Security & data practices

MarqOps connects to your marketing data and brand assets, so we treat security as a first-class part of the product — not an afterthought. Here’s exactly how your data is handled.

SOC 2-compliant infrastructure

MarqOps runs on Supabase and Vercel — both independently audited to SOC 2 Type II. Your data lives in managed Postgres with automated backups and no self-managed servers to misconfigure.

Encrypted in transit and at rest

All traffic is served over TLS (HTTPS). Data at rest is encrypted by our database provider. Secrets and API keys are stored as encrypted environment variables, never in the codebase.

Workspace-level isolation

Every brand workspace is isolated with Postgres row-level security, so one account can never read another account’s data. Server-side operations use scoped, least-privilege access.

Scoped, revocable integrations

When you connect Google Search Console, Analytics, or Ads, we request the minimum OAuth scopes needed and store refresh tokens encrypted. You can revoke access anytime from your Google account or from MarqOps.

We don’t sell your data

Your brand data, analytics, and content are used only to deliver the product to you. We never sell or share it with advertisers or data brokers. Delete your account and we delete your data.

Authentication done right

Sign-in is via Google OAuth or one-time magic links — we never store passwords. Admin surfaces are gated behind explicit role checks.

Report a vulnerability

Found a security issue? We appreciate responsible disclosure. Email info@marqops.com and we’ll respond quickly.

Questions about data handling? See our Privacy Policy.

MarqOps is built on SOC 2-compliant infrastructure (Supabase, Vercel). MarqOps has not separately completed its own SOC 2 audit; we’ll update this page if that changes.