Privacy Policy
Privacy Policy for Mara
This Privacy Policy explains how Compiler Inc. ("Compiler," "we," "our," "us") collects, uses, and protects information when you use Mara, our voice-first service that helps you manage email, calendar events, and related tasks hands-free.
What Data Mara Collects
We collect only what we need to deliver and improve the service. Most fields are optional.
| Category | Examples | Why We Need It |
|---|---|---|
| Account Basics | Email address (required); Apple ID if you sign in with Apple | Authenticate you and send essential notices |
| Profile Details | LinkedIn URL you provide & public profile data | Build a private profile so Mara understands your role and priorities |
| Email Content | Headers, body text, labels, metadata | Triage missed messages, summarise threads, draft replies, delete unwanted mail |
| Contacts | Names, email addresses, phone numbers | Ensure commands like "Email Bill" reach the right person |
| Calendar Events | Titles, times, attendees, descriptions | Create, modify, and summarise meetings on request |
| Slack Data | Workspace and channel IDs you connect; messages you forward | Post summaries or drafts into Slack as instructed |
| Voice Audio | Microphone input while you speak to Mara | Convert speech to text, understand commands (audio deleted after transcription ≤ 30 days) |
| Device & Usage | App version, device UUID, crash logs, timestamps | Maintain reliability, debug problems, improve performance |
How We Protect Your Data
All traffic is encrypted in transit with HTTPS/TLS. Data at rest is encrypted in a Supabase Postgres database located in the United States. Production access is limited to authorised personnel under strict least-privilege rules. We conduct regular security reviews and penetration tests.
What Mara Does Not Do
- We never sell or rent your personal data.
- We do not use your data for third-party advertising or marketing.
- We share data only with subprocessors essential to deliver the service (see below).
Service Providers We Rely On
Each provider below is bound by strong privacy and security obligations:
- Apple — Sign-in with Apple (policy)
- Google / Microsoft — Email & calendar APIs (respective policies)
- Slack — Message delivery (policy)
- OpenAI — Natural-language processing (policy) — data deleted ≤ 30 days, not used to train public models
- Supabase — Encrypted database & storage (policy)
- Cloudflare — Edge infrastructure & DDoS protection (policy)
- Amplitude (optional) — Product analytics (policy)
Your Rights and Control
You may access, correct, export, or delete your personal data at any time in the app settings or by contacting us at privacy@maravoice.app. Verified deletion requests are fulfilled within 30 days except where retention is required by law. Under GDPR, CCPA, and similar laws, you may also object to processing or lodge a complaint with a supervisory authority.
Children's Privacy
Mara is not directed to children under 16, and we do not knowingly collect their data. If you believe we have done so, contact us for deletion.
International Users and Data Transfers
Mara operates from the United States. By using the app from outside the U.S., you consent to the transfer of your information to the U.S. or other jurisdictions whose data-protection laws may differ.
Changes to This Policy
We will notify you in-app or via email before making material changes to how we use your data.
- June 02 2025: Initial version for Mara.
Contact Us
For privacy questions or concerns, email privacy@maravoice.app.