M
Marrow

Privacy Policy

Last updated: January 14, 2026

1. Introduction

Marrow ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Service.

2. Information We Collect

Personal Information

We collect personal information that you voluntarily provide when using our Service:

  • Name and email address
  • LinkedIn profile URL and slug
  • Profile information (title, description, pricing)
  • Calendly booking URL
  • Stripe account information (processed and stored by Stripe)
  • Payment transaction details

Automatically Collected Information

When you access the Service, we automatically collect certain information:

  • Browser type and version
  • Operating system
  • IP address
  • Access times and dates
  • Pages viewed and features used
  • Referral URLs

Chrome Extension Data

Our Chrome extension only accesses LinkedIn profile pages (linkedin.com/in/*) and does not collect or transmit any data beyond what is necessary to display your booking button. The extension does not access your browsing history, passwords, or any other personal data.

3. How We Use Your Information

We use the information we collect to:

  • Create and manage your account
  • Process payments and payouts
  • Display your booking button on LinkedIn
  • Facilitate bookings and consultations
  • Send transactional emails (booking confirmations, payment receipts)
  • Provide customer support
  • Improve and optimize the Service
  • Detect and prevent fraud or abuse
  • Comply with legal obligations
  • Send marketing communications (with your consent)

4. How We Share Your Information

We may share your information with:

Service Providers

  • Stripe: Payment processing and payout services
  • Supabase: Database hosting and backend services
  • Vercel: Application hosting
  • Calendly: Scheduling integration

Legal Requirements

We may disclose your information if required by law or in response to valid requests by public authorities (e.g., a court or government agency).

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

  • Encryption of data in transit using SSL/TLS
  • Secure database hosting with Supabase
  • Payment data handled exclusively by PCI-compliant Stripe
  • Regular security audits and updates
  • Access controls and authentication requirements

However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information.

6. Data Retention

We retain your personal information for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy. When you delete your account, we will delete or anonymize your personal information, except where we are required to retain it for legal, regulatory, or legitimate business purposes.

7. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information
  • Portability: Request a copy of your data in a machine-readable format
  • Objection: Object to our processing of your personal information
  • Restriction: Request restriction of processing of your information
  • Withdrawal of Consent: Withdraw consent for marketing communications

To exercise these rights, please contact us at support@marrow.ideatoads.com

8. Cookies and Tracking

We use cookies and similar tracking technologies to:

  • Maintain your login session
  • Remember your preferences
  • Analyze usage patterns and improve the Service
  • Provide personalized content

You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain features of the Service.

9. Third-Party Links

The Service may contain links to third-party websites (LinkedIn, Calendly, etc.). We are not responsible for the privacy practices of these websites. We encourage you to read the privacy policies of any third-party sites you visit.

10. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. California Privacy Rights

California residents have specific rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected, the right to delete personal information, and the right to opt-out of the sale of personal information. We do not sell your personal information. To exercise your CCPA rights, contact us at support@marrow.ideatoads.com

12. GDPR Compliance

If you are located in the European Economic Area (EEA), you have certain data protection rights under the General Data Protection Regulation (GDPR). We process your personal information based on:

  • Your consent
  • Performance of a contract with you
  • Compliance with legal obligations
  • Our legitimate business interests

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

14. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

support@marrow.ideatoads.com