Is Marotino GDPR compliant?

Yes. Marotino CY Ltd is incorporated in Cyprus (EU) and fully compliant with GDPR. We implement consent-first data collection, maintain a Data Protection Officer contact, and notify data subjects within 72 hours of a breach.

Does Marotino comply with CCPA?

Yes. Marotino Inc is incorporated in the US and honours all CCPA rights for California residents: the right to know, delete, opt-out, and non-discrimination. DSR requests are processed within 30 days.

How does Marotino secure client data?

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). We use role-based access controls, conduct regular security audits, and do not sell or share client data with third parties.

What legal entities does Marotino operate through?

Marotino operates through two entities: Marotino CY Ltd (Cyprus, EU VAT registered) for EU and international contracts, and Marotino Inc (Miami, Florida) for US contracts.

How can I submit a data subject request?

Email hello@marotino.com with your request. We process all data subject requests (access, deletion, rectification, portability) within 30 calendar days.

Trust Center

Security, compliance, and transparency — by design.

We believe trust is earned through documented practices, not marketing claims. Everything below is verifiable, specific, and kept up to date.

GDPR Compliant

CCPA Compliant

Encrypted in Transit & At Rest

EU & US Legal Entities

Our approach to trust

Marotino operates as a software engineering company with clients across fintech, e-commerce, and enterprise software. We handle sensitive business data, integrate with financial APIs, and build infrastructure that underpins real transactions.

Because of this, we hold ourselves to a high standard: data protection is a core engineering requirement, not a compliance checkbox. Every project we deliver includes access control review, secret management practices, and data minimization by default.

72h

GDPR breach notification commitment

Legal entities across EU and Americas

30d

Data subject request response window

100%

Consent-first cookie implementation

What we cover

Click any section for the full documentation.

EU Regulation 2016/679

GDPR Compliance

Data controller identity, legal bases for processing, your rights as a data subject, DPA commitments, and breach notification procedures for EU/EEA residents.

Legal bases for processing (Art. 6)
Data subject rights (Art. 15–22)
International transfers & SCCs
72-hour breach notification (Art. 33)
Data Processing Agreements

Read GDPR page

California Civil Code § 1798.100

CCPA / CPRA

California Consumer Privacy Act compliance, categories of personal information collected, your opt-out rights, and how to submit privacy requests.

Categories of personal information
Right to Know, Delete, Opt-Out
No sale of personal information
Annual privacy notice
Agent authorization process

Read CCPA page

Infrastructure & Application Security

Security Practices

How we secure the software we build and our own infrastructure — access control, encryption standards, dependency management, and vulnerability disclosure.

HTTPS everywhere, TLS 1.2+
Secrets management & rotation
Dependency vulnerability scanning
Access control & least privilege
Responsible disclosure policy

Read Security page

Corporate Structure

Legal Entities

Marotino operates through two registered legal entities to serve global clients. Find the right entity for contracts, invoices, and data processing agreements.

Marotino CY LTD — Limassol, Cyprus (EU)
Marotino INC — Miami, FL (Americas)
VAT & registration details
Which entity handles your data
Invoice & contract routing

Read Legal Entities page

Additional policies & documents

How we collect, use, and store your personal data across our website and services.

Rules governing your use of the Marotino website and marketing materials.

Office Locations

Physical offices in Limassol, Cyprus and Miami, Florida with contact details.

Data Protection Officer

Questions about your data?

If you have a question about how we process your data, want to exercise a data subject right, or need a Data Processing Agreement for your contract — reach our DPO directly.

We respond to all data protection enquiries within 5 business days. Formal data subject requests are processed within 30 days as required by the GDPR.

hello@marotino.com

🇨🇾

Marotino CY LTD

Evripidou 9A, 3031 Limassol, Cyprus

EU, EEA & Middle East clients

🇺🇸

Marotino INC

66 West Flagler Street, Miami, FL 33130

Americas & Asia clients

Our standing commitment

We review this Trust Center at minimum once per quarter. Any material changes to our data handling practices, legal structure, or security posture are reflected here before going into effect. The last review was April 2026.

Talk to compliance