gmail.com

2. Data Collected

Markd collects the following data:

Account Data

Email address (upon registration). Required for authentication and project saving.

Legal basis: Contract performance

Brief Data

Sector, values, target audience, budget, mood, additional context entered during generation. Stored in saved projects.

Legal basis: Legitimate interest (service)

Anonymous Usage Data

Sector, mood, budget, chosen name, PDF export, logo generated. Collected to improve the service (machine learning). Dissociated from identity when user is not logged in.

Legal basis: Legitimate interest (improvement)

Technical Data

IP address (for rate limiting), server logs. Not stored permanently.

Legal basis: Legitimate interest (security)

3. Retention Period

  • Account data: until account deletion by the user
  • Saved projects: until manually deleted by the user
  • Anonymous usage data: aggregated monthly, raw data kept for 6 months
  • Technical logs: maximum 30 days

4. Data Sharing

Personal data is not sold or transferred to third parties. It may be shared with:

  • Supabase (Supabase Inc., USA) — data storage and authentication. Covered by EU standard contractual clauses.
  • Vercel (Vercel Inc., USA) — application hosting. Covered by EU standard contractual clauses.
  • Anthropic, Google, Replicate — brief processing for AI generation. Briefs are sent to these services but not retained beyond processing.

5. Your Rights (GDPR)

Under the GDPR, you have the following rights:

  • Right of access — view your personal data
  • Right to rectification — correct inaccurate data
  • Right to erasure — delete your account and data
  • Right to data portability — export your data
  • Right to object — opt out of legitimate interest processing

To exercise these rights, contact us via the site contact form. We will respond within 30 days. You may also lodge a complaint with the CNIL (www.cnil.fr) or your local data protection authority.

6. Cookies

Markd only uses cookies strictly necessary for authentication (Supabase session). No tracking or advertising cookies are used.

7. Security

Data is transmitted via HTTPS. Passwords are managed by Supabase Auth (bcrypt). API keys and sensitive variables are never exposed client-side.

8. Updates

This policy may be updated. In the event of a substantial change, registered users will be notified by email. The date of the last update is shown at the top of this page.

Terms of ServiceLegal NoticeBack to home