LegalLast Updated: January 15, 2025

Privacy Policy

At Team Mark, we take your privacy seriously. This policy explains how we collect, use, protect, and share your information.

Table of Contents

Overview & Summary

Team Mark ("we," "us," or "our") is a collaborative link manager that helps teams organize and share bookmarks, tools, and resources. We are committed to protecting your privacy and being transparent about our data practices.

Key Points:

  • We collect minimal data: Only what's necessary to provide and improve our service
  • We never sell your data: Your information is never sold to third parties
  • You control your data: You can access, export, or delete your data at any time
  • GDPR & CCPA compliant: We comply with major privacy regulations worldwide
  • Age requirement: You must be 16 years or older to use Team Mark
  • Encryption: Your data is encrypted in transit and at rest

Note: Team Mark is currently in pre-launch phase (launching Q1 2026). This privacy policy covers both our current waitlist operations and our planned post-launch features. Sections marked as "Current" apply now; sections marked as "Post-Launch" will apply after we launch.

Information We Collect

Current Collection (Pre-Launch)

During our pre-launch phase, we collect limited information through our waitlist:

  • Email Address: Collected via our waitlist form (Google Forms) to notify you about our launch
  • Website Analytics: Using Google Analytics GA4, we collect:
    • Page views and session duration
    • Device type, browser type, and operating system
    • Geographic location (country and region only)
    • Referral source (how you found our website)
    • Button clicks and form submissions
  • Cookies: Analytics cookies for measuring website performance

Post-Launch Collection

Note: The following data collection will begin after Team Mark launches in Q1 2026.

Account Information:

  • Name and email address
  • Password (encrypted and hashed, never stored in plain text)
  • Profile information (display name, profile photo if provided)
  • Account preferences and settings

Bookmark Data:

  • URLs, titles, and descriptions of bookmarks you save
  • Tags, categories, and folders you create
  • Bookmark organization and hierarchy
  • Metadata (creation date, last modified, access frequency)
  • Notes and annotations on bookmarks

Team & Collaboration Data:

  • Team name and settings
  • Team member roles and permissions
  • Shared collections and folders
  • Collaboration activity (who shared what, when)

Usage Data & Telemetry:

  • Feature usage patterns and preferences
  • Search queries within your bookmarks
  • Extension version and browser information
  • Performance metrics and error logs
  • Time spent using different features

Payment Information:

  • Billing name and address
  • Payment method details (processed securely by Stripe; we don't store credit card numbers)
  • Purchase history and billing records

OAuth & Single Sign-On Data:

When you choose to sign in with Google, Microsoft, or Facebook:

  • Basic profile information (name, email, profile photo)
  • OAuth tokens for authentication
  • We do NOT access your third-party account data (emails, files, contacts, etc.)

Communications:

  • Support tickets and correspondence
  • Feedback and survey responses
  • Email preferences and communication history

How We Use Your Information

Current Uses (Pre-Launch)

  • Send you launch notifications and early access information
  • Measure website engagement and improve user experience
  • Respond to your inquiries and provide customer support
  • Analyze website traffic and optimize marketing efforts

Post-Launch Uses

Note: These uses will apply after Team Mark launches.

Service Provision & Operation:

  • Provide and maintain the Team Mark service
  • Create and manage your account
  • Sync your bookmarks across devices
  • Enable team collaboration features
  • Process payments and manage subscriptions

AI-Powered Features:

  • Provide personalized bookmark recommendations
  • Automatic categorization and tagging of bookmarks
  • Smart search and content discovery
  • Duplicate detection and cleanup suggestions
  • Intelligent organization suggestions

Team Analytics & Insights:

  • Generate team usage reports and insights
  • Show most accessed bookmarks and resources
  • Provide collaboration metrics
  • Identify knowledge gaps and suggest resources

Communication & Support:

  • Send important service updates and notifications
  • Provide customer support and troubleshooting
  • Send product updates and feature announcements (you can opt out)
  • Conduct user research and gather feedback

Security & Fraud Prevention:

  • Detect and prevent fraudulent activities
  • Monitor for security threats
  • Enforce our Terms of Service
  • Maintain system integrity and reliability

Legal Compliance:

  • Comply with legal obligations and regulations
  • Respond to legal requests and prevent harm
  • Protect our rights and property

Service Improvement:

  • Analyze usage patterns to improve features
  • Conduct A/B testing and experiments
  • Fix bugs and optimize performance
  • Develop new features based on user needs

Data Sharing & Third Parties

We do not sell, rent, or trade your personal information. We share data only in these limited circumstances:

Essential Service Providers

We share data with trusted service providers who help us operate our business:

  • Google Analytics: Website analytics and usage tracking. Google's Privacy Policy
  • Google Forms: Waitlist email collection (current). Google's Privacy Policy
  • Stripe: Payment processing (post-launch). Stripe's Privacy Policy
  • AWS (Amazon Web Services): Cloud hosting and data storage. AWS Privacy Notice
  • OAuth Providers: Google, Microsoft, Facebook for authentication (post-launch)
  • Email Service Providers: For sending transactional and marketing emails
  • Customer Support Tools: For providing technical assistance

All service providers are contractually required to protect your data and use it only for the purposes we specify.

Team Members

When you join a team on Team Mark, your bookmarks and activity within shared collections are visible to other team members according to the permissions you set.

Legal Requirements

We may disclose your information if required to:

  • Comply with legal obligations, court orders, or legal processes
  • Respond to lawful requests from government authorities
  • Protect and defend our rights or property
  • Prevent fraud or illegal activities
  • Protect the safety of our users or the public

Business Transfers

If Team Mark is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you via email and/or a prominent notice on our website before your data is transferred and becomes subject to a different privacy policy.

With Your Consent

We may share your information for other purposes with your explicit consent.

What We Do NOT Do

  • We do NOT sell your personal data to third parties
  • We do NOT share your data with advertisers or marketing partners
  • We do NOT use your bookmark data for advertising outside our service
  • We do NOT access your bookmarks for any purpose other than providing our service

Data Storage & Security

We take data security seriously and implement industry-standard measures to protect your information.

Encryption

  • In Transit: All data transmitted between your browser and our servers is encrypted using HTTPS/TLS (Transport Layer Security)
  • At Rest: All data stored in our databases is encrypted using AES-256 encryption
  • Passwords: Your password is hashed using industry-standard bcrypt algorithm and never stored in plain text

Infrastructure Security

  • Hosting: We use Amazon Web Services (AWS), which provides SOC 2 compliant data centers with physical security measures
  • Access Controls: Strict role-based access controls limit who can access user data
  • Authentication: Multi-factor authentication for our team members
  • Monitoring: 24/7 security monitoring and intrusion detection
  • Regular Audits: Periodic security audits and vulnerability assessments

Application Security

  • Regular security updates and patches
  • Protection against common vulnerabilities (SQL injection, XSS, CSRF, etc.)
  • Secure session management
  • Rate limiting and DDoS protection

SOC 2 Compliance

For Enterprise plans, we offer SOC 2 Type II compliance, which means we undergo regular audits of our security controls by independent third parties.

Data Breach Response

In the unlikely event of a data breach, we will:

  • Notify affected users within 72 hours (as required by GDPR)
  • Notify relevant authorities as required by law
  • Provide details about what data was affected
  • Explain steps we're taking to address the breach
  • Offer guidance on how to protect yourself

Important: While we implement strong security measures, no method of transmission or storage is 100% secure. We cannot guarantee absolute security, but we continuously work to protect your data to the best of our ability.

Data Retention

Active Accounts

We retain your data for as long as your account is active and as needed to provide you with our services.

After Account Deletion

When you delete your account:

  • Immediate Removal: Your data is immediately removed from active systems and becomes inaccessible
  • Backup Retention: Backup copies may be retained for up to 1 year for disaster recovery purposes
  • Permanent Deletion: After 1 year, all copies of your data are permanently deleted from our systems
  • Legal Holds: If required by law, we may retain certain data for longer periods (e.g., financial records for tax purposes)

Inactive Accounts

If you don't log in to your Team Mark account for 2 consecutive years:

  • We will send you a warning email to the email address on file
  • If you don't respond within 90 days, we will consider your account inactive
  • After 1 year of inactivity notice, your data will be permanently deleted
  • You can prevent deletion by simply logging in at any time

Waitlist Data (Current)

Email addresses collected through our waitlist will be retained until:

  • You create an account (converted to active user data)
  • You unsubscribe from our waitlist
  • 2 years after product launch if you haven't created an account

Analytics & Aggregate Data

We may retain anonymized and aggregated data indefinitely for analytics, research, and service improvement purposes. This data cannot be used to identify you personally.

Your Rights & Choices

Rights for All Users

  • Access Your Data: Request a copy of all personal data we have about you
  • Correct Your Data: Update or correct inaccurate information
  • Delete Your Data: Request deletion of your account and all associated data
  • Export Your Data: Download your bookmarks in multiple formats (JSON, CSV, HTML, standard bookmark format)
  • Opt-Out of Analytics: Disable analytics cookies through your browser settings
  • Opt-Out of Marketing: Unsubscribe from promotional emails (transactional emails required for service will still be sent)
  • Contact Support: Reach out to support@getteammark.com with privacy questions or concerns

GDPR Rights (European Union Users)

If you are located in the European Union, you have additional rights under the General Data Protection Regulation (GDPR):

  • Right to Be Informed: Clear information about how we use your data (this privacy policy)
  • Right of Access: Request access to your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restrict Processing: Request that we limit how we use your data
  • Right to Data Portability: Receive your data in a machine-readable format to transfer to another service
  • Right to Object: Object to certain types of processing (e.g., direct marketing)
  • Rights Related to Automated Decision-Making: Not be subject to decisions based solely on automated processing that significantly affect you
  • Right to Withdraw Consent: Withdraw consent at any time (where processing is based on consent)
  • Right to Lodge a Complaint: File a complaint with your local data protection authority

CCPA Rights (California Users)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: Request information about the personal data we've collected about you in the past 12 months
  • Right to Delete: Request deletion of your personal data
  • Right to Opt-Out of Sale: We do not sell your personal data, so this opt-out is not necessary
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights

How to Exercise Your Rights

To exercise any of these rights:

  • Email Us: Send a request to support@getteammark.com
  • Account Settings: Many rights can be exercised directly through your account settings (post-launch)
  • Data Export Tool: Use our self-service data export tool (post-launch)

Verification & Response

  • We may ask for verification of your identity before processing your request
  • We will respond to your request within 30 days
  • If we need more time, we'll notify you and explain why
  • There is no fee for making a request

Cookies & Tracking Technologies

Cookies are small text files stored on your device that help us provide and improve our services.

Current Cookies (Pre-Launch)

We currently use only analytics cookies:

  • Google Analytics Cookies:
    • _ga - Distinguishes unique visitors (expires after 2 years)
    • _gid - Distinguishes users (expires after 24 hours)
    • _gat - Throttles request rate (expires after 1 minute)

Post-Launch Cookies

Note: These cookies will be added after Team Mark launches.

Essential Cookies (Required):

  • Authentication and session management
  • Security and fraud prevention
  • Load balancing

Analytics Cookies (Optional):

  • Usage tracking and feature analytics
  • Performance monitoring
  • A/B testing and experiments

Preference Cookies (Optional):

  • Language preferences
  • Display settings
  • Theme preferences

Managing Cookies

You can control cookies through:

Note: Blocking essential cookies may affect your ability to use certain features of Team Mark.

Other Tracking Technologies

We may also use:

  • Web Beacons: Small graphics in emails to track opens and clicks
  • Local Storage: Browser storage for caching and offline functionality
  • Session Storage: Temporary storage cleared when you close your browser

International Data Transfers

Team Mark is based in the United States, and our service infrastructure is hosted globally through Amazon Web Services (AWS).

Where Your Data is Stored

  • Primary Hosting: AWS data centers in the United States
  • Global Distribution: Your data may be processed in AWS regions worldwide for performance optimization
  • CDN (Content Delivery Network): Static assets may be cached globally for faster load times

Data Protection for EU Users

For users in the European Union, we ensure adequate protection when transferring data outside the EU:

  • Standard Contractual Clauses (SCCs): We use EU-approved Standard Contractual Clauses with our service providers
  • AWS Data Protection: AWS complies with GDPR and provides data processing agreements
  • Adequate Safeguards: We implement technical and organizational measures to protect your data regardless of location
  • Data Residency Options: Enterprise customers can request specific data residency requirements

Legal Basis for Processing (GDPR)

We process your data under these legal bases:

  • Contract Performance: Processing necessary to provide our service
  • Legitimate Interests: Improving our service, security, and fraud prevention
  • Consent: For marketing communications and optional features
  • Legal Obligations: Complying with laws and regulations

Children's Privacy

Team Mark is not intended for children under the age of 16. We do not knowingly collect personal information from children under 16.

Age Requirement

  • Minimum Age: You must be at least 16 years old to use Team Mark
  • Parental Consent: If you are under 18, you should review this privacy policy with your parent or guardian
  • GDPR Compliance: Our age limit of 16 complies with GDPR requirements for the European Union

If We Discover Under-Age Users

If we become aware that we have collected personal information from a child under 16 without parental consent:

  • We will take steps to delete that information as quickly as possible
  • We will terminate the account
  • We will not use the information for any purpose

For Parents

If you are a parent or guardian and believe your child under 16 has provided us with personal information, please contact us at support@getteammark.com so we can delete the information.

AI & Automated Processing

Note: AI features will be available after Team Mark launches.

How We Use AI

Team Mark uses artificial intelligence and machine learning to enhance your experience:

  • Bookmark Recommendations: Suggesting relevant bookmarks based on your usage patterns
  • Automatic Categorization: Intelligently organizing bookmarks into categories and tags
  • Smart Search: Improving search results based on context and relevance
  • Duplicate Detection: Identifying duplicate bookmarks to keep your collection clean
  • Content Analysis: Analyzing bookmark content to provide better organization and insights

Data Used for AI

Our AI features use:

  • Your bookmark URLs, titles, and descriptions
  • Your organization patterns (folders, tags, categories)
  • Your usage patterns (frequency of access, search queries)
  • Aggregated patterns from other users (anonymized)

Privacy Protections

  • Local Processing: Where possible, AI processing happens locally in your browser
  • Anonymization: When using aggregated data, all personal identifiers are removed
  • No Cross-User Access: AI never accesses other users' private bookmarks
  • Opt-Out Available: You can disable AI features in your settings

Automated Decision-Making

Team Mark does not make automated decisions that significantly affect you. Our AI features are:

  • Purely suggestive (recommendations you can ignore)
  • Under your control (you decide what to accept)
  • Transparent (we explain how suggestions are generated)

GDPR Right to Human Review

If you believe an AI decision has negatively affected you, you have the right to:

  • Request human review of the decision
  • Receive an explanation of the decision
  • Challenge the decision

Contact support@getteammark.com to request human review.

Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

How We Notify You

  • Last Updated Date: We will update the "Last Updated" date at the top of this page
  • Material Changes: For significant changes that affect your rights, we will:
    • Send you an email notification to the email address on file
    • Display a prominent notice on our website
    • Provide at least 30 days notice before changes take effect
  • Minor Updates: For minor changes (typos, clarifications), we will update this page without separate notification

Version History

We maintain a version history of this privacy policy. You can view previous versions by contacting support@getteammark.com.

Your Acceptance

  • Continued use of Team Mark after changes become effective means you accept the updated policy
  • If you don't agree with changes, you can close your account before they take effect
  • We will always give you the option to download your data before closing your account

Review Periodically

We encourage you to review this privacy policy periodically to stay informed about how we protect your information.

Contact Information

If you have questions, concerns, or requests regarding this privacy policy or our data practices, please contact us:

Privacy Inquiries

  • Email: support@getteammark.com
  • Subject Line: Please use "Privacy Inquiry" in the subject line for faster routing
  • Response Time: We typically respond within 2-5 business days

Company Information

Note: Detailed company registration information and mailing address will be added once the company is formally incorporated.

For EU Users

If you are located in the European Union and are not satisfied with our response to your privacy concern, you have the right to lodge a complaint with your local data protection authority.

For California Users

California residents with questions about our privacy practices or CCPA rights can contact us using the email above.

Additional Resources

  • Terms of Service: View our Terms of Service
  • Cookie Policy: Detailed cookie information is included in the Cookies & Tracking Technologies section above
  • Data Processing Agreement: Available for Enterprise customers upon request
  • Security Whitepaper: Available for Enterprise customers upon request

External Privacy Resources