Privacy policy

Marque is a private application for serious car collectors, operated by Corto BV, a private limited company registered in Belgium under VAT number BE 0899.354.207 ("we", "us"). Corto BV is the data controller for the personal data you place into Marque.

We treat the data you put into the app the way a private bank treats client records: with discretion, on a need-to-know basis, and with the assumption that it must never leak. This page explains, in plain terms, what we collect, why, and what your rights are.

What we collect

Account data: your email address and a password hash. Nothing else identifies you to us.
Collection data: the vehicles you record (make, model, year, mileage, modifications, photos, valuations, sale records) and the documents you upload to the vault.
Conversation data: messages you exchange with the advisor, plus structured data the advisor extracts from those messages.
Operational data: minimal logs at the server level (auth events, error traces). No analytics, no behavioural tracking, no advertising identifiers.
Invitation requests. If you sign up for an invitation on marque-app.com, we store the email address you provided — and, if you ticked the box, your interest in joining the beta — in a Google Sheet operated by Corto BV. We hold it solely to send you an invitation. The email is not shared, sold, or used for marketing.

Why we collect it

Strictly to operate the app you signed up for. The collection data populates your collection. The conversation data lets the advisor remember context. The operational data lets us diagnose service failures.

Where it lives

Database & document storage: Supabase (Frankfurt region). Encrypted at rest and in transit. Row-level security restricts every record to its owner — even Marque's own engineers cannot read your records without explicit elevated access.
AI processing: Anthropic. When you message the advisor or upload a document for analysis, the relevant content is sent to Anthropic's Claude API for processing. Anthropic does not retain that data for training (per their commercial terms).
App distribution: Apple (App Store / TestFlight). Apple receives only what is required to deliver the app; they never receive your collection data.

What we do not do

We do not sell your data.
We do not share your data with insurers, auction houses, dealers, or any third party.
We do not run advertising or behavioural analytics.
We do not require your real name. Your collection is yours; your identity stays yours.

Your rights (GDPR)

If you are in the EU/EEA you have the right to access, correct, export, and delete your data at any time. Account deletion is one click in-app and triggers immediate deletion of every associated database row and storage object. You may also email bert@marque-app.com to make a request manually.

Security incidents

In the unlikely event of a security incident affecting your data, we will notify you by email within 72 hours of confirming the incident, with a description of what happened and what we are doing about it.

Contact

Data controller: Corto BV (VAT BE 0899.354.207), Belgium.
For privacy questions or requests: bert@marque-app.com
For technical support: support@marque-app.com
General: hello@marque-app.com

Changes to this policy

If we ever materially change what we collect or what we do with it, we will email every active account before the change takes effect. The "Last updated" date at the top of this page reflects the most recent revision.