Margin

Privacy Model

Understand how Margin keeps your data safe while letting you publish impactful work.

Margin is built on a clear principle:

Share conclusions, not raw data—unless you deliberately opt in.

The Core Idea

Most analysts want to:

  • Show stakeholders the story and results
  • Keep raw datasets and exploratory work private

Margin's sharing model mirrors this.

What's Exposed When You Share

Sharing a Brief

ExposedProtected
Text contentNotebook code
Embedded chartsRaw datasets
Tables and imagesOther notebooks
FormattingWorkspace info

Viewers see your polished narrative—not how you got there.

Sharing a Dataset (Pro)

ExposedProtected
File contentsOther datasets
MetadataNotebook code
Preview tableBrief content
Download linkWorkspace info

Only the specific dataset you share becomes accessible.

Isolation Guarantees

When you share something, viewers cannot:

  • Access other items in your workspace
  • See your notebook source code (unless you share the notebook)
  • Browse your dataset storage
  • View workspace membership or billing
  • "Reach back" into your account

Each shared item is isolated. Sharing a brief doesn't expose the notebook. Sharing a dataset doesn't expose your briefs.

URLs and Discoverability

URL Structure

Public URLs follow a predictable pattern:

/@username                        # Profile
/@username/briefs/slug            # Brief
/@username/datasets/slug          # Dataset

Slugs are unique per user but not globally unique.

Unlisted by Default

There is no public directory of Margin content. Your work is:

  • Not indexed in any public feed
  • Not discoverable by browsing
  • Only accessible if someone has the link

Think of public links as "unlisted"—visible to anyone with the URL, but not advertised.

Free vs Pro Privacy

FeatureFreePro
Private notebooks
Private briefs
Private datasets
Public briefs
Public datasets

Free users can share briefs publicly. Public datasets require Pro.

Workspace Security

Beyond sharing controls:

  • Authentication – All API access requires valid session
  • Row-Level Security – Database enforces workspace isolation
  • Signed URLs – Downloads use time-limited tokens
  • HTTPS everywhere – All traffic is encrypted

Revoking Access

When you make something private:

  1. Public URL immediately returns 404
  2. Download links stop working
  3. Search engines lose access (no caching)
  4. Shared links become invalid

There's no grace period—revocation is instant.

Best Practices

  1. Assume public is forever – Someone may have copied content
  2. Review before sharing – Check for accidental PII
  3. Use descriptive slugs – But not confidential project names
  4. Share selectively – Only what needs to be public

Questions?

If you have security questions, contact us at security@projectmargin.com.

Sharing Datasets

Control who can see, preview, and download your datasets with simple visibility settings.