Data Security FAQ
Your deal data is sensitive. It contains your pricing, your margins, your customers, and your competitive strategy. We take that seriously. Here's exactly how MarginArc protects your information.
Your Deals Are Private
Every deal you score is visible only to you. Period.
Your account has its own isolated data space. No other MarginArc user -- not even someone at the same company on a different account -- can see your deals, scores, customers, or any other data you've entered.
This isolation is enforced at the data layer, not just the application layer. Even if there were a bug in the user interface, the underlying data protections prevent cross-account access.
Encryption
In transit: All data sent between your browser and MarginArc is encrypted using TLS 1.2+ (the same encryption used by banks and healthcare systems). This applies to everything -- deal uploads, scoring requests, results, and account information.
At rest: Your stored data (deals, scores, uploaded documents) is encrypted at rest using AES-256 encryption. This means even if the raw storage were somehow accessed, the data would be unreadable without the encryption keys.
What Happens to Uploaded PDFs
When you upload a quote PDF:
- The file is transmitted over an encrypted connection.
- MarginArc extracts the relevant pricing data from the document.
- The extracted data is stored (encrypted) as part of your deal record.
- The original PDF is stored securely and associated with your account.
- Only you can access the PDF or the extracted data.
We Don't Sell Your Data
MarginArc does not sell, license, rent, or otherwise share your deal data with anyone. This includes:
- Other MarginArc users
- Distributors
- OEMs
- Data brokers
- Marketing companies
- Any third party
Your data is yours. Full stop.
We Don't Share Data Between Users
When MarginArc provides market intelligence and pricing benchmarks, this comes from our proprietary research database -- not from aggregating user deals.
We do not:
- Show one user's deals to another user
- Aggregate individual deal data into benchmarks visible to others
- Allow OEMs or distributors to see what prices VARs are charging
- Create any reports or analytics that could identify individual users or their deals
We Don't Train AI on Your Specific Deals
Your deal data is not used to train machine learning models that other users benefit from. When we improve our scoring intelligence, it's based on our proprietary research into OEM programs, pricing structures, and market dynamics -- not on the specific contents of your deals.
You Control Your Data
You always have the ability to:
- Export your data. Download your deals, scores, and history at any time from your account settings.
- Delete individual deals. Remove any deal and its associated data (including uploaded PDFs) from your account.
- Delete your account. Request complete account deletion, which removes all your data from our systems.
Data deletion is permanent and typically processed within 48 hours of the request.
Access Controls
- Single sign-on (SSO): Your account is protected by secure authentication.
- Session management: Sessions expire after periods of inactivity. You can sign out from all devices at any time.
- No shared passwords: Each user has their own account with their own credentials.
Infrastructure Security
- Our infrastructure runs in a professionally managed cloud environment with enterprise-grade security controls.
- All systems are regularly updated with security patches.
- We use monitoring and alerting to detect and respond to potential security issues.
- Backups are encrypted and stored separately from the primary systems.
Compliance and Standards
MarginArc follows security best practices aligned with industry standards:
- Regular security assessments and code review
- Principle of least privilege for internal access
- Audit logging for sensitive operations
- Incident response procedures in place
Questions?
If you have specific questions about how we handle your data, contact us at security@marginarc.com. We're happy to answer questions, provide additional detail, or discuss specific compliance requirements.
For our full privacy policy, visit marginarc.com/privacy.