Security & Privacy

Your health data is precious. Here's how we protect it.

Data Encryption

All your health data is encrypted both in transit and at rest using industry-standard protocols.

  • TLS 1.3 encryption for all data transmitted between your device and our servers
  • AES-256 encryption for data stored in our databases
  • End-to-end encryption for uploaded lab reports and documents

GDPR Compliance

We comply with the General Data Protection Regulation (GDPR) and respect your data rights.

  • Right to access: Request a copy of your personal data at any time
  • Right to deletion: Permanently delete your account and all associated data
  • Right to portability: Export your data in a machine-readable format
  • Right to rectification: Update or correct your personal information

Third-Party Services

We work with trusted service providers to deliver Marquer. All third parties are carefully vetted for security and privacy compliance.

Firebase (Google)

Authentication and user management. Data stored in secure Google Cloud infrastructure with GDPR compliance.

Railway

Application hosting and PostgreSQL database. Data stored in US/EU regions with SOC 2 Type II compliance.

Anthropic Claude AI

AI-powered lab report extraction. Documents are processed securely and not retained after processing.

Vercel

Website hosting and edge functions. GDPR-compliant with data processing in EU regions available.

Data Storage & Retention

Your data is stored securely and retained only as long as necessary.

  • Active accounts: Data retained indefinitely while your account is active
  • Deleted accounts: All personal data permanently deleted within 30 days
  • Backups: Encrypted backups retained for 90 days for disaster recovery

Questions About Security?

Our privacy team is here to help. Contact us for security inquiries or data requests.

support@marquer.app

Last updated: March 29, 2026