Skip to main content

Privacy Policy

Home

Appearance

100%
800px

Privacy Policy

Last Updated: February 7, 2026

Techster Dynamics ("we," "us," or "our"), a trading name of Techster Ltd (Company No. 17005321), operates Markest (the "Service"), a multi-document markdown pastebin available at marke.st. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our Service.

By using the Service, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

1.1 Information You Provide

When you register and use the Service, we collect:

  • Account Information: Email address, display name, password (stored as a secure hash)
  • Google Account Data: If you sign in with Google, we receive your email address, display name, Google user ID, and profile picture URL
  • User Content: Markdown documents and paste metadata (titles, slugs, visibility settings, document paths) that you create and upload

1.2 Information Collected Automatically

When you use the Service, we may automatically collect:

  • Usage Data: Pages visited, features used, actions taken
  • Device Information: Browser type, operating system, screen resolution
  • Log Data: IP address, access times, request URLs, error logs
  • Cookies: Session cookies for authentication (see Section 7)

1.3 Content Data

To provide the Service, we process and store:

  • Markdown Content: Document text stored in gzip-compressed format
  • Content Metadata: File paths, sort order, SHA-256 content hashes, timestamps
  • Paste Configuration: Visibility settings, expiry dates, default document paths

2. How We Use Your Information

We use your information to:

2.1 Provide the Service

  • Create and manage your account
  • Store, compress, and serve your markdown documents
  • Render markdown to HTML with syntax highlighting and diagrams
  • Generate downloadable ZIP archives of your pastes
  • Enforce paste visibility settings (public, unlisted, private)

2.2 Maintain Security

  • Authenticate users and manage sessions
  • Prevent cross-site scripting (XSS) through HTML escaping in rendered content
  • Validate CSRF tokens on state-changing operations
  • Rate-limit requests to prevent abuse

2.3 Improve the Service

  • Analyse usage patterns to identify and fix issues
  • Optimise performance and user experience
  • Develop new features and improvements

2.4 Communicate with You

  • Send essential service-related notifications
  • Respond to support enquiries
  • Notify you of significant changes to the Service or these policies

3. Data Storage and Security

3.1 Data Storage

Your data is stored securely with the following measures:

  • Markdown content is gzip-compressed at rest using gzencode() / gzdecode()
  • Content integrity is verified using SHA-256 hashes
  • Passwords are hashed using industry-standard algorithms (bcrypt/argon2)
  • Google OAuth tokens are not stored; authentication is validated per session

3.2 Content Limits

The Service enforces the following limits to ensure platform stability:

  • Maximum 50 documents per paste
  • Maximum 128KB per individual document
  • Maximum 512KB total content per paste
  • Document paths limited to 200 characters

3.3 Security Measures

We implement multiple security layers:

  • XSS prevention via HTML escaping in CommonMark rendering
  • CSRF token validation on all state-changing forms
  • Unsafe link prevention in rendered markdown
  • Unguessable ULID identifiers for paste and document IDs
  • Private pastes accessible only to their owners
  • Expired pastes automatically return 404 responses

4. Data Sharing and Disclosure

4.1 We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to third parties for any purpose.

4.2 Public Content

Content in pastes marked as "public" or "unlisted" is accessible to anyone with the URL. You are responsible for managing the visibility settings of your pastes.

4.3 Service Providers

We may share data with trusted service providers who assist us in hosting and operating the Service. These providers are bound by confidentiality agreements and may only use data to provide services to us.

We may disclose your information if required to:

  • Comply with legal obligations or court orders
  • Protect our rights, property, or safety
  • Prevent fraud, abuse, or illegal activities
  • Respond to lawful requests from government authorities

4.5 Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred. We will notify you of any such change and the choices available to you.

5. Third-Party Services

5.1 Google Authentication

If you sign in with Google:

  • We receive your email address, display name, and profile information through Google OAuth 2.0
  • We store your Google user ID to link your Google account to your Markest account
  • Google's Privacy Policy applies to your use of Google services
  • You can revoke Markest's access through your Google Account settings

5.2 Content Delivery Networks

The Service uses CDN-hosted resources (fonts, icons, Mermaid.js) from third-party providers. These providers may collect anonymised usage data according to their own privacy policies.

6. Data Retention

6.1 Active Accounts

While your account is active, we retain:

  • Account information and credentials
  • All pastes and documents you have created
  • Usage logs for security and troubleshooting

6.2 Paste Expiry

  • Pastes with configured expiry dates are automatically treated as unavailable after expiry
  • Expired paste content may be retained for a limited period before permanent deletion

6.3 Account Deletion

When you request deletion of your account:

  • Account data is permanently deleted
  • All pastes and documents owned by the account are permanently removed (cascade delete)
  • Backup copies are purged according to our retention schedule
  • Some anonymised, aggregated data may be retained for analytics

6.4 Retention Periods

  • Session data: Duration of browser session
  • Access logs: Up to 12 months
  • Account data: Until account deletion
  • Paste content: Until deleted by user or account deletion, or paste expiry

7. Cookies

7.1 Cookies We Use

Cookie Type Purpose Duration
Session Authentication and CSRF protection Browser session
Remember Me Persistent login (if enabled) 7 days

7.2 Local Storage

We use browser local storage (not cookies) to persist:

  • Theme preference (light/dark mode)
  • Colour scheme selection

This data is stored entirely in your browser and is never transmitted to our servers.

You can manage cookies through your browser settings. Disabling session cookies will prevent you from logging in to the Service.

8. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights:

8.1 Access

Request a copy of the personal data we hold about you.

8.2 Rectification

Request correction of inaccurate or incomplete data.

8.3 Erasure

Request deletion of your personal data, subject to legal obligations.

8.4 Portability

Download your paste content as ZIP archives through the Service's built-in download feature.

8.5 Objection

Object to certain processing of your data.

8.6 Restriction

Request restriction of processing in certain circumstances.

Withdraw consent for processing based on consent at any time.

To exercise these rights, contact us at hello@techdyn.co.uk. We will respond within 30 days.

9. International Data Transfers

If you access the Service from outside the United Kingdom:

  • Your data may be transferred to and processed in the United Kingdom
  • We ensure appropriate safeguards are in place for international data transfers
  • By using the Service, you consent to such transfers

10. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we discover that a child has provided us with personal information, we will promptly delete it. If you believe a child has provided us with personal data, please contact us immediately.

11. Regional Privacy Rights

11.1 United Kingdom & European Economic Area (GDPR / UK GDPR)

If you are in the UK or EEA, you have rights under the General Data Protection Regulation, including those listed in Section 8. Our legal bases for processing include:

  • Contract: To provide the Service you have registered for
  • Consent: For optional features such as Google sign-in
  • Legitimate Interest: For security monitoring, abuse prevention, and service improvement

Data Controller: Techster Ltd, Company No. 17005321

11.2 California Residents (CCPA)

California residents have rights under the California Consumer Privacy Act:

  • Right to know what personal information we collect
  • Right to delete personal information
  • Right to opt-out of sale of personal information (we do not sell data)
  • Right to non-discrimination for exercising privacy rights

12. Security Incident Response

In the event of a data breach:

  • We will investigate and contain the incident promptly
  • We will notify affected users within 72 hours where required by law
  • We will provide information about the nature of the breach and recommended actions
  • We will report to the UK Information Commissioner's Office (ICO) as required

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes:

  • The updated policy will be posted on this page
  • The "Last Updated" date will be revised

Your continued use of the Service after changes become effective constitutes your acceptance of the revised policy.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: hello@techdyn.co.uk
Website: techdyn.co.uk

If you have concerns about our data practices, you may contact the UK Information Commissioner's Office (ICO) at ico.org.uk.

Techster Dynamics is a trading name of Techster Ltd (Company No. 17005321)

© 2026 Techster Dynamics. All rights reserved.