Privacy Policy

• Content generation: Your listing details, brand voice, and area preferences are sent to Anthropic's Claude API to generate social media captions and marketing copy. No personal data beyond what you explicitly provide for a post is included in these requests.
• Social publishing: With your explicit authorisation, we use your stored OAuth tokens to publish approved posts to your connected social media accounts on your behalf.
• Scheduling and automation: We use your data to run scheduled publishing jobs and recurring content workflows you configure.
• Platform communications: We may send transactional emails (post published, token expiring, billing receipts). We do not send marketing emails without your consent.
• Service improvement: Aggregate, anonymised usage patterns help us improve the product. We do not sell individual user data.

Marquee integrates with the Meta Graph API to publish content to Facebook Pages and Instagram Business accounts. When you connect your Meta accounts:

• We request only the permissions necessary for publishing: pages_show_list, pages_manage_posts, pages_read_engagement, instagram_basic, and instagram_content_publish.
• We do not access your personal Facebook profile, friends list, messages, or any data beyond what is required to publish to your Page and Instagram account.
• Access tokens are encrypted using AES-256-GCM and stored in our database. They are used exclusively to post content you have approved and scheduled within Marquee.
• We do not share your Meta access tokens with any third party other than Meta's own API endpoints.
• Token permissions expire periodically. We refresh them automatically using Meta's token extension mechanism, or we will prompt you to reconnect your account.

We share data only with the following categories of service providers, solely to operate the platform:

We do not sell, rent, or trade your personal information to any third party for marketing or advertising purposes.

We retain your account data for as long as your account is active. Disconnecting a social media account immediately deletes the associated OAuth tokens from our database. If you delete your Marquee account, all associated data — including posts, brand settings, and social tokens — is permanently deleted within 30 days.

We take reasonable technical and organisational measures to protect your data:

• All data in transit is encrypted via TLS 1.2+.
• OAuth tokens are encrypted at rest with AES-256-GCM using a server-side key.
• Database access is governed by row-level security policies — users can only access their own organisation's data.
• Passwords are hashed using bcrypt and never stored in plaintext.
• Payment card data is never stored on our servers (handled by Stripe).

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you.
• Correct inaccurate data via your account settings.
• Delete your account and all associated data (see below).
• Disconnect any social media account at any time from Profile → Connections.
• Export your scheduled post data via the CSV export on the Calendar page.
• Object to or restrict certain processing of your data.

To exercise any of these rights, email us at privacy@getmarquee.co. We will respond within 30 days.

You can remove Marquee's access to your Facebook and Instagram accounts at any time:

1. Within Marquee: Go to Profile → Connections and click "Disconnect" next to any connected account. This immediately deletes the stored access token.
2. Via Facebook: Go to Facebook Settings → Security and Login → Apps and Websites, find Marquee, and click Remove. Facebook will notify us and we will delete all associated data within 30 days.
3. Full account deletion: Email privacy@getmarquee.co with the subject line "Delete my account" and we will permanently erase all your data within 30 days.

Marquee uses only essential, functional cookies — specifically short-lived httpOnly cookies during the OAuth connection flow (to carry CSRF state tokens). We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

Marquee is intended for real estate professionals and is not directed at children under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page and, for material changes, notify you by email. Continued use of Marquee after changes take effect constitutes acceptance of the updated policy.

If you have questions or concerns about this Privacy Policy or how we handle your data, please contact us: