Privacy Policy

Last updated: 11 June 2026

Who we are

Marcean Ltd provides re:schema — an AI business identity platform for websites. Contact: hello@reschema.org.

Privacy-first by design

re:schema is designed to collect zero personal data from your website visitors. Needs no consent, sets no cookies. The client-side script identifies known AI crawler user-agent strings at the Cloudflare edge. Raw request data is never stored. Only anonymised bot-type counts are recorded for your dashboard.

What data we collect and why

Account data: Email address when you create an account. Lawful basis: contract. Retention: duration of account.

Website URLs: The domain you submit for verification and AI identity management. Lawful basis: contract (necessary to provide the service). Retention: duration of account.

Anonymised bot-type counts: Aggregate counts of AI crawler types detected per domain (e.g. "3 GPTBot visits, 2 ClaudeBot visits"). No IPs, no individual session data, no user-agent strings stored. Lawful basis: legitimate interest (providing the analytics feature you subscribed to). Retention: 90 days.

Billing data: Name, company, address, and VAT number for invoicing — collected only when you upgrade to a paid plan, and processed by Stripe. Marcean Ltd does not store payment method details. Lawful basis: contract and legal obligation. Retention: 6 years (UK tax law requirement).

What we do NOT collect

  • IP addresses of website visitors
  • Full user-agent strings
  • Cookies or tracking identifiers
  • Session data or individual visitor behaviour
  • Page content (drift detection uses cryptographic hashes only)
  • Personal data of any kind from your website traffic

Who we share data with

We use the following data processors, each bound by contract:

  • Cloudflare — hosting, CDN, and security
  • Resend — transactional email delivery
  • Stripe — payment processing

Data Processing Agreement

If your business requires a Data Processing Agreement under UK GDPR, we provide one. See /data-processing-agreement or email hello@reschema.org.

Data security

All data is transmitted over TLS 1.3. We use industry-standard security practices for data storage and access control. Our infrastructure runs entirely on Cloudflare Workers — no servers, no traditional database hosts.

International data transfers

Our processors (Cloudflare, Resend, Stripe) may process data in the United States and other jurisdictions under Standard Contractual Clauses. The service is available globally — by using it you agree to these transfers where applicable under your local law.

Your rights

Under UK GDPR and the Data Protection Act 2018, you have the right to access, rectify, erase, restrict, object to, and port your personal data. To exercise any of these rights, email hello@reschema.org.

You also have the right to complain to the Information Commissioner's Office (ICO).