Marqio
Sign in
GDPR · Mandatory information

Privacy policy.

As of 2026-04-30
GDPR Art. 13/14

1. Controller

Shio Ventures GmbH, Straßburger Straße 55, 10405 Berlin, Germany. Commercial register: HRB 82142 B, Charlottenburg local court. Contact: datenschutz@marqio.ai.

2. Data collected

  1. Account data (name, email address, authentication factors via Clerk, payment method via Stripe).
  2. File data (company ideas, candidate names, clearance results, domain status, logo briefs, logo renders).
  3. Token data (balance, hold/capture ledger, pack purchases, Stripe transaction IDs).
  4. Technical logs (IP address, user agent, request timestamps, error stacks).
  5. Anti-abuse data (IP throttle counter for welcome-bonus grant).

3. Purposes of processing

Provision of contractual services (naming, clearance, domain comparison, logo brief), token-balance billing, operational security, abuse prevention for the welcome bonus, fulfilment of statutory obligations.

4. Legal bases

Art. 6(1)(b) GDPR (contract performance — naming, clearance, domain, design, token billing), (c) (legal obligations — tax and commercial law), (f) (legitimate interest — operational security, error monitoring, anti-abuse protection for the welcome bonus).

5. Recipients and processors

  1. Cloudflare, Inc. Hosting, edge compute, object storage (R2), database (D1), analytics. Storage location EU (Frankfurt).
  2. Clerk, Inc. Authentication, passkey management, session management.
  3. Stripe Payments Europe Ltd. Payment processing for token packs.
  4. Anthropic, PBC AI inference for candidate names, classification in clearance and logo-brief generation. Anthropic does not use file data for model training.
  5. fal.ai (Featherless AI Labs, Inc.) AI inference for logo-mark render (Recraft, Ideogram, Flux) and SVG vectorisation of the final mark.
  6. Voyage AI Innovations, Inc. Embedding service for semantic similarity assessment in clearance.
  7. Brandfetch B.V. Logo lookup service for reference-mark display in the file context.
  8. Functional Software, Inc. (Sentry) Error and performance monitoring.

Data-processing agreements per Art. 28 GDPR are in place with all processors. Current DPA versions are available on request from datenschutz@marqio.ai.

6. Affiliate outlinks to domain registrars

The domain module links via affiliate outlinks to Namecheap, Porkbun, IONOS and Gandi. These providers are not processors but independent controllers. Data processing at the registrar starts only when the outlink is clicked and follows the registrar’s privacy policy.

7. Third-country transfers

Cloudflare operates EU storage locations for Marqio (Frankfurt). US transfers occur with Clerk, Stripe, Anthropic, fal.ai, Voyage AI and Sentry; Brandfetch processes in the Netherlands. US transfers rely on the EU standard contractual clauses (SCCs, Decision 2021/914) and, where available, on recipient self-certification under the EU-US Data Privacy Framework.

8. Retention period

File data is kept for the duration of the account and removed from live systems within 30 days after account deletion. Billing and token-ledger data are subject to statutory retention (10 years per § 147 AO and § 257 HGB). Technical logs are deleted after 90 days. Welcome-grant attempts (IP throttle audit) are deleted after 30 days.

9. Rights of the data subject

You are entitled to access (Art. 15 GDPR), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20) and objection (Art. 21). Complaints can be filed with the competent supervisory authority — for Shio Ventures GmbH this is the Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstraße 219, 10969 Berlin.

10. Cookies and similar technologies

Marqio uses strictly necessary cookies and browser storage: Clerk session cookies for sign-in, a napkin session cookie for anonymous naming drafts before login, and sessionStorage entries to restore file drafts. We use no marketing cookies and no third-party trackers. Cloudflare Analytics operates cookie-free.

11. Contact

Data protection inquiries, DPA provision and data-subject rights: datenschutz@marqio.ai. No external data protection officer has been appointed; under § 38 BDSG, Shio Ventures GmbH currently has no appointment obligation.