mymarks beta
We're still building — things may change, but your bookmarks are safe and nothing will be deleted.

Privacy policy

Last updated: March 2025

1. Who we are

mymarks is a bookmarking service operated by ramlev.dk, based within the European Union. This policy explains what personal data we collect, how we use it, and what rights you have under the General Data Protection Regulation (GDPR).

2. Data we collect

We collect only the data you provide directly:

  • Account data — your email address, username, and hashed password.
  • Bookmarks — URLs, titles, descriptions, tags, and the public/private flag you set.
  • Usage data — standard web server logs (IP address, browser, request time) retained for a maximum of 30 days for security purposes.

We do not use cookies beyond a session cookie required for login. We do not use analytics services, advertising networks, or any third-party tracking.

3. How we use your data

  • To provide and maintain your account and bookmarks.
  • To send transactional emails (email verification, password reset, two-factor codes).
  • To investigate security incidents using server logs.

We do not sell, share, or rent your data to any third party.

4. Where your data is stored

All data is stored on servers located within the European Union. No data is transferred outside the EU or EEA.

5. Your rights under GDPR

As a data subject under the GDPR, you have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Rectification — correct inaccurate data.
  • Erasure — delete your account and all associated data. You can do this at any time from your account settings.
  • Portability — export your bookmarks in a standard format.
  • Object — object to processing where we rely on legitimate interest.

To exercise any of these rights, contact us at the address below. We will respond within 30 days.

6. Data retention

We retain your account data and bookmarks for as long as your account is active. Server logs are deleted after 30 days. When you close your account, all associated data is permanently deleted within 7 days.

7. Security

Passwords are hashed using bcrypt and never stored in plain text. All connections are encrypted via HTTPS. We support two-factor authentication for additional account security.

8. Changes to this policy

If we make material changes to this policy, we will notify you by email or by a notice on the service. The date at the top of this page shows when the policy was last updated.

9. Contact

For privacy-related questions or to exercise your GDPR rights, contact the operator via ramlev.dk.