Privacy Policy
At MASS we take your privacy seriously and this privacy statement explains what personal data or information we collect from you and from people who visit our website and how we use it. We would encourage you to read the list below and click on ‘learn more’ if you would like more information on a specific topic.
We may change this information from time to time, so please check this page occasionally to ensure you’re happy with any changes. This privacy statement was last updated on 21 August 2024.
If you have any questions regarding this statement and our privacy practices, please contact us by email dpo@mass.co.uk or by post at MASS Data Protection Officer, Enterprise House, Great North Road, Little Paxton, St Neots Cambridgeshire, PE19 6BN. Alternatively, you can telephone us on +44 1480 222 600.
Contents
- Who are we?
- What personal data or information do we collect?
- How is your personal data collected?
- How is your information used?
- Who has access to your information?
- Transfers outside of the European Economic Area
- Your choices and rights
- How you can update your information
- How you can access your personal information
- Keeping your data secure
- Use of cookies by this website
Who are we?
MASS is a registered company (1705804) our registered office address is Enterprise House, Great North Road, Little Paxton, St Neots, Cambridgeshire, PE19 6BN. MASS is a registered data controller.
In this document, ‘We’, ‘Us’, ‘Our’ or the ‘Group’ includes MASS or its parent company Cohort plc.
What personal data or information do we collect?
The personal information we collect may include:
| Identity data | First name, last name, title, job title |
| Contact Data | Billing/contact address, delivery address, email address, telephone numbers |
| Financial Data | Bank account, billing and payment details |
| Contract Data | Details about contract agreements or proposed agreements between us |
| Transaction Data | Details about payments to and from you. Details of products and services you have purchased from us or supplied to us |
| Profile Data | Purchases or orders made by you, feedback and survey responses |
| Technical Data | Internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website |
| Usage Data | Information about how you use our website, products and services |
| Marketing and Communications Data | Your preferences in receiving marketing communications from us and/or our third parties, and your communication preferences |
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
If you fail to provide personal data
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
How is your personal data or information collected?
We may collect data or information about you when you:
- make an enquiry about our products, services or business activities of MASS
- become a supplier to MASS
- enquire about a job opportunity at MASS
- use the mass.co.uk website
- provide a business card or contact details in another form to one of our employees or associates in person e.g. at a meeting or event.
How is your information used?
We collect your personal data or information to operate our business effectively and provide you with the best information on the products and services from MASS.
We may use your information:
- to carry out our obligations arising from any contract or contract negotiations entered into by you or us as client or prospective client of MASS
- to process an enquiry that you have made to MASS
- to contact you to discuss business opportunities or products and services from MASS that we believe may be of interest to you
- to send you communications that you have requested
- to process a job application
- to conduct the due diligence and negotiations required as part of a potential or actual business merger or acquisition
- to invite you to events run by MASS or Cohort plc.
We believe that all these purposes are justified on the basis of our legitimate interests in running and promoting our business, the contractual obligations to deliver products and services to you, and our legal obligations as appropriate. We may also use your personal data to send you information, such as an email news update which you have signed up to receive and can opt-out from at any time.
| Purpose/activity | Type of data held | Length of time data held | How data held |
| As a client or agent of MASS | Identity data Contact data Contract information Financial information Transaction data Information and documents relating to the products / services we are providing, including communications with you Your communications & marketing preferences | 6 years after expiry of contract | Business administration and communications systems held on secure UK servers |
| Prospective clients of MASS (for example during a bid or tender process) | Prospective clients of MASS (for example during a bid or tender process) Identity data Contact data Contract information Financial information Information and documents relating to the products / services we are discussing. including communications with you | The lesser of 6 years or when the warranty expires | Business administration and communications systems held on secure UK servers |
| Suppliers of products & services to MASS | Identity data Contact data Contract information Transaction data Information and documents relating to the products / services you are providing, including communications with you | 6 years after expiry of contract | Business administration and communications systems held on secure UK servers |
| Current or prospective trade/commercial partners | Identity data Contact data Names of Shareholders Company Director details, including CVs & contracts Commercial information, including supplier & customer contract details Information and documents relating to negotiations including communications with Advisors | As specified by the relevant Non-Disclosure Agreement | Business administration and communications systems held on secure UK servers |
| Charitable organisations supported by MASS | Name Contact information Financial information Information and documents relating to the support we are providing, including communications with you | 6 years | Business administration and communications systems held on secure UK servers |
| Website visitor | Technical data Usage data | 30 days Google Analytics | |
| Job applicants | Identity data Personal data Sensitive personal data CVs | 6 years after expiry of contract. 12 months if unsuccessful with application. | |
| Our current and former staff | Please refer to our Staff Privacy Policy | Email DPO@mass.co.uk if you require a copy. |
Who has access to your information?
We do not sell or rent your personal data or information to any third party or share your information with third parties for their marketing purposes.
We will disclose your data or information if required by law, for example by a court order or for the prevention of fraud or other crime.
We may pass your information to our parent company Cohort plc for the purposes of providing you with relevant information about their products and services, or to enable discussions about co-operative working for mutual benefit.
We may pass your information on to our third party service providers, professional advisors, agents or subcontractors for the purposes of completing a task or providing services to you on our behalf. Additionally to HM Revenue & Customs, regulators and other authorities acting as processors based in the United Kingdom who require reporting of processing activities in certain circumstances.
We disclose only the personal information necessary to deliver that service and have a contract in place that requires them to keep your information secure and not to use it for their own marketing purposes. When you are giving your personal data or information to the relevant third party this will be made very clear. They may then be acting as the data processor of your information for this purpose and therefore we advise you to read their Privacy Policy which will be clearly displayed at the point of data collection.
Third party service providers who act as data processor on our behalf
| Google Analytics | Web analytics | IP address | Link to privacy policy |
| WordPress | Website provider | Identity and contact data | Link to privacy policy |
| Eploy | Talent acquisition form | Identity, contact data, CV | Link to privacy policy |
| Investis | RNS service provider | Name/email address | Link to privacy policy |
| Equiniti | Shareholder services | Identity, contact, financial and transactional data | Link to privacy policy |
| Investec | Nominated adviser shareholder services | Identity, contact and transactional data | Link to privacy policy |
Transfers outside of the European Economic Area
Your personal data or information in the European Economic Area (EEA) is protected by data protection laws, but other countries do not necessarily protect your personal information in the same way. The EEA covers all countries in the EU plus Norway, Liechtenstein and Iceland. Some of the third party providers we use to help us manage our business and services may involve data transferring to the United States or other countries outside of the EEA.
We use the following third party online tools which may involve your data being processed outside of the EEA:
| Google Analytics | web analytics | IP address | Link to privacy policy |
Your choices and rights
You have a choice about whether or not you receive marketing communications about the innovative products and services available from MASS. We will not contact you for direct marketing purposes by post, email, phone or text message if you indicate to us that you wish to opt out of receiving such communications.
As an individual whose personal data is processed by MASS you have these rights:
- The right to be informed, which is what this privacy policy is for
- The right to access the data we hold about you
- The right to object to direct marketing – either use the unsubscribe option or contact us directly
- The right to object to processing carried out on the basis of legitimate interests
- The right to erasure (in some circumstances)
- The right to data portability
- The right to have your data rectified if it is inaccurate
- The right to have your data restricted or blocked from processing
How you can update your information
The accuracy of your information is important to us. You can change your marketing preferences, unsubscribe or opt-out from receiving communications from us by contacting us at any time.
If you change your email address or if you want to update any of the information we hold on you, please email us DPO@mass.co.uk or write to us at MASS, Enterprise House, Great North Road, Little Paxton, St Neots, Cambridgeshire, PE19 6BN. Alternatively you can telephone us on +44 01480 222600.
How you can access your personal information
You have the right to ask for a copy of the personal information MASS holds relating to you. To do this please contact DPO@mass.co.uk or write to us at MASS, Enterprise House, Great North Road, Little Paxton, St Neots, Cambridgeshire, PE19 6BN. Alternatively you can telephone us on +44 01480 222600.
You also have the right to lodge a complaint about our processing of your personal data with the UK’s Information Commissioner’s Office https://ico.org.uk.
Keeping your data secure
When you give us personal information we take steps to ensure that it’s treated securely and strive to protect it on our internal systems and our secure server systems encrypt your information.
Contacting us via email
We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with government. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.
We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
Link to other websites
Our website may contain links to other websites run by other organisations. This privacy policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.
In addition, if you linked to our website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.
Cookie policy
You can read our cookie policy here.
Proud to be associated with
