Privacy Policy

Last updated: February 17, 2026

1. Information We Collect

We collect information you provide directly when using masession:

  • Account details: name, email address, and a secure password hash.
  • User-generated content: clients, sessions, notes, and calendar integration details when enabled.
  • Technical data: logs needed for security, fraud prevention, and service reliability (such as IP and user-agent metadata).

2. How We Use Information

We use data to provide and maintain core app functionality:

  • Account access, authentication, and password resets.
  • Session tracking, client management, and billing summaries.
  • Data tools such as calendar sync and CSV import/export.
  • Security monitoring, abuse prevention, and performance operations.

3. Legal Bases for Processing

Where applicable (including for EU/UK users), we process personal data under one or more legal bases:

  • Performance of a contract (providing the service you request).
  • Legitimate interests (security, fraud prevention, product reliability).
  • Compliance with legal obligations.

4. Service Providers and Data Location

We rely on trusted third-party infrastructure providers to operate masession, including:

  • Cloudflare (hosting and D1 database operations).
  • Resend (transactional, account-related email delivery).
  • Operational tooling for monitoring and security.

Your data may be processed in countries outside your state or country of residence, where data-protection laws may differ.

5. Security

We implement technical and organizational safeguards, including HTTPS/TLS in transit, account access controls, and password hashing. Data is stored on infrastructure providers that use encryption at rest. No method of transmission or storage is guaranteed to be 100% secure.

6. Cookies and Tracking

We use essential authentication and session cookies required for login and app operation. We may also use browser storage for non-advertising product functionality. We do not use third-party advertising trackers.

7. Data Retention and Deletion

We retain account and workspace data while your account remains active and as needed for legitimate business, legal, and security purposes. You may request deletion of your account and associated data.

8. Your Rights and Choices

Depending on your location, you may have rights to access, correct, delete, or object to certain uses of your data. To exercise your rights, contact us at support@masession.com.

9. Data Breach Notification

If we confirm a data breach affecting personal information, we will provide notice to affected users and regulators when required by applicable law, and as promptly as reasonably possible.

10. Children's Privacy

masession is not intended for children under 16, and we do not knowingly collect personal information from children under 16.

11. Data Controller and Contact

masession acts as the data controller for account data processed through this service. For privacy or data requests, contact support@masession.com.

12. Changes to This Policy

We may update this Privacy Policy to reflect product, operational, or legal changes. Material updates will be reflected by the date at the top of this page.

Back to home