Privacy Policy
Last updated: May 24, 2026
Multimar ("Multimar," "we," "us," or "our") operates the Multimar platform at app.multimar.ai (the "Service"). This Privacy Policy describes how we collect, use, store, and share information when you use the Service, and the choices you have regarding that information.
By using the Service you agree to the practices described in this policy. If you do not agree, please do not use the Service.
1. Who we are
Multimar is an early-stage software company that provides AI-assisted tools for local service businesses to manage their online presence, including Google Business Profile, reviews, posts, and related marketing channels. The Service is operated by Multimar's founder, who can be reached at admin@multimar.ai.
2. Information we collect
We collect only the information needed to operate the Service for you and your business.
Account information. When you sign up, we collect your name, email address, and authentication credentials (managed through Google Sign-In or Supabase Auth). If you sign in with Google, we receive your basic profile information (name, email, profile picture, language preference) from Google.
Business data from connected accounts. When you connect a Google account, you authorize Multimar to access specific data on your behalf through Google APIs. Depending on the scopes you grant, this may include:
- Google Business Profile data — business name, address, categories, hours, services, products, photos, posts, reviews and review replies, customer questions, performance insights, and related metadata for the locations you manage.
- Google Search Console data — keyword queries, impressions, clicks, click-through rate, and page-level performance for properties you grant access to.
- Basic Google account information — email address, name, and Google account ID for sign-in and to identify the connected account.
We only access the scopes you explicitly approve during the OAuth consent flow.
Information you provide directly. Settings, approval decisions on drafted content, notes you add to clients or reviews, and any feedback you send us.
Automatically collected information. Standard application logs (IP address, browser type, pages viewed, timestamps, error traces) used to operate, secure, and improve the Service. We do not use third-party advertising trackers.
3. How we use information
We use the information we collect to:
- Provide, operate, and maintain the Service, including running the AI agents you configure (for example, drafting review replies, generating posts, producing performance reports).
- Authenticate you and keep your account secure.
- Display your business data inside your Multimar workspace and to clients you grant access to.
- Generate AI-assisted content using large language model providers (currently Anthropic). Your business data may be included in prompts sent to these providers solely to produce the output you requested.
- Respond to your support requests, send service-related notifications, and contact you about your account.
- Detect and prevent abuse, fraud, and security incidents.
- Comply with legal obligations.
We do not sell your personal information. We do not use your data or your connected Google account data for advertising. We do not use your Google user data to train generalized AI or machine learning models.
4. Google API Services User Data Policy — Limited Use
Multimar's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Specifically:
- We only use Google user data to provide or improve user-facing features that are prominent in the Multimar Service.
- We do not transfer Google user data to third parties except as necessary to provide or improve those features, to comply with applicable law, or as part of a merger, acquisition, or sale of assets with notice to users.
- We do not use Google user data for serving advertisements.
- We do not allow humans to read Google user data unless we have your affirmative consent, it is necessary for security purposes (such as investigating abuse), to comply with applicable law, or the data is aggregated and used for internal operations in accordance with applicable privacy policies.
5. How we share information
We share information only in the limited circumstances below.
Service providers (sub-processors) that help us run the Service. Each is bound by data-protection terms and only receives the data needed to perform its function:
- Supabase — application database and authentication (data hosted in the United States).
- Vercel — application hosting and serverless functions.
- Anthropic — large language model inference for AI-drafted content. Anthropic processes prompts to generate outputs and, per their commercial terms, does not use that input or output to train its models.
- Google — for the APIs you authorize us to call on your behalf.
Clients you grant access to. If you invite a client or teammate into a workspace, they can see the data associated with that workspace based on the permissions you assign.
Legal and safety. We may disclose information if required by law, court order, or to protect the rights, property, or safety of Multimar, our users, or the public.
Business transfers. If Multimar is involved in a merger, acquisition, financing, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your information becomes subject to a different privacy policy.
6. Where information is stored
Data is stored on infrastructure operated by our sub-processors, primarily in the United States. By using the Service from outside the United States you consent to the transfer of your information to the United States.
7. How long we keep information
We keep account information for as long as your account is active and for a reasonable period afterward to comply with legal obligations and resolve disputes. Connected Google data is retained while the connection is active. When you disconnect a Google account or close your Multimar account, we delete the associated Google data within 30 days, except where retention is required by law.
You can request deletion of your data at any time by emailing admin@multimar.ai.
8. Your choices and rights
You can:
- Review and update your account information from the Settings page.
- Revoke Multimar's access to your Google account at any time at https://myaccount.google.com/permissions. Revocation stops further access but does not delete data already retrieved; email us to request deletion.
- Request a copy of your personal information, request correction of inaccurate information, or request deletion by emailing admin@multimar.ai.
- Opt out of non-essential email communications using the unsubscribe link in those messages.
Depending on where you live, you may have additional rights under laws such as the GDPR (European Economic Area, UK), CCPA/CPRA (California), or similar laws. We will honor those rights as required by applicable law.
9. Security
We use industry-standard safeguards including encryption in transit (TLS), encryption at rest for stored data via our infrastructure providers, access controls, and least-privilege practices for internal systems. No system is perfectly secure; if we become aware of a breach affecting your data we will notify you and the relevant authorities as required by law.
10. Children's privacy
The Service is not directed to children under 16 and we do not knowingly collect personal information from them. If you believe a child has provided us with personal information, please contact admin@multimar.ai and we will delete it.
11. Changes to this policy
We may update this Privacy Policy from time to time. If we make material changes we will notify you by email or through the Service before the changes take effect. The "Last updated" date at the top reflects the most recent revision.
12. Contact us
Questions, requests, or complaints about this policy or our handling of your information can be sent to:
Email: admin@multimar.ai
Website: https://app.multimar.ai