Privacy Policy
1.Who we are
MarkerX ("we", "us", "our") operates the website markerx.io and the MarkerX application. MarkerX is a health data tool that allows users to upload blood test results for personal analysis and tracking. We are not a medical provider, laboratory, or healthcare organisation.
For privacy enquiries, contact us at: privacy@markerx.io
2.What we collect
- Account information: name, email address, date of birth, biological sex, athlete profile type
- Blood marker values: the numerical values extracted from your uploaded blood test report (e.g. testosterone: 18.2 nmol/L)
- Body statistics: weight and body fat percentage if you choose to enter them
- Preferences: your chosen reference range mode, unit system, and athlete profile
- Payment information: handled entirely by Stripe — we never see or store your card details
- Your original PDF blood test documents — these are deleted immediately after marker extraction
- Your GP's name, Medicare number, patient ID, or any other identifying information from your lab report
- Your full medical history or diagnosis information
- Any health information beyond the specific blood marker values you choose to upload
- Authentication data via Clerk (our authentication provider)
- Standard server logs (IP address, browser type, pages visited) — retained for 30 days
- Usage analytics to understand how features are used — anonymised and aggregated
3.How we use your information
- To display your blood marker results on your dashboard with reference range comparisons
- To provide AI-powered analysis and chat responses about your specific results (Pro feature)
- To track your marker values over time and show trends across multiple blood tests
- To send transactional emails (account confirmation, subscription receipts) via Resend
- To process your subscription payment via Stripe
- To improve the accuracy of our marker extraction and reference range data
We do not sell your data to third parties. We do not use your health data for advertising purposes. We do not share your individual health data with any third party except as described in Section 5.
4.PDF upload and data deletion
When you upload a blood test PDF, the following process occurs:
- Your PDF is temporarily stored in encrypted cloud storage (Supabase Storage) while it is processed
- Our extraction service reads the PDF and identifies blood marker names and values
- The extracted marker values are saved to your account
- The original PDF file is permanently deleted from our storage immediately after extraction completes — typically within 60 seconds of upload
- If extraction fails, the PDF is deleted immediately upon failure
After this process, only your extracted marker values remain in our system. We cannot recover or provide your original PDF documents because we do not retain them.
5.Third parties who process your data
We use the following third-party services to operate MarkerX. Each acts as a data processor under our instructions:
| Provider | Purpose | Data processed |
|---|---|---|
| Supabase | Database and temporary file storage | Marker values, account data, temporary PDFs |
| Clerk | Authentication and user management | Email, name, login credentials |
| Anthropic | AI-powered marker extraction and chat | Blood marker values for AI analysis |
| Stripe | Payment processing | Payment details (we never see card numbers) |
| Resend | Transactional email | Email address and name |
| Vercel | Frontend hosting | Standard web traffic data |
| Railway | Backend hosting | Standard server traffic data |
6.Data security
- All data is encrypted in transit using HTTPS/TLS
- Data at rest is encrypted by Supabase (AES-256)
- Row-level security ensures each user can only access their own data
- Authentication is handled by Clerk, a SOC 2 Type II certified provider
- We do not log blood marker values in server access logs
7.Your rights
You have the following rights regarding your data:
- Access: request a copy of all data we hold about you
- Correction: update incorrect information via your profile settings
- Deletion: delete your account and all associated data at any time from Settings → Account → Delete Account. This permanently removes all marker results, body stats, and personal information within 24 hours
- Portability: request an export of your marker data in CSV format
- Withdrawal of consent: you may withdraw your consent to data processing at any time by deleting your account
To exercise any of these rights, contact privacy@markerx.io or use the in-app account deletion feature.
8.Data retention
- Active accounts: your data is retained while your account is active
- Deleted accounts: all personal data is permanently deleted within 24 hours of account deletion
- Server logs: retained for 30 days then automatically deleted
- PDF uploads: deleted immediately after extraction (see Section 4)
- Stripe payment records: retained by Stripe per their legal obligations — we retain only your subscription status
9.Children
MarkerX is not intended for use by anyone under the age of 18. We do not knowingly collect data from minors. If you believe a minor has created an account, contact us at privacy@markerx.io and we will delete the account immediately.
10.International users
MarkerX is operated from Australia and primarily serves users in Australia, the United Kingdom, the United States, and globally. By using MarkerX, you consent to your data being processed in the countries where our service providers operate, including Australia, the United States, and the European Union.
For users in the European Union, we process your data under the lawful basis of consent (Article 6(1)(a) GDPR). You may withdraw consent at any time by deleting your account.
11.Cookies
MarkerX uses only essential cookies required for authentication and session management. We do not use advertising cookies, tracking pixels, or third-party analytics cookies.
12.Changes to this policy
We will notify you of material changes to this Privacy Policy by email at least 14 days before they take effect. Continued use of MarkerX after that date constitutes acceptance of the updated policy.
13.Contact
- Privacy enquiries: privacy@markerx.io
- General enquiries: hello@markerx.io
- Website: markerx.io