MaSí – Grow Wild. Scale Smart. Stay YOU

  • Privacy Policy

    Personal data (usually referred to just as “data” below) will only be processed by us to the extent necessary and for the purpose of providing a functional and user-friendly website, including its contents, and the services offered there.

    Per Art. 4 No. 1 of Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (hereinafter referred to as the “GDPR”), “processing” refers to any operation or set of operations such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, restriction, erasure, or destruction performed on personal data, whether by automated means or not.

    The following privacy policy is intended to inform you in particular about the type, scope, purpose, duration, and legal basis for the processing of such data either under our own control or in conjunction with others. We also inform you below about the third-party components we use to optimize our website and improve the user experience, which may result in said third parties also processing data they collect and control.

    Our privacy policy is structured as follows:

    • I. Information about us as controllers of your data
    • II. The rights of users and data subjects
    • III. Information about the data processing

    I. Information about us as controllers of your data

    The party responsible for this website (the “controller”) for purposes of data protection law is:

    Isabella Rossi (individual)
    Email: hi@masi-growth.com

    II. The rights of users and data subjects

    With regard to the data processing to be described in more detail below, users and data
    subjects have the right

    • to confirmation of whether data concerning them is being processed, information about the data being processed, further information about the nature of the data processing, and copies of the data (Art. 15 GDPR);

    • to correct or complete incorrect or incomplete data (Art. 16 GDPR);

    • to the immediate deletion of data concerning them (Art. 17 GDPR), or, alternatively, if further processing is necessary, to restrict said processing (Art. 18 GDPR);

    • to receive copies of the data concerning them and/or provided by them and to have the same transmitted to other providers/controllers (Art. 20 GDPR);

    • to file complaints with the supervisory authority if they believe that data concerning them is being processed by the controller in breach of data protection provisions (Art. 77 GDPR).

    In addition, users have the right to object (Art. 21 GDPR) to the future processing of their data, particularly where the data is processed for direct advertising.

    III. Information about the data processing

    Your data processed when using our website will be deleted or blocked as soon as the purpose
    for its storage ceases to apply, provided no statutory storage obligations prevent this.

    1. Hosting (GreenGeeks)

    We use the hosting services of GreenGeeks, with servers located in the European Union, to provide the website and related infrastructure.

    When you access our site, the system automatically records information such as:

    • Browser type and version

    • Operating system

    • Referrer URL

    • IP address and time of access

    This data is technically necessary for the secure and stable operation of the website. The legal basis is Art. 6 para. 1 lit. f) GDPR. Log data is deleted automatically within a few days.

    A Data Processing Agreement (DPA) with GreenGeeks ensures GDPR compliance.

     

    2. Cookies & Tracking

    Our website uses cookies and similar technologies to improve your experience and to analyze traffic.

    • Essential cookies – Required for the website to function.

    • Analytics cookies – We use Google Analytics. Data may be transferred to the USA. We use IP anonymization and SCCs to safeguard this transfer.

    • Marketing cookies (future use) – For tools like Google Ads or retargeting.

    Legal basis:

    • Essential cookies → Art. 6 para. 1 lit. f) GDPR.

    • Analytics/marketing cookies → Art. 6 para. 1 lit. a) GDPR (consent).

    You can manage your preferences via our cookie banner or through your browser settings at any time.

     

    3. Emails & Communication (Google Workspace)

    We use Google Workspace (Google LLC, USA) for sending, receiving, and archiving emails. Data may be processed outside the EU.

    We have signed a DPA with Google and use Standard Contractual Clauses (SCCs) for international transfers.

    Legal bases:

    • Contract communication → Art. 6 para. 1 lit. b) GDPR.

    • Archiving (tax/commercial law) → Art. 6 para. 1 lit. c) GDPR.

     

    4. Founder Animal Quiz (Lovable + Supabase)

    If you take our quiz, we collect the answers you provide and your email address (required to send you the results).

    • Quiz built with Lovable

    • Data stored on Supabase servers located in the EU

    Legal basis:

    • Delivery of quiz results → Art. 6 para. 1 lit. b) GDPR.

    • Analytics (anonymous stats) → Art. 6 para. 1 lit. f) GDPR.

    Data is deleted once no longer needed unless legal retention applies.

     

    5. Booking Calls (Cal.com + Google Meet)

    When you book a call, we process your name, email address, and any other details you provide.

    • Scheduling: Cal.com

    • Video calls: Google Meet (Workspace)

    Legal basis:

    • Processing requests/contract → Art. 6 para. 1 lit. b) GDPR.

    • Our legitimate interest in efficient communication → Art. 6 para. 1 lit. f) GDPR.

     

    6. Newsletter (Brevo)

    • We use Brevo (Sendinblue GmbH, Germany) to send newsletters and updates.

    • We process your email address and track email performance (opens/clicks) in anonymized form.

    You can unsubscribe at any time via the link in each email.

    Legal basis:

    • Subscription → Art. 6 para. 1 lit. a) GDPR (consent).

    • Logging of consent → Art. 6 para. 1 lit. f) GDPR.

     

    7. CRM & Internal Tools

    We use the following tools for customer and project management:

    • Brevo CRM (EU servers)

    • Notion (Notion Labs Inc., USA)

    • Asana (Asana Inc., USA)

    • Slack (Slack Technologies LLC, USA)

    These tools may process personal data such as contact information and communication history.

    Transfers outside the EU are protected by Standard Contractual Clauses (SCCs).

    Legal basis: Art. 6 para. 1 lit. b) GDPR (contract) and Art. 6 para. 1 lit. f) GDPR (legitimate interest in efficient workflows).

     

    8. Social Media & Advertising

    • LinkedIn: We maintain an online presence on LinkedIn to share updates and interact with users. LinkedIn may process data outside the EU. See LinkedIn’s Privacy Policy.

    • Google Ads (future use): If activated, cookies will only be set with your consent (Art. 6 para. 1 lit. a) GDPR).

     

    9. Embedded Content (future use)

    • YouTube videos may be embedded. When you play a video, data is transferred to YouTube/Google.

    • Legal basis: Art. 6 para. 1 lit. a) GDPR (consent).

     

    10. Contract Processing

    If you enter into a contract with us, we process your data for performance and invoicing.

    Legal basis: Art. 6 para. 1 lit. b) GDPR.

    We retain data according to tax and commercial law obligations.

     

    Last updated: September 8, 2025