Contact us

Privacy Notice

Effective date: 23 December 2025

This Privacy Notice (“Privacy Notice”) for VERIDION LLC (“Massiva”, “Company”, “we”, “us”, “our”) describes how and why we might collect, store, use, and/or share (“process”) your data when you:

Visit our website at https://massiva.com, or any website that links to this Privacy Notice; and/or Register for, access, or use Massiva’s web interface and related features (including account registration and login) (together, the “Services”); and/or Engage with us in other related ways, including customer support.

By using the Services, you acknowledge this Privacy Notice. We process personal data only as needed to provide and secure the Services, to communicate with you, and for other purposes described here. We will request consent only where required by law (e.g., certain marketing).

Questions or concerns? Reading this Privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at private@massiva.com .

Summary of key points
  • Who is the data controller?

    VERIDION LLC is the controller for personal data described in this Privacy Notice when we process it on our own behalf (e.g., website operation, account administration, support, security).

  • Do we process sensitive personal data?

    We do not intend to process special-category/sensitive personal data. Please do not send it to us.

  • Do we process “end-user” data on behalf of customers?

    Yes. When our customers use Massiva to send messages, we process certain data about message recipients only on customers’ instructions (we act as processor for that data). If you are a recipient of messages sent via Massiva, please contact the sender (our customer) to exercise your rights.

  • Do we receive data from third parties?

    We may receive data from public databases, marketing partners, social media platforms, and other outside sources.

  • Do we use cookies/trackers?

    Yes. We use cookies and similar technologies, including Google Analytics and Facebook technologies, subject to your cookie choices.

  • How do we process your data?

    We process your data to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with the law. We may also process your data for other purposes with your consent.

  • Do we transfer personal data internationally?

    We may operate globally and may involve cross-border processing; where GDPR/UK GDPR applies, we use appropriate safeguards.

  • How long do we keep data?

    We keep personal data only as long as necessary for the purposes described, unless law requires longer.

  • What are your rights?

    In general, you have the following rights concerning the processing of your personal data:

    • The right to request access to your personal data
    • The right to request the rectification of inaccurate data
    • In specific cases, the right to request the deletion of some of your data
    • In specific cases, the right to request the limitation of the processing carried out by us
    • The right to object to the processing of your data on grounds relating to your particular situation or, irrespective of your situation, to the use of your data for direct marketing purposes
    • The right to receive the data you have provided and/or to request that it be transmitted to another data controller
    • The right to determine the fate of your data after your death

    You also have the right to withdraw your consent to the processing of your data at any time when consent is the legal basis for processing.


    If you have a privacy concern, please contact us first at privacy@cut0.com (or your chosen contact). You also have the right to lodge a complaint with your local data protection authority where applicable.

  • How do you exercise your rights?

    The easiest way to exercise your rights is by contacting us. We will handle requests in accordance with applicable laws. Note: Saint Vincent and the Grenadines has enacted a Privacy Act (2003), but it has not been brought into force and no operational data-protection supervisory authority currently exists. If local law where you live provides a supervisory authority (e.g., in the EU/UK), you may also contact it.

  • Want to learn more about what Massiva does with any data we collect?

    Review the Privacy Notice in full below.

TABLE OF CONTENTS:

  • WHAT DATA DO WE COLLECT?
  • HOW DO WE PROCESS YOUR DATA?
  • WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR PERSONAL DATA?
  • WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL DATA?
  • WHAT IS OUR STANCE ON THIRD-PARTY WEBSITES?
  • DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
  • IS YOUR DATA TRANSFERRED INTERNATIONALLY?
  • HOW LONG DO WE KEEP YOUR DATA?
  • HOW DO WE KEEP YOUR DATA SAFE?
  • DO WE COLLECT DATA FROM MINORS?
  • WHAT ARE YOUR PRIVACY RIGHTS?
  • CONTROLS FOR DO-NOT-TRACK FEATURES
  • DO WE MAKE UPDATES TO THIS NOTICE?
  • HOW CAN YOU CONTACT US ABOUT THIS NOTICE?
1. WHAT DATA DO WE COLLECT?
1.1. Personal data you disclose to us

We collect personal data that you voluntarily provide when you register on our Services, show interest in our products or Services, participate in activities on the Services, or otherwise contact us.

The personal data we collect depends on the context of your interactions with us and the Services, the choices you make, and the features you use. Usually, we collect the following data, necessary for the Service provision and account registration:

  • First name, last name, email address, password, payment methods used;
  • business profile data (e.g., company/organization name);
  • support and communications data (e.g., the content of your messages to us, timestamps, and related metadata).

However, the personal data we collect may also include:

  • Identification data: IP address, user ID;
  • Interaction data: history of our email exchanges and support ticket history, time and date of specific actions performed in our service like link created, user created, etc.;
  • Communication data: Data related to the processing of emails and communications sent to you, such as timestamps and dates.
1.2. Processing end-user data on behalf of our customers

Massiva provides messaging Services to business customers. When customers upload/import contact data or send messages via Massiva, we may process message-recipient (“end-user”) data such as phone numbers and channel identifiers (e.g., WhatsApp identifiers, Telegram usernames/chat IDs) and delivery/call metadata solely to provide the Services to the customer and only on the customer’s instructions.

In these scenarios:

  • the customer is the data controller for end-user data;
  • Massiva acts as a data processor; and
  • end-users should review the customer’s privacy notice and contact the customer for rights requests.
1.3. Information automatically collected

We automatically collect certain data when you visit, use, or navigate the Services. This data does not reveal your specific identity but may include device and usage data such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This data is primarily needed to maintain the security and operation of our Services and for our internal analytics and reporting purposes.

Like many businesses, we also collect data through cookies and similar technologies. More details can be found in our Cookie Policy: https://cmsmassiva.cmstests24.com/cookie-policy .

The data we collect automatically may include:

  • log and usage data. This is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services. This log data may include your IP address, device data, the pages visited on our website, the website from which our website was accessed, subsequent websites accessed via our website, the transmitted amount of data, the access status (file transmission, file not found, etc.), the operating system used, browser type, settings and version, and information about your activity in the Services (such as date/time stamps, pages and files viewed, searches, and other actions);
  • device data: Information about your computer, phone, tablet, or other device used to access the Services. This data may include IP address (or proxy server), device and application identification numbers, location, browser type, hardware model, internet service provider and/or mobile carrier, operating system, and system configuration information;
  • approximate location/country: Information about your device’s location, which can be either precise or imprecise, depending on the type and settings of the device used to access the Services. For example, we may use GPS and other technologies to collect geolocation data. You can opt out of allowing us to collect this information by refusing access or disabling your Location setting on your device. However, opting out may restrict your use of certain aspects of the Services.

We may shorten/truncate IP addresses where feasible for security and operational needs.

Temporary storage of data is necessary for website visits to enable delivery of the website. Further storage of log files ensures website functionality and IT system security (especially to prevent DDoS attacks). Unless specified otherwise, your IP address will be shortened as soon as possible so that identification is no longer possible. The legal basis for temporary storage is to provide you with our website to fulfill a contract or process pre-contractual measures. Further storage with a shortened IP address is based on our legitimate interest to protect our IT systems. Personal evaluation of the data, especially for marketing purposes, does not occur without prior consent.

We may also run lightweight browser scripts (such as Google eCapture) for the sole purpose of distinguishing human users from bots. These scripts execute locally and do not collect or transmit device-specific information. They produce a real-time score used to maintain the functionality and security of our Services.

1.4. Payment Data

We use third-party payment providers to process payments. When you pay, these providers receive payment details directly. They act as independent controllers for certain activities (e.g., fraud prevention, regulatory checks) per their privacy notices. We engage providers under contracts that require appropriate safeguards. Please note that we do not assume responsibility for any actions taken by the respective payment providers with regard to your personal data.

1.5. Sensitive Information

We do not process sensitive data.

2. HOW DO WE PROCESS YOUR DATA?

We handle your data to provide, enhance, and manage our Services, communicate with you, ensure security and fraud prevention, and comply with legal requirements. We may also use your data for other purposes with your consent.

We process your personal data for various reasons, based on how you interact with our Services, including:

  • Account Creation and Management: We may use your data to help you create and log in to your account, and to maintain your account’s functionality.
  • Service Delivery: We may use your data to provide the services you have requested.
  • Customer Support: We may use your data to respond to your inquiries and resolve any issues related to the services you have requested.
  • Administrative Communications: We may use your data to send you important information about our products, services, changes to our terms and policies, and other similar notifications.
  • Order Fulfillment: We may use your data to process and manage your orders, payments, returns, and exchanges made through our Services.
  • User-to-User Communications: We may use your data if you use any features that allow communication with other users.
  • Feedback Requests: We may use your data to request feedback and to contact you about your experience with our Services.
  • Marketing Communications: We may use your personal data to send you marketing and promotional messages, according to your marketing preferences. You can opt out of our marketing emails at any time. For more information, see “WHAT ARE YOUR PRIVACY RIGHTS?” below.
  • Targeted Advertising: We may use your data to create and display personalized content and ads tailored to your interests and location. For more information, see our Cookie Policy: https://cmsmassiva.cmstests24.com/cookie-policy .
  • Bot Protection (eCapture): We use lightweight, client-side bot-detection that runs in your browser and returns a risk score we use to protect our Services. We do not use this feature to build user profiles or for advertising. Where EU/UK laws apply, we rely on our legitimate interests in security and on exemptions for measures strictly necessary to maintain the integrity and availability of our Services (Article 6(1)(f) GDPR).
  • Service Protection: We may use your data to ensure the security of our Services, including monitoring for fraud.
  • Usage Analysis: We may use information about how you use our Services to better understand usage patterns and improve our offerings.
  • Marketing Effectiveness: We may use your data to assess the success of our marketing and promotional efforts and make them more relevant to you.
  • Vital Interests: We may process your data when necessary to protect an individual’s vital interests, such as preventing harm.

We do not use your website/account data to send newsletters or marketing emails at this stage.

3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR PERSONAL DATA?

While the Saint Vincent and the Grenadines Privacy Act, 2003 has been enacted but is not yet in force, we follow its underlying principles and comparable international standards. We respect the privacy laws of other jurisdictions and align our practices with the EU GDPR (and UK GDPR) as globally recognized benchmarks. We process your personal data only when necessary and when we have a valid legal reason (i.e., legal basis) to do so.

Where laws such as the EU GDPR or UK GDPR apply, we identify a legal basis for each processing purpose. In general, we rely on:

  • Performance of a Contract: We may process your data when necessary to fulfill our contractual obligations to you, including providing our services or acting on your requests before entering into a contract;
  • Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests, and these interests do not override your rights and freedoms. For example, we might process your personal data to:
    • Send you information about special offers and discounts on our products and services;
    • Develop and display personalized and relevant advertising content for our users;
    • Analyze how our services are used to improve them and enhance user engagement;
    • Support our marketing activities;
    • Diagnose problems and prevent fraudulent activities;
    • Understand how users interact with our products and services to improve user experience;
    • Detect and prevent malicious automated access attempts (e.g., bot traffic) through technical measures such as local risk assessment tools (e.g., eCapture);
  • Legal Obligations: We may process your data when necessary to comply with our legal obligations, such as cooperating with law enforcement or regulatory agencies, exercising or defending our legal rights, or providing your data as evidence in legal proceedings;
  • Vital Interests: We may process your data when necessary to protect your vital interests or those of a third party, such as in situations involving potential threats to the safety of any person;
  • Consent: We may process your data if you have given us permission (i.e., consent) to use your personal data for a specific purpose. You can withdraw your consent at any time.

In legal terms, we are generally the “data controller” in terms of European data protection laws for the personal data described in this Privacy Notice, as we determine the means and purposes of the data processing we perform. This Privacy Notice does not apply to the personal data we process as a “data processor” on behalf of our customers. In those cases, the customer to whom we provide services and with whom we have entered into a data processing agreement is the “data controller” responsible for your personal data, and we merely process your data on their behalf according to their instructions. To understand more about our customers’ privacy practices, you should read their privacy policies and direct any questions to them.

This Privacy Notice does not govern end-user data processed as processor on behalf of customers (see Section 1.2).

If you are located in Canada, this section applies to you (in addition to the preceding section):
We may process your personal data if you have provided explicit consent for a specific purpose, or where your consent can be reasonably inferred. You may withdraw your consent at any time.
In certain exceptional circumstances, we may legally process your data without your consent under applicable laws, including but not limited to:

  • Individual’s Best Interests: If collecting the information is clearly in the best interests of an individual and consent cannot be obtained in a timely manner.
  • Investigations and Fraud Prevention: For the purposes of investigations and detecting or preventing fraud.
  • Business Transactions: In the context of business transactions, provided certain conditions are met.
  • Witness Statements: If the information is in a witness statement and is necessary to assess, process, or settle an insurance claim.
  • Identifying Persons: For identifying injured, ill, or deceased individuals and communicating with their next of kin.
  • Financial Abuse: If we have reasonable grounds to believe an individual has been, is, or may be a victim of financial abuse.
  • Investigations and Legal Compliance: If obtaining consent would compromise the availability or accuracy of the information and the collection is reasonable for investigating a breach of an agreement or a violation of Canadian or provincial laws.
  • Legal Obligations: If disclosure is required to comply with a subpoena, warrant, court order, or rules of the court concerning the production of records.
  • Employment, Business, or Professional Context: If the information was produced by an individual during their employment, business, or profession, and the collection is consistent with the purposes for which the information was produced.
  • Journalistic, Artistic, or Literary Purposes: If the collection is solely for journalistic, artistic, or literary purposes.
  • Publicly Available Information: If the information is publicly available and specified by regulations.
4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL DATA?

We may share the personal data we collect with your consent as well as under the following limited conditions:

  • Within Our Company: We may share data with any department or authorized personnel within our Company or any member company within our group, which includes any subsidiary or holding company as defined by laws of Saint Vincent and the Grenadines.
  • With Business Partners, Suppliers, and Sub-contractors: We may share data with business partners, suppliers, and sub-contractors to perform any contract we enter into with them or with you in relation to the Services.
  • With Service Providers: We may share data with service providers who perform data services on our behalf or assist us in improving and optimizing our website.
  • Business Transactions: We may share data with any person or entity as part of a business or asset sale, equity transaction, merger, acquisition, or in preparation for any such events.
  • Legal Obligations: We may disclose your personal data to comply with any law, legal obligation, or court order, or to enforce rights under any law or other agreements.
  • Protection of Rights: We may share data to protect our rights, property, or safety, as well as the rights, property, or safety of our customers or others.

We do not sell your personal data.

5. WHAT IS OUR STANCE ON THIRD-PARTY WEBSITES?

We are not accountable for the security of any information you share with third parties that we link to or who advertise on our Services but are not affiliated with us.

Our Services, including any offer walls, may contain links to third-party websites, online services, or mobile applications and/or include advertisements from third parties not affiliated with us. These third-party links and advertisements may direct you to other websites, services, or applications. We make no guarantees regarding these third parties, and we will not be responsible for any loss or damage resulting from your use of these third-party websites, services, or applications.

The presence of a link to a third-party website, service, or application does not imply our endorsement. We cannot ensure the safety and privacy of data you provide to any third parties. Information collected by third parties is not covered by this Privacy Notice. We are not responsible for the content, privacy, or security practices and policies of any third parties, including other websites, services, or applications that may be linked to or from our Services. You should review the privacy policies of such third parties and contact them directly if you have any questions or concerns.

6. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

Yes. We use cookies and similar technologies (e.g., pixels) to operate the website, keep it secure, and (subject to your choices) understand usage and measure effectiveness. We employ cookies and similar tracking technologies (such as web beacons and pixels) to access or store information. For details and cookie controls, see our Cookie Policy (to be published at https://cmsmassiva.cmstests24.com/cookie-policy ).

We may also use anti-bot detection scripts, such as Google eCapture, that run locally in your browser to detect potentially automated activity. These scripts do not access or transmit any personal or device-identifying information. They operate without the use of cookies or persistent storage and return only an anonymous score to help us assess whether an interaction is likely initiated by a human. Based on guidance under the ePrivacy Directive, this functionality may be exempt from consent requirements where it is strictly necessary for service integrity and security.

7. IS YOUR DATA TRANSFERRED INTERNATIONALLY?

We operate globally. Personal data may be processed outside your country of residence (including the United States) depending on how the Services are delivered and which vendors are involved.

Where we receive personal data from the EEA/UK (and comparable regimes), we implement appropriate safeguards (such as European Commission Standard Contractual Clauses and/or the UK IDTA/Addendum, as applicable) and take steps to ensure transfers comply with applicable law.

8. HOW LONG DO WE KEEP YOUR DATA?

We retain personal data for as long as necessary to achieve the purposes described in this Privacy Notice, unless a longer retention period is required or permitted by law (e.g., for compliance, accounting, or legal claims).

When we no longer have a legitimate business need to process personal data, we will delete or anonymize it.

9. HOW DO WE KEEP YOUR DATA SAFE?

We strive to protect your personal data using a combination of organizational and technical security measures.

We have put in place appropriate and reasonable technical and organizational safeguards designed to protect the security of any personal data we process. However, despite our efforts to secure your data, no method of electronic transmission over the Internet or method of information storage can be guaranteed to be 100% secure. Thus, we cannot guarantee that hackers, cybercriminals, or other unauthorized parties will not be able to breach our security and improperly access, steal, or alter your data. While we will make every effort to safeguard your personal data, transmitting personal data to and from our Services is at your own risk. You should access the Services only within a secure environment.

10. DO WE COLLECT DATA FROM MINORS?

The Services are not intended for individuals under 18, and we do not knowingly collect personal data from minors. By using the Services, you affirm that you are at least 18 years old or that you are the parent or guardian of a minor and consent to their use of the Services. If we discover that we have collected personal data from users under the age of 18, we will deactivate the account and take reasonable steps to promptly delete the data from our records. If you become aware of any data, we may have gathered from children under 18, please contact us at privacy@massiva.com .

11. WHAT ARE YOUR PRIVACY RIGHTS?

You have certain legal rights concerning your personal data and how it is processed. Please, read the legal grounds we rely on to handle your personal data in the “Legal bases” section hereinabove and an overview of your privacy rights hereinbelow.

If you have questions or need more details about the legal basis for processing your data, please contact us using the “How Can You Contact Us” section below.

Your rights:

  • Access your data: You have the right to know whether we are processing your personal data and, if so, to access the your data detailed in this Privacy Notice. You can also request a copy of your data. Submit requests at privacy@massiva.com . We may need to verify your identity and might ask for additional details to locate your data.
  • Restrict processing: You can request that we limit the processing of your data in specific situations, such as if you contest its accuracy, if the processing is unlawful but you oppose deletion, if we no longer need the data but you require it for legal claims, or if you object to the processing pending verification of our legitimate grounds.
  • Correct your data: You have the right to request corrections to any inaccurate data and to complete any incomplete data.
  • Delete your data: You can request deletion of your personal data if it is no longer needed for the purposes it was collected, if we lack a legal basis for using it, if we are obligated by law to delete it, if you withdraw consent, or if you object to processing based on our legitimate interests and there are no overriding reasons for processing. Note that this right is not absolute, and we may need to retain some your data for legal obligations or administrative purposes, such as record-keeping or detecting fraud. Data will be retained as outlined in the “How Long We Keep Your Personal Data” section above.
  • Object to processing: You can object to the processing of your data when it is based on our legitimate interests or your consent.
  • Data portability: You can request a copy of your data in a structured, commonly used, machine-readable format and ask us to transfer it to another data controller. This right applies to data processed based on your consent or for performing a contract with you.
  • Posthumous data management: You have the right to determine the status of your data after your passing. This includes specifying whether your data should be deleted, retained, or transferred to a designated individual.

You have the right, at any time, to revoke your consent to the processing of your data when this has your consent as its legal basis. To exercise any of these rights, please contact us as described in the “How Can You Contact Us” section below.

Rights vary by jurisdiction. Depending on where you live, you may have some or all of the rights listed below. We will honor requests as required by applicable law. Some rights (e.g., posthumous directives or portability) apply only in certain places.

Filing a Complaint. If you have concerns about how we process your personal data, contact us at privacy@massiva.com (or your chosen contact), and we will try to resolve your issues. You also have the right to lodge a complaint with your local data protection authority where applicable.

Important: if you are an end-user/recipient of messages sent by one of our customers, and the request concerns that customer’s messaging activity, please contact the sender/customer directly (they are the controller for that processing).

To exercise rights related to data we control, contact privacy@massiva.com . We may need to verify your identity.

12. CONTROLS FOR DO-NOT-TRACK FEATURES

Many web browsers and some mobile operating systems and applications offer a Do-Not-Track (“DNT”) feature or setting you can activate to indicate that you do not want your online browsing activities monitored and collected. Currently, there is no universally accepted standard for recognizing and implementing DNT signals. Therefore, we do not respond to DNT browser signals or any other mechanism that automatically communicates your preference not to be tracked online. If a uniform standard for online tracking is established and we are required to comply, we will update you about that practice in a revised version of this Privacy Notice.

13. DO WE MAKE UPDATES TO THIS NOTICE?

We may periodically update this Privacy Notice. The new version will be identified by a “Revised” date and will become effective as soon as it is posted. If we make significant changes to this Privacy Notice, we may notify you by prominently posting a notice of the changes or by sending you a direct notification. We recommend that you review this Privacy Notice regularly to stay informed about how we are safeguarding your information.

14. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

Email: privacy@massiva.com

Postal address (controller): VERIDION LLC, Richmond Hill Road, Euro House, Kingstown, Saint Vincent and the Grenadines.