Skip to content
MARC
Legal

Privacy Policy

Last updated 8 July 2026

This Privacy Policy explains how Mediacle Limited collects and uses personal data in connection with the MARC website (marc.mediacle.com) and the MARC software service. It is written for a business-to-business audience: our customers’ account administrators, Authorised Users, prospective customers and website visitors. We are the controller of the personal data described here. Where we process personal data within content a customer submits to or directs through the Service, we do so as a processor on that customer’s behalf, and our Data Processing Addendum applies to that processing rather than this Policy.

1. Who we are and how to contact us

Mediacle Limited (company number 08757407), 16 Upper Woburn Place, London, WC1H 0BS, United Kingdom, is the controller. For any privacy question or to exercise your rights, contact [email protected].

2. Personal data we collect

Depending on how you interact with us, we may collect:

  • Account and business contact data: name, business email, job title, employer, telephone number, and account credentials.
  • Billing and transaction data: billing contact, billing address, VAT details, subscription and payment records. Card and payment details are collected and processed by our payment processor, Stripe; we do not store full card numbers.
  • Service usage and audit data: log-in records, activity within the Service, audit logs, IP address, device and browser information, and support interactions.
  • Website and cookie data: information collected through cookies and similar technologies as described in our Cookie Policy, including analytics data.
  • Marketing data: your contact details and preferences where you sign up for communications or where we contact you on a business basis.
  • Communications: the content of emails, support tickets and other correspondence with us.

We do not intend to collect special category personal data through the Service’s account and administration functions. Please do not send us special category data except where necessary and lawful.

3. How we collect personal data

We collect personal data: directly from you (when you register, subscribe, contact us or use the Service); automatically (through your use of the Website and Service, including cookies and logs); and from third parties (such as Stripe for payment confirmation, and business or analytics providers).

4. Why we use personal data and our lawful bases

PurposeLawful basis
To create and administer accounts and provide the ServicePerformance of a contract
To take payment and manage billing (via Stripe)Performance of a contract; legal obligation
To provide support and respond to enquiriesPerformance of a contract; legitimate interests
To secure the Service, maintain audit logs and prevent misuseLegitimate interests (security and integrity); legal obligation
To improve and develop the Service, including through aggregated and anonymised dataLegitimate interests (improving our products)
To send service and administrative messagesPerformance of a contract; legitimate interests
To send business marketing about MARCLegitimate interests or consent, as applicable
To comply with legal, accounting and regulatory obligationsLegal obligation
To establish, exercise or defend legal claimsLegitimate interests

Where we rely on legitimate interests, we have assessed that our interests are not overridden by your interests or rights. You may ask us about this assessment.

5. Marketing

We may send business-to-business marketing about MARC to relevant contacts, relying on legitimate interests or consent as required by law. You can opt out at any time using the unsubscribe link in our emails or by contacting [email protected]. Opting out of marketing does not stop service and administrative messages.

6. Sharing personal data

We share personal data with:

  • Service providers and sub-processors who help us run MARC, including hosting and infrastructure providers, our AI/large-language-model providers (currently Anthropic and OpenAI), our payment processor (Stripe), analytics providers, email and communications providers, and support tools. They act on our instructions under appropriate contracts.
  • Professional advisers, including lawyers, accountants and auditors.
  • Authorities, regulators and courts where required by law or to protect our rights.
  • Purchasers or successors in the context of a reorganisation, merger, sale or similar transaction.

We do not sell personal data.

7. International transfers

Some of our providers are located outside the United Kingdom, principally in the United States (including Anthropic, OpenAI and Stripe). Where we transfer personal data outside the UK, we rely on an appropriate safeguard, such as UK adequacy regulations, the UK International Data Transfer Agreement, or the UK Addendum to the EU Standard Contractual Clauses, together with additional measures where needed. You can request more information about the safeguards we use by contacting [email protected].

8. Retention

We keep personal data only for as long as necessary for the purposes described, including to provide the Service, meet legal, accounting and tax obligations (generally at least six years for financial records), resolve disputes and enforce our agreements. Account and usage data is generally retained for the duration of the customer relationship and for a reasonable period afterwards, after which it is deleted or anonymised.

9. Security

We maintain appropriate technical and organisational measures to protect personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage, including access controls, encryption in transit, audit logging and supplier due diligence. No system is completely secure, and we cannot guarantee absolute security.

10. Your rights

Subject to applicable law, you have rights to: access your personal data; request correction; request erasure; restrict or object to processing; data portability; and withdraw consent where processing is based on consent. Where we process personal data as a processor on a customer’s behalf, requests should be directed to that customer as the controller.

To exercise your rights, contact [email protected]. We may need to verify your identity. You also have the right to complain to the Information Commissioner’s Office (ICO) at ico.org.uk, although we would welcome the chance to address your concerns first.

11. Cookies

Our Website uses cookies and similar technologies as described in our Cookie Policy.

12. Changes to this Policy

We may update this Policy from time to time. The current version is published on the Website with the date it was last updated. Material changes will be notified where appropriate.

13. Contact

Questions about this Policy or our data practices: [email protected], or Mediacle Limited, 16 Upper Woburn Place, London, WC1H 0BS.

Questions about this page? Email [email protected] or write to Mediacle Limited, 16 Upper Woburn Place, London, WC1H 0BS United Kingdom