1. Who We Are
Markus Tech Ltd ("Markus", "we", "us", "our") is a company registered in England and Wales (Company Number: 16443285), with registered office at 49 Premier Avenue, Grays, RM16 2SB. Markus is registered with the Information Commissioner's Office (ICO) as a fee payer under registration reference ZC106423.
For general enquiries: info@markus.tech
2. Our Role in Data Processing
Markus operates in two distinct roles depending on context:
A. Website & Direct Enquiries
For visitors to our website and direct communications, Markus acts as a data controller. This Privacy Policy applies to these activities.
B. Markus Platform
When providing services to educational institutions, Markus acts as a data processor, processing personal data only on the documented instructions of the institution (data controller).
Data processing within the platform is governed by our Data Processing Agreement (DPA), not this Privacy Policy.
3. Information We Collect
A. Website & Enquiries Controller
- Name, email, organisation (contact forms, emails)
- Basic technical data (IP address, browser type)
B. Platform Data Processor
We process only the data necessary to deliver the service, typically:
- Student name
- Student email address
- Assessment responses (including uploaded work)
- Marks, feedback, and progress data
Markus does not collect behavioural tracking data, profiling data, or advertising data.
4. How We Use Information
A. As Data Controller Controller
- Respond to enquiries
- Provide information about our services
- Improve website functionality
B. As Data Processor Processor
We process data solely to:
- Deliver automated marking and feedback
- Provide analytics and progress tracking to educators
- Maintain platform functionality and security
We do not use student data for marketing or model training.
5. Legal Basis Controller Activities Only
- Legitimate interest (website operation, enquiries)
- Contract (where applicable)
- Consent (cookies, marketing where used)
6. Sub-processors
Markus uses a limited number of carefully selected sub-processors, including:
- Cloud hosting (Google Cloud Platform, EU)
- AI processing services (e.g. OpenAI)
- Authentication providers (Microsoft, Google)
All sub-processors:
- Are bound by data protection obligations
- Process data only to deliver the service
- Do not use customer data for independent purposes
A current sub-processor list is publicly available and provided to customers on request.
7. International Transfers
Where data is transferred outside the UK or EU (e.g. AI processing services):
- Standard Contractual Clauses (SCCs) are in place
- Additional safeguards are applied where required
8. Data Retention
For platform data (processor role):
- Data is retained in line with customer agreements
- Typically retained for the duration of the contract
- Deleted within 60 days of contract termination
- No long term or open ended retention
- Certain sub-processors may retain data for shorter periods in line with their own policies (for example, API providers such as OpenAI retain data for up to 30 days for security and abuse monitoring purposes only)
9. Security
Markus applies a security first approach, including:
- EU based cloud infrastructure
- Encryption in transit and at rest
- Role based access controls
- Federated authentication (Microsoft / Google)
Markus does not currently use third party analytics, tracking, or external logging tools.
10. Your Rights
For platform data, requests should be directed to the educational institution (data controller).
For website data, you have the right to:
- Access
- Rectification
- Erasure
- Restriction
- Object
Contact: info@markus.tech
11. Cookies
We use only essential and minimal functional cookies.
We do not use tracking or advertising cookies.