Trust

The pitch is that Mara writes and sends without supervision. The pitch only holds if you trust her to do it. This page covers the things you'd want to verify before letting an agent talk to your customers.

What Mara has access to

The minimum to do the job.

GitHub: a read-only OAuth scope on the repo you connect. She reads files, commits, and issues. She doesn't write, push, or modify anything. Revoke the OAuth grant in your GitHub settings and Mara loses access immediately.

Your sending domain: DKIM and SPF records you add to your DNS. The records authorize Molted (the sending pipe) to send mail signed as you. You own the records; remove them and the sending capability stops.

Your event stream: webhook payloads from Stripe, Polar, PostHog, Segment, or your own webhook. Mara reads contact and event data. She doesn't write back to your event source.

That's it. No other system gets read or written. No analytics SDK gets bolted in. No social-graph enrichment. No third-party data brokers.

What happens to the data

Your tenant data lives in the Mara database, scoped to your tenant. Per-tenant queries enforce the scoping at the SQL layer; nothing crosses tenants. The Brand Analyst's extracted brand profile, the Cartographer's segments, the Copywriter's drafts, the contact records, the event log. All in one row of tenants and the linked tables.

When you cancel, your tenant gets soft-deleted. Outbox jobs pause. Memberships drop. The data stays for 30 days in case you come back; after that, it's purged. Hard-delete on request before the 30-day window if you want it sooner.

We don't train models on your data. The Anthropic API calls that draft your emails opt out of training and retention via the model provider's policy.

The approval gate

Every send goes through a policy you set.

Approval policy is set per-tenant and per-journey-type. You can be auto on welcome and approval-required on win-back; that's a normal setup.

The kill switch

Three layers, each one click.

The journey kill switch pauses one program (the win-back, for example) for everyone on it. No further sends. Existing scheduled sends drop.

The tenant kill switch pauses everything. Outbox stops. Bandit stops. Reply Analyst stops. Mara goes quiet until you flip it back.

The contact suppression takes one contact out of every program. The Cartographer respects it, the Copywriter doesn't draft for them, the send Worker rejects any pending send. Suppression is also propagated to Molted so the sending pipe enforces it independently.

The audit log

Every action Mara takes writes a row to the agent_runs table. Which specialist ran. What it read. What it wrote. How long it took. How much it cost in cents. The reasoning trace it returned.

You can read this in the dashboard. You can also export it. If a send went out and you want to know why Mara wrote what she wrote, the reasoning is there. The audit log isn't a developer feature; it's a customer feature.

What we don't claim

Mara is pre-launch. Some things are real today and some things are roadmap. We don't fake either.

We don't have SOC 2. We don't have HIPAA. We don't have ISO 27001. Compliance work happens after design partners; if you need any of these on day one, Mara isn't the fit yet.

We don't have testimonials yet. Mara launched recently, so our earliest customers are still early in their programs. The first was a separate SaaS run by the same founder. We'd rather show you a real result than fake one.

We're explicit about all of this on the pricing FAQ. Honesty is part of the pitch.

Where to read more

The privacy policy covers what data we collect and how long we keep it. The terms of service covers the contractual side. The data processing agreement is available for any tenant that needs to flow data through their own DPA chain.

How Mara works → Pricing →