Privacy Policy

marmaris acts as a controller or business for personal information that marmaris collects directly to run its own website and business operations, including business contact records, lead and founder communications, account administration, billing contacts, support records, security logs, product telemetry, and similar information used to operate and improve the Service.

When an enterprise or organizational customer uses the Service and submits Customer Content that contains personal information, marmaris generally acts as a processor or service provider on that customer's behalf. In that context, the customer controls the purposes of processing, the contents of the workspace, the retention instructions, and many of the permissions and integrations tied to the account. Privacy requests relating to customer-controlled information often must be directed first to the relevant customer.

Workspace or account administrators designated by a customer may be able to add users, reset credentials, configure integrations, access workspace content, review logs, or export data. marmaris is not responsible for the internal privacy practices of customer organizations or their administrators.

Contact and professional information. This may include your name, business email address, phone number, employer or organization name, title, department, mailing address, and other professional identifiers used to create or manage a commercial or support relationship.

Account and authentication information. This may include usernames, login identifiers, password hashes or equivalent authentication records, single sign-on attributes, account preferences, role assignments, and other information necessary to provision and secure access to the Service.

Commercial and billing information. This may include subscription details, contract records, quotes, invoices, purchase history, tax-related billing information, and payment-related metadata received from payment processors or finance systems.

Communications and support content. This may include the contents of emails, forms, demo requests, chat messages, support tickets, founder conversations, survey responses, meeting notes, and, where disclosed and legally permitted, recordings or transcripts of calls or meetings.

Customer-submitted materials. This may include information contained in uploaded specifications, code comments, reports, design notes, issue histories, verification logs, generated artifacts, and other files or text submitted through the Service. Although much of this material may be technical rather than personal, it may still contain names, usernames, email addresses, comments, assignments, or other personal information.

Device, network, and log information. When you use the Service or visit marmaris-controlled online properties, marmaris and its service providers may collect IP address, browser type, operating system, device identifiers, approximate location derived from IP, timestamps, referrer information, pages viewed, and comparable network and device data.

Usage and performance information. marmaris may collect information about how features are accessed and used, such as session events, clicks, interaction paths, API request metadata, latency data, crash reports, error logs, consumption metrics, and similar operational analytics.

Security and integrity information. marmaris may generate or collect logs and signals used to authenticate accounts, detect fraud, enforce access controls, investigate abuse, and preserve the security, availability, and reliability of the Service.

marmaris may receive personal information from your employer or organization, from workspace administrators, from identity providers and integrations that you or your organization connect to the Service, from referral or event partners, from publicly available business sources, and from vendors that help marmaris operate sales, billing, analytics, or support workflows.

The categories of information received from third parties vary by the relationship and may include business contact details, role or team information, authentication attributes, integration metadata, or other information needed to establish or maintain the relevant service relationship.

Because marmaris is designed for formal verification workflows, Customer Content may include highly technical materials such as specifications, source snippets, comments, issue references, evidence files, audit records, project notes, or support bundles. Those materials can incidentally contain personal information, including names, work contact details, usernames, authorship details, reviewer comments, or communication contents.

Where marmaris processes such information on behalf of a customer, marmaris does so as instructed by that customer and pursuant to the agreement governing the workspace. The customer remains responsible for deciding what information is uploaded, for setting permissions, for responding to rights requests that depend on customer context, and for ensuring that its own use of the Service complies with applicable law.

marmaris may use personal information to provide, operate, maintain, and secure the Service; create and administer accounts; authenticate users; respond to requests, questions, and support issues; onboard customers; manage subscriptions, quotes, invoices, and business records; communicate about service changes, legal notices, renewals, incidents, and product updates; detect, investigate, and prevent fraud, abuse, and security events; enforce contracts and internal policies; comply with law; and protect the rights, safety, property, and legitimate interests of marmaris, its customers, and others.

marmaris may also use personal information to understand how the Service is being used, improve the performance and reliability of the platform, troubleshoot defects, evaluate feature adoption, plan capacity, generate deidentified or aggregated analytics, and develop product enhancements. Where permitted by law, marmaris may use business contact information to send newsletters, event invitations, research updates, and other marketing or relationship-management communications, subject to any opt-out rights you may have.

marmaris does not use personal information for purposes materially inconsistent with this Privacy Policy without providing any additional notice required by applicable law.

Where the GDPR, UK GDPR, or similar laws apply, marmaris processes personal information on one or more of the following legal bases, depending on context: performance of a contract or steps taken at your request before entering into a contract; marmaris's legitimate interests in operating, securing, supporting, improving, and marketing the Service; compliance with legal obligations; protection of legal rights and claims; and consent, where consent is required and has been obtained.

Not every legal basis applies to every processing activity. For example, marmaris may rely on contract necessity to create an account or provide support tied to a subscription, on legitimate interests to secure the platform and improve service reliability, on legal obligation to maintain records needed for tax or compliance purposes, and on consent for optional communications or non-essential technologies where consent is legally required.

Service providers and subprocessors. marmaris may disclose personal information to vendors and subprocessors that help host, secure, monitor, analyze, support, bill for, communicate about, or otherwise operate the Service, provided they are bound by confidentiality and data protection obligations appropriate to the services they provide.

Customer organizations and administrators. If you use the Service through an account provided by an organization, marmaris may make information associated with that account available to that organization and its designated administrators, consistent with the workspace configuration and the governing customer agreement.

Third-party integrations. When you or your organization enable an integration, marmaris may disclose information and Customer Content to the relevant third party to provide the requested functionality. The third party's handling of the information thereafter is governed by its own terms and privacy practices.

Professional advisers, transaction counterparties, and legal recipients. marmaris may disclose personal information to lawyers, auditors, insurers, accountants, financing sources, potential acquirers, and similar counterparties in connection with legitimate corporate matters, and to courts, regulators, law enforcement, or other governmental authorities where required or permitted by law or necessary to protect rights, safety, or property.

Except as described in this Privacy Policy, at your direction, or as otherwise permitted or required by law, marmaris does not disclose personal information to unrelated third parties.

marmaris and its service providers may use cookies, local storage, pixels, software development kits, and similar technologies to operate sites and product interfaces, remember preferences, keep users signed in, measure traffic and performance, understand feature adoption, secure sessions, and improve functionality.

Some of these technologies are essential to provide requested services. Others may support analytics, preferences, or communications. Where required by law, marmaris will seek consent before using non-essential technologies. You can typically control cookies through your browser settings and, where available, through any cookie management tools provided on the relevant site, although disabling certain technologies may affect functionality.

marmaris may collect service telemetry, usage statistics, diagnostic logs, and crash or error information to maintain the health and security of the platform, identify misuse, troubleshoot customer issues, and improve product performance. Such information may include feature usage, timestamps, request metadata, failure details, and related operational records.

Where reasonably practicable, marmaris works to minimize or separate telemetry from substantive customer materials, and may create deidentified or aggregated analytics that do not reasonably identify a specific individual or customer. marmaris uses those analytics for product improvement, capacity planning, operational reporting, and service development.

marmaris retains personal information for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, including to provide the Service, maintain accounts, perform contracts, preserve security logs, resolve disputes, enforce agreements, satisfy legal, tax, accounting, or audit obligations, and protect legitimate business interests.

Retention periods vary according to the nature of the information, the sensitivity of the data, the role marmaris plays in the processing, customer instructions, the existence of active subscriptions or disputes, and applicable legal requirements. When personal information is no longer reasonably required, marmaris will delete, anonymize, or deidentify it, unless continued retention is required or permitted by law, backup architecture, litigation hold, or security response needs.

marmaris uses a combination of administrative, technical, and organizational measures designed to protect personal information against unauthorized access, disclosure, alteration, and destruction. Depending on context, these measures may include role-based access controls, authentication controls, encryption in transit, logging and monitoring, vendor diligence, confidentiality obligations, environment separation, and incident response procedures.

No system or transmission method is completely secure. Accordingly, while marmaris works to protect personal information in a manner appropriate to the nature of the Service and the data involved, marmaris cannot guarantee absolute security.

marmaris may process or store personal information in the United States or in other countries where marmaris or its service providers operate. When personal information is transferred across borders, marmaris uses transfer mechanisms and safeguards recognized under applicable law, which may include adequacy decisions, standard contractual clauses, or other lawful measures.

Individuals who want more information about applicable transfer safeguards may contact marmaris using the request channels listed at the end of this Privacy Policy.

marmaris does not ask customers to upload special-category or similarly restricted personal information unless the Service and the governing agreement are specifically configured for that purpose. Customers should avoid including unnecessary sensitive or regulated information in Customer Content.

If marmaris processes sensitive personal information as defined by applicable law, marmaris does so only as reasonably necessary for permitted purposes such as account security, authentication, fraud prevention, business communications, contract administration, or providing requested services, unless a different use is disclosed and legally supported.

You may update certain account information through the Service or through your organization administrator, depending on the workspace configuration. You may opt out of non-essential marketing communications by using the unsubscribe function contained in those communications or by contacting marmaris through the channels listed below. Even if you opt out of marketing, marmaris may still send transactional, legal, billing, service, and security communications.

If you interact with marmaris through a customer-controlled workspace, the relevant customer organization may be able to access, correct, export, restrict, or delete information associated with that workspace. In such cases, the fastest or most accurate route for a request may be through the relevant customer organization or administrator.

marmaris may ask for additional information to verify identity and authority before acting on a request. marmaris may decline or limit requests where permitted by law, including where marmaris cannot verify the requester, where the request concerns information controlled by a customer, or where an exemption applies.

Depending on where you live and subject to applicable law, you may have the right to be informed about how your personal data is used; the right to access and receive a copy of your personal data; the right to rectify inaccurate or incomplete data; the right to request erasure in certain circumstances; the right to restrict processing; the right to data portability; the right to object to certain processing; and rights relating to certain automated decision-making or profiling practices.

Where marmaris relies on consent, you may withdraw that consent at any time, although withdrawal does not affect processing already carried out lawfully before withdrawal. You may also lodge a complaint with the supervisory authority in your place of residence or work, or in the United Kingdom with the Information Commissioner's Office, if you believe your personal data has been processed unlawfully.

This section supplements the rest of the Privacy Policy for California residents. In the preceding twelve months, depending on the nature of the interaction, marmaris may have collected categories of personal information that include identifiers and business contact information, account credentials, commercial information, internet or other electronic network activity, professional information, communications and uploaded materials, and inferences or preferences derived from interactions with marmaris or the Service.

California residents may have the right to know what personal information marmaris has collected, used, disclosed, or in some circumstances sold or shared; the right to request deletion; the right to request correction of inaccurate information; the right to opt out of sale or sharing where such a right applies; the right to limit the use and disclosure of sensitive personal information where applicable; and the right not to receive discriminatory treatment for exercising protected privacy rights.

To submit a California privacy request, call +1 855 815 1469 or write to marmaris at 1309 Coffeen Avenue, Suite 1200, Sheridan, Wyoming 82801, US. Authorized agents may submit requests on behalf of California residents where permitted by law, subject to appropriate verification. If marmaris offers a webform or other online method for privacy requests or opt-out choices on a relevant site or service, California residents may use that method as well.

marmaris may deny or limit a California request where permitted by law, including where marmaris cannot verify the requester, where the information is exempt, or where the request concerns customer-controlled information that marmaris processes solely on behalf of an enterprise customer.

marmaris is a professional and organizational service. It is not directed to children under thirteen years of age, and marmaris does not knowingly collect personal information online from children under thirteen in circumstances that would require parental consent under applicable law. If marmaris learns that it has collected such information inappropriately, marmaris will take reasonable steps to delete it.

The Service and marmaris-controlled sites may contain links to third-party websites, repositories, collaboration environments, identity providers, or other services that are not operated by marmaris. This Privacy Policy does not apply to those third parties, and marmaris is not responsible for their content, security, or privacy practices. You should review the privacy notices of any third-party service you choose to use.

marmaris may update this Privacy Policy from time to time to reflect changes in law, technology, product design, or business operations. When marmaris does so, marmaris will revise the effective or last-updated date and, where required by law, provide additional notice through the site, the Service, email, or another appropriate channel.

Your continued use of the Service after the effective date of an updated Privacy Policy is subject to the updated version, except to the extent prohibited by law.

marmaris

1309 Coffeen Avenue, Suite 1200

Sheridan, Wyoming 82801, US

Telephone: +1 855 815 1469