Security

Advanced security
The MARTA platform ensures a high level of cybersecurity, certified to PCI-DSS 3.2 standards. It handles data in compliance with the strictest security protocols, guaranteeing maximum protection of user information.

For data exchange, including large-scale transfers, an automated SFTP service is used, providing secure and encrypted transmission channels. Data is encrypted using AES algorithms to safeguard sensitive information, with access management governed by Role-Based Access Control (RBAC).

MARTA is a GDPR-compliant platform: it applies automated consent management and adopts all organizational and security procedures in accordance with European regulations on the protection of personal data, aiming to eliminate any risk associated with data handling.

Active and Ongoing Monitoring
At MARTA, we prioritize continuous improvement and minimizing the risks of user privacy breaches. We have implemented an internal organizational procedure that includes periodic sample checks of user consent, based on logs recorded within our loyalty platform.

This process has been introduced to ensure greater transparency, compliance with current personal data protection regulations, and to uphold user rights.

Such verifications allow us to promptly detect any anomalies and take necessary corrective actions.