Privacy Policy

MarlowIQ (“we,” “us,” or “our”) operates the commercial intelligence platform at marlow-iq.com (the “Service”). This Privacy Policy explains how we collect, use, disclose, and protect information about you when you use the Service.

By using the Service, you agree to the practices described in this Policy. If you do not agree, please do not use the Service.

Account information. When you register, we collect your name, email address, company name, job title, and payment information (processed by Stripe — we do not store full card numbers).

Usage data. We automatically collect information about how you interact with the Service, including pages viewed, features used, search queries, session duration, and device/browser information.

Communications. If you contact us by email or through the Service, we retain those communications.

User Content. Documents and files you upload to the Service (e.g., for analysis by Ask Marlow) are stored and processed to provide the Service to you.

Log data. Our servers automatically record information including IP addresses, request timestamps, error logs, and referring URLs.

Cookies and similar technologies. We use session cookies for authentication and functional cookies to remember your preferences. We do not use third-party advertising cookies. You can control cookies through your browser settings, though disabling cookies may affect Service functionality.

We use the information we collect to:

• Provide, operate, and improve the Service
• Process payments and manage your subscription
• Send you intelligence briefs, product updates, and account-related notifications
• Respond to your support requests and communications
• Monitor and analyze Service usage to improve performance and user experience
• Detect, investigate, and prevent fraud, abuse, or security incidents
• Comply with legal obligations

We do not use your personal data or User Content to train AI models or to build products that compete with you.

If you are located in the European Economic Area or United Kingdom, we process your personal data on the following legal bases:

• Contract performance — to provide the Service you subscribed to
• Legitimate interests — to improve our Service, prevent fraud, and communicate with you about the Service
• Legal obligation — to comply with applicable law
• Consent — where you have given explicit consent (e.g., marketing emails)

We do not sell your personal data. We share information only in the following circumstances:

Service providers. We share data with vendors that help us operate the Service, including:

• Supabase — database and authentication infrastructure
• Stripe — payment processing
• Vercel — hosting and deployment
• Zoho — transactional email delivery
• Anthropic — AI model processing for Ask Marlow (prompts and responses; your User Content is not used to train Anthropic models per our agreement)

All service providers are bound by data processing agreements and are prohibited from using your data for their own purposes.

Legal requirements. We may disclose your information if required by law, court order, or government authority, or to protect the rights, property, or safety of MarlowIQ, our users, or the public.

Business transfers. If MarlowIQ is acquired, merged, or undergoes a change of control, your information may be transferred to the acquiring entity, subject to the same privacy commitments in this Policy.

We retain your account information and usage data for as long as your account is active and for a reasonable period thereafter to comply with legal obligations, resolve disputes, and enforce our agreements.

User Content you upload is retained until you delete it or your account is closed. Upon account closure, we will delete your User Content within 30 days unless required to retain it by law.

Log data is retained for up to 12 months for security and diagnostic purposes.

We implement industry-standard security measures to protect your information, including:

• TLS/HTTPS encryption for all data in transit
• Encrypted storage for sensitive data at rest
• Row-level security on our database
• Access controls limiting data access to authorized personnel
• Regular security reviews

No system is completely secure. We cannot guarantee that unauthorized parties will never be able to defeat our security measures. If we become aware of a security breach affecting your data, we will notify you as required by applicable law.

Depending on your location, you may have the following rights regarding your personal data:

• Access — request a copy of the personal data we hold about you
• Correction — request correction of inaccurate or incomplete data
• Deletion — request deletion of your personal data (subject to legal retention requirements)
• Portability — receive your data in a structured, machine-readable format
• Objection / Restriction — object to or request restriction of certain processing
• Withdraw consent — where processing is based on consent, withdraw it at any time

To exercise any of these rights, contact us at marlow@marlowiq.com. We will respond within 30 days. We may need to verify your identity before fulfilling your request.

If you are in the EEA or UK, you have the right to lodge a complaint with your local data protection authority.

The Service is designed for professional use by adults and is not directed at children under 16. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal data, please contact us and we will delete it.

MarlowIQ operates primarily in the United States. If you access the Service from outside the US, your data may be transferred to and processed in the US, which may have different data protection laws than your country. Where required, we rely on Standard Contractual Clauses or other legally approved transfer mechanisms.

The Service may contain links to third-party websites or reference third-party data sources (such as ClinicalTrials.gov, SEC EDGAR, and public news sources). This Policy does not apply to those third parties. We encourage you to review their privacy policies.

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice in the Service. The “Effective date” at the top of this page indicates when the Policy was last revised. Continued use of the Service after a change constitutes acceptance of the updated Policy.

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, contact us:

MarlowIQ
marlow@marlowiq.com

For EU/UK data subjects, our data controller is MarlowIQ. You may also contact us to identify our EU representative where required by GDPR.