Privacy Policy

Last updated: March 2026

1. Introduction

MarketLab ("we," "us," or "our") operates the market-lab.ai website and the MarketLab platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By accessing or using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.

2. Information We Collect

2.1 Account Information

When you register, we collect your name, email address, company name, and password. If you sign up via a social provider (e.g., Google OAuth), we receive your basic profile information from that provider.

2.2 Billing Information

Payment details (credit card numbers, billing addresses) are collected and processed by our payment processor, Stripe. We do not store full payment card numbers on our servers.

2.3 Usage Data

We automatically collect information about how you interact with the Service, including pages visited, features used, experiments created, browser type, IP address, device information, and referral URLs.

2.4 Marketing Platform Data

When you connect your Meta Ads or Google Ads accounts, we access campaign performance data (impressions, clicks, conversions, spend) through the respective platform APIs. We only access data necessary to run and analyze your experiments.

2.5 Content You Provide

This includes ad copy, email content, brand information, experiment configurations, and any other content you create or upload to the Service.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Process transactions and manage your subscription
  • Generate AI-powered ad copy and email variants using Anthropic's Claude
  • Run and analyze A/B testing experiments across Meta Ads, Google Ads, and Email
  • Send transactional emails (account confirmations, experiment results, billing receipts)
  • Send marketing communications (with your consent; you can opt out at any time)
  • Monitor and analyze usage trends to improve user experience
  • Detect, prevent, and address technical issues or abuse

4. Third-Party Services

We share data with the following third-party services only as necessary to operate the Service:

  • Supabase — Authentication, database hosting, and file storage
  • Stripe — Payment processing and subscription management
  • Anthropic (Claude) — AI-powered content generation (ad copy, email variants, reports)
  • Meta Platforms (Facebook/Instagram APIs) — Managing and measuring Meta ad experiments
  • Google (Google Ads API) — Managing and measuring Google ad experiments
  • HubSpot — CRM and customer communication
  • Resend — Transactional and marketing email delivery

Each third-party provider processes data in accordance with their own privacy policies. We encourage you to review their respective policies.

5. Cookies and Tracking

We use cookies and similar tracking technologies to maintain your session, remember your preferences, and understand how you use the Service. These include:

  • Essential cookies — Required for authentication and core functionality
  • Analytics cookies — Help us understand usage patterns (e.g., PostHog)

You can instruct your browser to refuse cookies or to indicate when a cookie is being sent. However, some parts of the Service may not function properly without cookies.

6. Data Storage and Security

Your data is stored on servers managed by Supabase (hosted on AWS). We implement industry-standard security measures including encryption in transit (TLS), encryption at rest, role-based access controls, and regular security reviews.

While we strive to use commercially acceptable means to protect your data, no method of electronic storage is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your account data for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it for legal, tax, or compliance purposes.

Experiment data and analytics may be retained in anonymized, aggregated form for product improvement purposes.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict processing of your data
  • Request portability of your data
  • Withdraw consent at any time (where processing is based on consent)

To exercise any of these rights, please contact us at privacy@market-lab.ai. We will respond to your request within 30 days.

9. International Data Transfers

Your information may be transferred to and maintained on servers located outside your country of residence. By using the Service, you consent to such transfers. We ensure appropriate safeguards are in place in compliance with applicable data protection laws.

10. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the Service after changes are posted constitutes acceptance of the revised policy.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: privacy@market-lab.ai