Privacy & data governance

UBO and KYC data are sensitive personal data. Mitroo CY is designed to operate under GDPR and the Cyprus data-protection regime: data is isolated per firm (tenant), access to UBO/KYC is gated by role, and every access to sensitive data is recorded in an immutable audit log. Configurable retention and legal-hold support the firm's retention policy.