● Privacy
Privacy Policy
Last updated: July 8, 2026
The short version
Markloom is an editor over storage you already own. Your documents live in your Google Drive or your GitHub repository — Markloom has no database and keeps no copy of any file. There is nothing of yours on our servers to lose, sell, or leak.
What we store
- A session cookie — an encrypted token containing your name, email, and the OAuth access token for the storage provider you signed in with. It lives in your browser and is decrypted only on our server to proxy your requests. Signing out deletes it.
- Nothing else. No database, no analytics trackers, no advertising identifiers. File contents pass through our server memory during a save or load and are never written to disk or logs.
What we can access
- Google Drive — the
drive.filescope: only files Markloom created or files you explicitly opened with it. The rest of your Drive is invisible to us. - GitHub — only the repositories you installed the Markloom app on (typically just
markloom-notes).
You can revoke this access at any time from your Google account permissions or GitHub installations. Your files are unaffected either way — they were always yours.
The playground
The no-account playground runs entirely in your browser. Drafts and their version history are stored in your browser's localStorage and IndexedDB and never touch our servers. Clearing your browser data deletes them.
Third parties
Signing in and syncing files means your requests flow to Google or GitHub under their own privacy policies. Our hosting provider records standard, short-lived request logs (IP, path, status) as any web host does — never file contents or tokens.
Changes & contact
If this policy changes, the date above changes with it. A support contact will be published here at launch.