Privacy Policy

Article 1. General

massadesk provides software for organizations to manage work orders, scheduling, team operations, locations, assets, parts, procedures, and tasks.

When an organization uses massadesk, that organization controls the operational data entered into its workspace. In that context, massadesk generally acts as a service provider or processor. For account administration, billing, and direct support interactions, massadesk acts as a controller or business under applicable laws.

Article 2. Information We Collect

We collect information in the following categories:

• Account and profile data: full name, email address, password, timezone, profile photo, and language preferences.
• Organization and operational data: organization details, work orders, schedule blocks, procedures, tasks, status updates, tags, priorities, comments, and related records.
• Location and mapping data: job site details such as addresses, latitude/longitude coordinates, and submitted field team coordinates.
• Asset and inventory data: asset records, part records, assignments, and related operational history.
• Contact information entered in the platform: phone numbers, emails, and contact details associated with locations and operations.
• Files and attachments: files uploaded to support operations (for example, images or documents linked to assets, parts, or locations).
• Billing and subscription data: plan, subscription status, billing cycle dates, invoice and transaction metadata. Payment card details are typically processed by our payment providers, not stored directly by massadesk.
• Technical and usage data: device/browser information, IP address, log data, and service diagnostics.

Article 3. Purposes of Processing

We process personal data to:

• Provide, operate, and maintain the platform.
• Authenticate users, manage access rights, and support organization-level administration.
• Enable work order dispatching, scheduling, operational tracking, and map-based coordination.
• Process subscriptions, billing events, and related support.
• Monitor reliability, detect misuse, and improve security.
• Provide customer support and communicate service updates.
• Comply with legal obligations and enforce our terms.

Article 4. Legal Bases for Processing

Where required by applicable law, we rely on legal bases such as:

• Contractual necessity: to provide the service requested by customers and users.
• Legitimate interests: to secure, maintain, and improve the platform and customer experience.
• Legal obligations: to comply with applicable laws, regulations, and valid legal requests.
• Consent: where processing depends on consent, which may be withdrawn where permitted.

Article 5. Sharing and Subprocessors

We may share information with:

• Service providers and subprocessors that support hosting, infrastructure, analytics, support, communications, and payment operations.
• Authorized users in your organization according to your organization's permissions and configuration.
• Authorities or counterparties when required to comply with law, regulation, legal process, or enforceable requests.
• Successors in a corporate transaction such as a merger, acquisition, reorganization, or asset transfer.

We do not provide personal data to third parties for their own independent direct marketing purposes.

Article 6. International Data Transfers

massadesk may process data in countries other than the country where it was collected. Where required, we use appropriate legal mechanisms and safeguards for cross-border data transfers.

Article 7. Data Retention

We retain personal data for as long as necessary to provide the service, fulfill contractual obligations, resolve disputes, enforce agreements, and comply with legal requirements. Retention periods may vary by data type and legal context.

Article 8. Security

We implement technical and organizational measures designed to protect personal data, including access controls, monitoring, and security practices appropriate to the nature of the data and the service. No method of transmission or storage is fully secure, and we cannot guarantee absolute security.

Article 9. Your Privacy Rights

Depending on your location, you may have rights to access, correct, delete, restrict, object to processing, or request portability of your personal data.

For users in the United States, applicable state laws may provide rights to know, access, correct, delete, and appeal certain privacy decisions, and rights related to certain types of sharing.

For users in the EEA and UK, you may have rights under GDPR or UK GDPR, including the right to lodge a complaint with your local supervisory authority.

To exercise privacy rights, use the contact method in Article 11. We may need to verify your identity before completing a request.

Article 10. Updates to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date and, where required, provide additional notice.

Article 11. Contact

For privacy questions or requests, please use our Contact Form.