Legal

Privacy Policy

How Mass collects, uses, shares, and protects your personal information — and the choices and rights you have over it.

Effective date: June 15, 2026

This Privacy Policy explains how Mass ("Mass", "we", "us") handles personal information when you use our websites, applications, and services (the "Services"). It applies to information we process as a controller about visitors, account holders, and end customers, except where we act as a processor on behalf of a customer.

By using the Services you acknowledge the practices described here. If you do not agree, please do not use the Services.

1.Information We Collect

Information you provide

  • Account data — name, email, password, organization, and profile details.
  • Billing data — plan, transaction history, and limited payment metadata. Card details are handled by our payment processors; we do not store full card numbers.
  • Content — prompts, text, images, files, funnels, pages, and other materials you submit to or generate with the Services.
  • Support and communications — messages, feedback, and survey responses you send us.

Information collected automatically

  • Usage data — features used, actions taken, pages viewed, and timestamps.
  • Device and log data — IP address, browser type, device identifiers, and crash or diagnostic data.
  • Cookies and similar technologies — as described in the Cookies section below.

Information from third parties

We may receive information from authentication providers, payment processors, analytics partners, and integrations you connect to the Services.

2.How We Use Information

  • Provide, operate, maintain, and secure the Services and your account;
  • Process transactions, manage subscriptions and Credits, and prevent fraud;
  • Generate AI Output in response to your inputs;
  • Personalize features and provide customer support;
  • Analyze usage to understand, debug, and improve the Services;
  • Send service, security, and (with your consent where required) marketing communications;
  • Comply with legal obligations and enforce our terms.

3.AI Processing and Model Training

To generate Output, your inputs are processed by Mass and by third-party AI model providers acting as our subprocessors. We send only the data needed to fulfill your request.

We do not use the private content you submit to train publicly shared foundation models, and we contractually require our model providers not to use your content to train their general models except as needed to provide the service and for abuse monitoring. We may use aggregated and de-identified data to evaluate and improve the Services.

5.How We Share Information

We do not sell your personal information. We share it only as described here:

  • Service providers / subprocessors — hosting, storage, AI model providers, payment processors, email delivery, and analytics vendors who process data on our behalf under contract;
  • Integrations you enable — when you connect third-party tools, we share data as needed to operate that integration;
  • Agencies and white-label partners — where you are an end customer of a partner, your data is also accessible to that partner as controller of their account;
  • Legal and safety — to comply with law, respond to lawful requests, enforce our terms, or protect the rights, safety, and property of Mass, our users, or the public;
  • Business transfers — in connection with a merger, acquisition, financing, or sale of assets, subject to this Policy.

6.Cookies and Tracking Technologies

We use cookies and similar technologies to keep you signed in, remember preferences, secure the Services, and measure usage. Strictly necessary cookies are always active; analytics and marketing cookies are used only where permitted or with your consent.

You can control cookies through your browser settings and, where offered, our consent banner. Blocking some cookies may affect functionality.

7.Data Retention

We retain personal information for as long as your account is active or as needed to provide the Services, and thereafter as required to comply with legal obligations, resolve disputes, prevent fraud, and enforce our agreements. We may retain de-identified or aggregated data indefinitely. When data is no longer needed, we delete or anonymize it.

8.Data Security

We use technical and organizational measures designed to protect personal information, including encryption in transit, access controls, and monitoring. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for keeping your credentials confidential.

9.International Data Transfers

We and our service providers may process your information in countries other than your own, including the United States. Where required, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses to protect transferred data.

10.Your Privacy Rights

Depending on where you live, you may have the right to access, correct, delete, or port your personal information, to object to or restrict certain processing, and to withdraw consent. California residents have rights under the CCPA/CPRA, including the right to know, delete, correct, and opt out of "sharing" for cross-context behavioral advertising; we do not sell personal information.

To exercise your rights, contact us at support@mass.new. We will verify your request and respond within the time required by applicable law. You will not be discriminated against for exercising your rights, and you may appeal a decision or lodge a complaint with your local supervisory authority.

11.Children’s Privacy

The Services are not directed to children under 16, and we do not knowingly collect personal information from them. If you believe a child has provided us personal information, contact us and we will delete it.

12.Changes to this Policy

We may update this Privacy Policy from time to time. If we make material changes, we will provide notice (for example, by email or in-product) before they take effect and update the effective date above. Your continued use of the Services after changes take effect constitutes acceptance.

13.Contact Us

The data controller for the Services is Mass Technologies (Florida, USA).

For questions about this Policy or our data practices, or to exercise your rights, contact us at support@mass.new.

This document is provided for transparency and does not constitute legal advice. If any translated version conflicts with the English original, the English version controls.