Logo

Privacy Policy

Last updated: June 25, 2026

This Privacy Policy (the “Policy”) explains how Tzory Properties LLC (“Company,” “Anymark,” “we,” “our,” or “us”) collects, uses, discloses, and safeguards personal information when you (“User,” “you,” or “your”) access or use our web-based application, related websites, mobile experiences, and any associated services (collectively, the “Service”). We are a limited liability company organized under the laws of the State of Ohio, United States.

By using the Service, you acknowledge you have read and understood this Policy. If you do not agree, please refrain from accessing or using the Service.

Data Controller. Tzory Properties LLC, 37939 Vine St, Willoughby, OH 44094, United States, is the data controller for personal data processed via the Service. Contact: hi@anymark.co.

1. Information We Collect

CategoryExamplesPurpose
Account InformationName, email address, Google OAuth IDCreate and secure your account
Business DetailsCompany description, industry, target audienceGenerate name ideas, logos, and brand strategy outputs
Payment InformationTokenized payment identifiers (full card data is processed by Stripe and never stored by us)Process purchases, prevent fraud, comply with tax and accounting laws
Generated AssetsLogo files, selected names, brand playbooksStore for future downloads and user reuse
Support & FeedbackHelp-desk messages, survey responsesTroubleshoot and improve the Service

1.1 Information We Collect Automatically

  • Device and browser details (IP address, user-agent, language, approximate location derived from IP)
  • Usage logs (pages viewed, clicks, referring URLs, crash reports, feature interactions)
  • Cookies and similar technologies (see Section 7)

1.2 Information from Third Parties

  • Google Sign-In – authentication credential and basic profile data
  • Advertising and analytics partners – aggregated campaign performance data

We may also create aggregated and anonymized statistics about generated names and logos to improve our algorithms and methodologies. These data sets cannot identify you or your business and are not subject to this Policy.

1.3 Sensitive Personal Information

We do not collect sensitive personal information (“SPI”) as that term is defined under the California Consumer Privacy Rights Act (“CPRA”), the Virginia Consumer Data Protection Act, the Colorado Privacy Act, or comparable laws, except for account credentials and tokenized payment identifiers used to process transactions, which are handled by Stripe.

2. How We Use Your Information

PurposeLegal Basis (GDPR)
Provide, maintain, and improve the ServicePerformance of contract (Art. 6(1)(b))
Process payments and detect fraudPerformance of contract; legitimate interests in fraud prevention (Art. 6(1)(f))
Store your generated logos, names, and playbooks for future accessPerformance of contract
Respond to inquiries and provide supportPerformance of contract
Send service-related emails arising from your activity (e.g., when you generate a logo or start a project)Performance of contract (Art. 6(1)(b))
Conduct analytics to understand usage and improve the ServiceLegitimate interests (Art. 6(1)(f))
Improve automated logo / name suggestions and brand-strategy outputs (using aggregated and anonymized data)Legitimate interests
Comply with legal obligations (tax, accounting, regulatory requests)Legal obligation (Art. 6(1)(c))
Send marketing, promotional, product-update, onboarding, or feature-update emailsLegitimate interests in promoting the Service to existing users where opt-out marketing is permitted (Art. 6(1)(f)); consent where required by law (Art. 6(1)(a))
Deliver and measure marketing or retargeting adsConsent (Art. 6(1)(a))

2.1 Email and Marketing Communications

Service emails. We send transactional and service-related emails (account confirmations, password resets, receipts, file delivery, and notifications tied to specific actions you take in Anymark, such as generating a logo or starting a project) on the basis of contract performance. You cannot opt out of these without closing your account.

Marketing emails. We send marketing, promotional, product-update, onboarding, and feature-update emails about Anymark and similar services. Where your jurisdiction permits direct marketing to existing users on an opt-out basis (for example, the United States under the CAN-SPAM Act), we send these on the basis of our legitimate interest in promoting the Service, and you may opt out at any time using the “unsubscribe” link in every email or by contacting us (see Section 13). Where applicable law requires prior consent (including the EEA, the United Kingdom, and Canada), we send marketing emails only with your prior opt-in consent, which you may withdraw at any time. Opting out or withdrawing consent does not affect the lawfulness of processing carried out beforehand, and we honor such requests promptly. We comply with the CAN-SPAM Act (U.S.), the GDPR and PECR (EEA/UK), and CASL (Canada).

3. Sharing and Disclosure

We do not sell or rent your personal information. We share data only as described below:

RecipientPurpose
Stripe, Inc.Payment processing. We never store full card numbers or CVC codes. Stripe’s use of information is governed by its own privacy policy.
Supabase Inc.Managed PostgreSQL database and object storage
Replit Inc.Application hosting and execution
Google LLCAuthentication (Google Sign-In) and reCAPTCHA security
Anthropic, OpenAI, and similar AI providersAI-assisted generation of logos, names, and brand-strategy outputs, where you submit prompts or business information
Unsplash Inc. (a Getty Images company)Stock photography sourcing for the Brand Photos feature. Search queries and brand brief excerpts are transmitted to the Unsplash API to retrieve relevant photographs. Unsplash's use of data is governed by its own privacy policy at unsplash.com/privacy.
Analytics & ad partnersGoogle Analytics, Hotjar, Meta Pixel, X/Twitter Pixel, Reddit Pixel for site analytics, ad attribution, and cross-context behavioral advertising. For conversion measurement, a hashed version of your email along with event and device data (such as IP address) may also be shared server-to-server with Google (Enhanced Conversions), Meta (Conversions API), and X/Twitter (Conversions API) to match conversions. These technologies operate only after consent where required.
Service providersError logging, email delivery, customer-support tooling
Authorities or legal advisorsWhen required by law, valid legal process, or to protect rights, property, or safety
Successors in interestIn connection with a merger, acquisition, financing, or sale of assets, subject to confidentiality and to this Policy

All service providers are bound by contractual obligations to keep data confidential and to use it only for specified purposes. A current list of sub-processors is available on request at hi@anymark.co; we will provide reasonable advance notice of material changes where required by law.

4. Cross-Context Behavioral Advertising & “Do Not Share”

Under the CPRA and similar state laws, the placement of third-party advertising pixels may constitute “sharing” for cross-context behavioral advertising. We provide a “Do Not Share My Personal Information” link in the footer of our site that allows you to opt out of such sharing. We also honor recognized opt-out preference signals such as the Global Privacy Control (GPC) for users we can identify as covered by applicable state law.

5. International Data Transfers

Personal data may be stored or processed in the United States or other jurisdictions. For transfers from the European Economic Area (EEA), the United Kingdom, or Switzerland, we rely on Standard Contractual Clauses (SCCs) and the UK Addendum or International Data Transfer Agreement (IDTA), as applicable. We conduct Transfer Impact Assessments (TIAs) where required and apply supplementary measures (such as encryption in transit and at rest, access controls, and contractual restrictions) where appropriate to address risks identified in such assessments. You may request a summary of the safeguards in place by contacting us at hi@anymark.co.

6. Data Retention

We retain personal information only as long as necessary for the purposes described in this Policy, to comply with our legal obligations, resolve disputes, and enforce our agreements. Indicative retention periods are:

Data TypeRetention Period
Account data (profile, login)Life of account + 30 days following deletion request
Generated logos, names, and brand playbooksLife of account + 12 months, after which assets may be deleted unless required by law
Payment and transaction records7 years after the relevant transaction (tax, accounting, and audit obligations)
Marketing consent records3 years following withdrawal of consent (to evidence compliance)
Support tickets and correspondence24 months after closure
Server logs (security, debugging)12 months
Aggregated / anonymized dataIndefinite (no longer identifies you)

If you request deletion, we will delete or anonymize your data within 30 days of verification of your identity, except where we are legally required (or permitted under applicable law) to retain it longer (for example, for tax records, fraud prevention, or pending legal claims).

7. Cookies, Tracking Technologies & “Do Not Track”

We set analytics and advertising cookies only after you give explicit consent in our cookie banner where required by applicable law. You can withdraw or change consent at any time via “Cookie Settings” in the footer. Strictly necessary cookies (those required to deliver the Service you have requested) are set without consent.

We use cookies and similar technologies to:

  • Keep you logged in and remember preferences
  • Perform analytics (e.g., Google Analytics, Hotjar)
  • Deliver and measure ads (Meta, X/Twitter, Reddit)

We honor the Global Privacy Control (GPC) signal for users we can identify as covered by applicable state laws. Most browsers also offer a “Do Not Track” setting; because there is no consensus on how to interpret it, we do not currently respond to DNT signals beyond honoring GPC and our cookie-consent controls.

8. Your Privacy Rights

8.1 EEA / UK / Switzerland (GDPR / UK GDPR)

You may request access, rectification, erasure, restriction, portability, or object to processing of your personal data, and withdraw consent at any time. You also have the right not to be subject to a decision based solely on automated processing that produces legal or similarly significant effects (see Section 9). We will respond within 30 days (extendable by up to 60 days for complex requests, with notice). You may lodge a complaint with your local Data-Protection Authority; contact details are available at https://edpb.europa.eu/about-edpb/board/members_en or, for UK residents, with the Information Commissioner’s Office (ICO).

8.2 California Residents (CCPA / CPRA)

You may request to know, correct, delete, limit the use of sensitive personal information, or opt out of “sale” or “sharing” of your personal data. You may also designate an authorized agent to make a request on your behalf. We will respond within 45 days (extendable by an additional 45 days with notice). We will not deny goods or services, charge different prices, or provide a different level of quality if you exercise any CPRA rights. Categories of personal information we have collected, disclosed, or shared in the preceding 12 months are described in Section 1; we have not “sold” personal information for monetary consideration.

8.3 Virginia, Colorado, Connecticut, Utah, Oregon, Texas, Montana, and Other U.S. State Privacy Laws

If your state has enacted a comprehensive privacy law, you may exercise rights consistent with that law, including the right to access, correct, delete, port, and opt out of targeted advertising, sale, or profiling that produces legally or similarly significant effects. We will respond within the period required by your state’s law (generally 45 days). You may have the right to appeal a denial; appeals can be sent to hi@anymark.co.

8.4 Other Jurisdictions

We honor additional rights granted by applicable privacy laws (including, where applicable, Brazil’s LGPD, Canada’s PIPEDA, Australia’s Privacy Act, and Israel’s Privacy Protection Law).

To exercise these rights, please contact us (see Section 13). We may need to verify your identity before fulfilling a request.

9. Automated Decision-Making

Our tools generate logo, name, and brand-strategy suggestions automatically. These processes do not produce legal or similarly significant effects on you. You may request human review of any output by contacting hi@anymark.co. Where the EU AI Act, GDPR Article 22, or analogous laws require additional disclosures, those disclosures will be provided in-product or in this Policy.

10. Security

We use industry-standard safeguards, including TLS in transit, encryption at rest, access controls, and logging. No system is 100% secure, and we cannot guarantee absolute security.

If we become aware of a personal-data breach likely to result in a risk to your rights and freedoms, we will (i) notify the applicable supervisory authority within 72 hours where required by law, and (ii) inform affected individuals without undue delay, as required by applicable law.

11. Children’s Privacy

The Service is intended for users 18 years of age or older. We do not knowingly collect personal data from individuals under 16, and we do not knowingly create accounts for or process purchases from individuals under 18. If we become aware that we have collected personal data from a child in violation of applicable law, we will delete it promptly. Parents or guardians who believe their child has provided personal data may contact us at hi@anymark.co.

12. Changes to This Policy

We may revise this Policy periodically. The updated version will have a new “Last updated” date. Material changes will be communicated via the Service or by email at least 14 days before they take effect, where required by law. Your continued use of the Service after the effective date constitutes acceptance of the revised Policy.

12A. EU Representative

Our representative in the EEA pursuant to Article 27 GDPR is Labor Arti UG (haftungsbeschränkt), Mühlenstr. 8a, 14167 Berlin, Germany. Contact: gdpr@anymark.co (forwarded to our representative). EEA data subjects may contact our representative directly on any matter related to the processing of their personal data.

12B. UK Representative

If we are required to designate a UK representative under the UK GDPR, contact details will be made available here. UK data subjects may, in any event, contact us directly at hi@anymark.co or lodge a complaint with the ICO.

13. Contact Us

If you have questions or would like to exercise your privacy rights, contact us:

Privacy Officer
Tzory Properties LLC
37939 Vine St
Willoughby, OH 44094
United States
Email: hi@anymark.co
EEA GDPR matters: gdpr@anymark.co