Privacy policy.

gdpr · last updated 30 April 2026

What we collect when you visit marerisoft.com or write to us, why we collect it, and your rights. Written to satisfy Articles 13 and 14 of the GDPR.

Who we are

The data controller is Marerisoft, MB, a Lithuanian small partnership registered with the Lithuanian Register of Legal Entities under company code 111689163, VAT LT100019941819, with its registered seat at Karaliaučiaus g. 9C, LT‑06281 Vilnius.

For privacy questions, write to hello@marerisoft.com. We have not appointed a Data Protection Officer because we are not legally required to.

What we collect, and why

Contact form & direct email

When you write through the form on the homepage, or directly to hello@marerisoft.com, we receive your name, email and the contents of your message. We use that information only to read and respond to your enquiry.

Legal basis: Article 6(1)(b) GDPR (steps taken at your request prior to entering into a contract) and, where the enquiry is not contractual, Article 6(1)(f) (legitimate interest in responding to communications addressed to us).
Retention: up to 24 months from the last related communication, then deleted, unless a longer retention is required to perform a contract or comply with a legal obligation.

Server logs

Our hosting provider records technical information about each request — IP address, user agent, requested URL, timestamp, response status — to operate the site, prevent abuse and diagnose errors.

Legal basis: Article 6(1)(f) GDPR (security and stable operation). Retention: typically up to 30 days, in line with our hosting provider's defaults.

Aggregated traffic analytics

We use Vercel Web Analytics. It does not set cookies, does not store data on your device, and does not create persistent identifiers. Visitors are counted using a hash that resets every 24 hours and cannot be used to track you across other sites.

Legal basis: Article 6(1)(f) GDPR (measuring and improving the site). Retention: aggregated analytics per Vercel's documentation; raw request data is not stored.

Who we share data with

We do not sell personal data and do not share it for marketing. We rely on a small number of processors that act on our instructions and under written data‑processing agreements:

  • Vercel Inc. — website hosting and analytics (United States, with EU data‑processing addendum and EU‑US Data Privacy Framework safeguards).
  • Resend (Resend.com Inc.) — transactional email delivery for messages sent through the contact form (United States, with EU Standard Contractual Clauses).
  • Domain registrar and DNS provider — operating marerisoft.com.

We may disclose personal data when legally required, for example in response to a valid order from a Lithuanian court or authority.

International transfers

Some of our processors are located outside the European Economic Area, in particular in the United States. Where this is the case, we rely on safeguards approved under Articles 45 or 46 GDPR — the EU‑US Data Privacy Framework where the recipient is certified, and otherwise the European Commission's Standard Contractual Clauses.

Cookies

marerisoft.com does not set tracking cookies and does not store information on your device for advertising or profiling. We use only strictly‑necessary, session‑level storage where the site needs it to function; this does not require consent under the EU ePrivacy Directive.

Your rights

Under the GDPR you have the right to:

  • access the personal data we hold about you (Art. 15);
  • have inaccurate data corrected (Art. 16);
  • have your data erased where the legal grounds apply (Art. 17);
  • have processing restricted (Art. 18);
  • data portability where applicable (Art. 20);
  • object to processing based on our legitimate interests (Art. 21);
  • withdraw consent at any time, where processing is based on consent.

To exercise these rights, write to hello@marerisoft.com. We respond within one month of receiving your request.

If you believe our processing infringes the GDPR, you can lodge a complaint with the Lithuanian supervisory authority — the State Data Protection Inspectorate (Valstybinė duomenų apsaugos inspekcija — VDAI), L. Sapiegos g. 17, 10312 Vilnius. More at vdai.lrv.lt.

Whether providing data is required

Providing your name, email and message is voluntary. If you don't, we can't reply — but there is no other consequence.

Automated decision‑making

We do not use personal data for automated decision‑making or profiling that produces legal or similarly significant effects (Article 22 GDPR).

Changes to this policy

We may update this policy when our practices or applicable law change. The date at the top reflects the latest revision. Material changes are highlighted on the site.