Privacy Policy

Effective date: February 15, 2026

This Privacy Policy describes how Unmarkdown ("we," "us," or "our") collects, uses, and protects your information when you use Unmarkdown™ ("Service").

Information We Collect

Account Information

When you create an account, we collect:

  • Email address (required for magic link authentication)
  • Display name (optional)
  • Username (optional)
  • Avatar image (optional)

OAuth Providers

If you sign in with Google or GitHub, we receive your email address and display name from the provider. We do not receive or store your password from any OAuth provider.

Content

We store the markdown content you create, including document titles, templates applied, and publishing settings. Your content is stored on Supabase (hosted on AWS).

Usage Data

We collect anonymous usage data including:

  • Page views on published documents (visitor hash, referrer domain, country code, device type)
  • API usage metrics (call counts, endpoints used)
  • Feature usage (templates selected, AI actions used)

We do not collect IP addresses in analytics. Visitor hashes are computed client-side using a truncated SHA-256 hash that cannot be reversed to identify individuals.

Payment Information

Payment processing is handled entirely by Stripe. We do not store credit card numbers or payment method details on our servers. We receive confirmation of subscription status from Stripe.

How We Use Your Information

  • To provide the Service: Store and render your content, manage your account, process subscriptions.
  • To improve the Service: Analyze aggregate usage patterns to improve features and performance.
  • To communicate: Send transactional emails (magic links, share notifications) via Resend.

We do not sell your personal information to third parties.

Data Storage and Security

  • Content is stored on Supabase (PostgreSQL, hosted on AWS, US region).
  • Images are stored on Supabase Storage (S3-compatible).
  • API keys are stored as SHA-256 hashes (the original key is never stored).
  • All data transmission uses HTTPS/TLS encryption.

Third-Party Services

We use the following services that may process your data:

ServicePurposeData Shared
SupabaseDatabase, auth, storageAccount data, content
StripePaymentsEmail, subscription data
VercelHostingRequest metadata
ResendTransactional emailEmail address
Google FontsFont loadingNone (no cookies)

Data Retention

  • Active account data is retained as long as your account exists.
  • Deleted accounts enter a 30-day grace period, after which data is permanently deleted.
  • Demo documents (created without authentication) are automatically deleted after 72 hours.
  • Published document view analytics are retained for the lifetime of the document.

Your Rights

You have the right to:

  • Access your personal data via your account settings
  • Export your content as markdown at any time
  • Delete your account and all associated data
  • Correct your account information via settings
  • Object to data processing by contacting us

Cookies

We use minimal cookies:

  • Authentication cookies: Required for sign-in sessions (Supabase auth tokens)
  • No tracking cookies: We do not use advertising or third-party tracking cookies
  • localStorage: Used for editor preferences (template, layout, theme) that stay on your device

Children's Privacy

The Service is not intended for children under 13. We do not knowingly collect information from children under 13.

Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by posting the updated policy with a new effective date.

Contact

For privacy-related questions or requests, contact us at hello@unmarkdown.com.